[ZendTo] Username Locked Out Forever
Stewart Campbell
Stewart.Campbell at pulsion.co.uk
Fri Aug 19 16:41:03 BST 2016
In MySQL->DBLoginlogLength we have the following query
$query = sprintf("SELECT count(*) FROM loginlog
WHERE username = '%s' AND created > '%u'",
$this->database->real_escape_string(strtolower($user)),
$since);
The trouble is, $since is passed (in NSSDropbox->userFromAuthentication at least) from the preferences.php file which in my config is set to 86400. So we are basically saying where the username is in the loginlog table from 1970.
I think this needs to be changed to (time() - $since). I see the same function in SQLLite & SQLLite3.php files. Not sure if this is a similar problem.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.ecs.soton.ac.uk/pipermail/zendto/attachments/20160819/1dd9755d/attachment.html
More information about the ZendTo
mailing list