[ZendTo] Username Locked Out Forever
Jules
Jules at Zend.To
Fri Aug 19 17:13:41 BST 2016
Stewart,
Oops! I'll take a look into this one as soon as I can. I suspect you're
right, but I want to walk it through the code manually to confirm.
Thanks!
Jules.
On 19/08/2016 16:41, Stewart Campbell wrote:
>
> In MySQL->DBLoginlogLength we have the following query
>
> $query = sprintf("SELECT count(*) FROM loginlog
>
> WHERE username = '%s' AND created > '%u'",
>
> $this->database->real_escape_string(strtolower($user)),
>
> $since);
>
> The trouble is, $since is passed (in
> NSSDropbox->userFromAuthentication at least) from the preferences.php
> file which in my config is set to 86400. So we are basically saying
> where the username is in the loginlog table from 1970.
>
> I think this needs to be changed to (time() - $since). I see the same
> function in SQLLite & SQLLite3.php files. Not sure if this is a
> similar problem.
>
>
>
> _______________________________________________
> ZendTo mailing list
> ZendTo at zend.to
> http://mailman.ecs.soton.ac.uk/mailman/listinfo/zendto
Jules
--
Julian Field MEng MBCS CITP CEng
'Give a man a fish, and you feed him for a day.
Teach a man to fish, and he'll sit in a boat and drink beer all day.'
- Anon
www.Zend.To
Twitter: @JulesFM
PGP footprint: EE81 D763 3DB0 0BFD E1DC 7222 11F6 5947 1415 B654
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.ecs.soton.ac.uk/pipermail/zendto/attachments/20160819/9c4d3aff/attachment.html
More information about the ZendTo
mailing list