[ZendTo] Username Locked Out Forever
Jules
Jules at Zend.To
Wed Nov 2 15:21:18 GMT 2016
Stewart,
I disagree on this one. In the call in NSSDropbox.php, the time value
passed is
time()-$this->_loginFailTime
so the "created > '%u'" test is what I wanted to do.
Agreed? :)
Cheers,
Jules.
On 19/08/2016 16:41, Stewart Campbell wrote:
>
> In MySQL->DBLoginlogLength we have the following query
>
> $query = sprintf("SELECT count(*) FROM loginlog
>
> WHERE username = '%s' AND created > '%u'",
>
> $this->database->real_escape_string(strtolower($user)),
>
> $since);
>
> The trouble is, $since is passed (in
> NSSDropbox->userFromAuthentication at least) from the preferences.php
> file which in my config is set to 86400. So we are basically saying
> where the username is in the loginlog table from 1970.
>
> I think this needs to be changed to (time() - $since). I see the same
> function in SQLLite & SQLLite3.php files. Not sure if this is a
> similar problem.
>
>
>
> _______________________________________________
> ZendTo mailing list
> ZendTo at zend.to
> http://mailman.ecs.soton.ac.uk/mailman/listinfo/zendto
Jules
--
Julian Field MEng MBCS CITP CEng
'I never saw a wild thing
Sorry for itself.' - D.H. Lawrence
www.Zend.To
Twitter: @JulesFM
PGP footprint: EE81 D763 3DB0 0BFD E1DC 7222 11F6 5947 1415 B654
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.ecs.soton.ac.uk/pipermail/zendto/attachments/20161102/31660963/attachment.html
More information about the ZendTo
mailing list