From 32c8d0c3f837950518f886ed9baef00e98740049 Mon Sep 17 00:00:00 2001 From: Lukas Fleischer Date: Sun, 13 Mar 2016 11:37:48 +0100 Subject: Store last login address as plain text Directly store the information contained in $_SERVER['REMOTE_ADDR'] instead of using ip2long() which does not support IPv6 addresses. Note that the LastLoginIPAddress field is designed to be used by the administrator on rare occasions only (e.g. to fight spam) and is not displayed anywhere. Fixes FS#48557. Signed-off-by: Lukas Fleischer --- web/lib/acctfuncs.inc.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'web/lib') diff --git a/web/lib/acctfuncs.inc.php b/web/lib/acctfuncs.inc.php index b39420f..2d70f65 100644 --- a/web/lib/acctfuncs.inc.php +++ b/web/lib/acctfuncs.inc.php @@ -554,8 +554,8 @@ function try_login() { } $q = "UPDATE Users SET LastLogin = UNIX_TIMESTAMP(), "; - $q.= "LastLoginIPAddress = " . $dbh->quote(ip2long($_SERVER['REMOTE_ADDR'])) . " "; - $q.= "WHERE ID = '$userID'"; + $q.= "LastLoginIPAddress = " . $dbh->quote($_SERVER['REMOTE_ADDR']) . " "; + $q.= "WHERE ID = $userID"; $dbh->exec($q); /* Set the SID cookie. */ -- cgit v1.2.3-70-g09d2