aboutsummaryrefslogtreecommitdiffstats
path: root/phpBB/install/database_update.php
diff options
context:
space:
mode:
authorNils Adermann <naderman@naderman.de>2011-06-10 12:02:59 +0200
committerNils Adermann <naderman@naderman.de>2011-06-10 12:18:19 +0200
commit2dee57fd43ebe1cf1f43fb0161cdd5f072eeaa63 (patch)
tree3c50ada87cc79e7488cb68a57d52dd3494d985ed /phpBB/install/database_update.php
parentfc9b12669145f72414eb45bbb73860099c6cecef (diff)
downloadforums-2dee57fd43ebe1cf1f43fb0161cdd5f072eeaa63.tar
forums-2dee57fd43ebe1cf1f43fb0161cdd5f072eeaa63.tar.gz
forums-2dee57fd43ebe1cf1f43fb0161cdd5f072eeaa63.tar.bz2
forums-2dee57fd43ebe1cf1f43fb0161cdd5f072eeaa63.tar.xz
forums-2dee57fd43ebe1cf1f43fb0161cdd5f072eeaa63.zip
[ticket/9992] Adding a limit on login attempts per IP.
A new table was created to save all failed login attempts with corresponding information on username, ip and useragent. By default the limit is 50 login attempts within 6 hours per IP. The limit is relatively high to avoid big problems on sites behind a reverse proxy that don't receive the forwarded-for value as REMOTE_ADDR but see all users as coming from the same IP address. But if these users run into problems a special forwarded-for option is available to limit logins by forwarded-for value instead of ip. PHPBB3-9992
Diffstat (limited to 'phpBB/install/database_update.php')
-rw-r--r--phpBB/install/database_update.php39
1 files changed, 38 insertions, 1 deletions
diff --git a/phpBB/install/database_update.php b/phpBB/install/database_update.php
index 77b5f44502..24a69ab99b 100644
--- a/phpBB/install/database_update.php
+++ b/phpBB/install/database_update.php
@@ -916,9 +916,29 @@ function database_update_info()
'3.0.7-PL1' => array(),
// No changes from 3.0.8-RC1 to 3.0.8
'3.0.8-RC1' => array(),
-
// Changes from 3.0.8 to 3.0.9-RC1
'3.0.8' => array(
+ 'add_tables' => array(
+ LOGIN_ATTEMPT_TABLE => array(
+ 'COLUMNS' => array(
+ 'attempt_id' => array('UINT', NULL, 'auto_increment'),
+ 'attempt_ip' => array('VCHAR:40', ''),
+ 'attempt_browser' => array('VCHAR:150', ''),
+ 'attempt_forwarded_for' => array('VCHAR:255', ''),
+ 'attempt_time' => array('TIMESTAMP', 0),
+ 'user_id' => array('UINT', 0),
+ 'username' => array('VCHAR_UNI:255', 0),
+ 'username_clean' => array('VCHAR_CI', 0),
+ ),
+ 'PRIMARY_KEY' => 'attempt_id',
+ 'KEYS' => array(
+ 'attempt_ip' => array('INDEX', array('attempt_ip', 'attempt_time')),
+ 'attempt_forwarded_for' => array('INDEX', array('attempt_forwarded_for', 'attempt_time')),
+ 'attempt_time' => array('INDEX', array('attempt_time')),
+ 'user_id' => array('INDEX', 'user_id'),
+ ),
+ ),
+ ),
'change_columns' => array(
BBCODES_TABLE => array(
'bbcode_id' => array('USINT', 0),
@@ -1870,6 +1890,10 @@ function change_database_data(&$no_updates, $version)
// Changes from 3.0.8 to 3.0.9-RC1
case '3.0.8':
+ set_config('ip_login_limit_max', '50');
+ set_config('ip_login_limit_time', '21600');
+ set_config('ip_login_limit_use_forwarded', '0');
+
// Update file extension group names to use language strings, again.
$sql = 'SELECT group_id, group_name
FROM ' . EXTENSION_GROUPS_TABLE . '
@@ -2516,6 +2540,19 @@ class updater_db_tools
$sqlite = true;
}
+ // Add tables?
+ if (!empty($schema_changes['add_tables']))
+ {
+ foreach ($schema_changes['add_tables'] as $table => $table_data)
+ {
+ $result = $this->sql_create_table($table, $table_data);
+ if ($this->return_statements)
+ {
+ $statements = array_merge($statements, $result);
+ }
+ }
+ }
+
// Change columns?
if (!empty($schema_changes['change_columns']))
{