diff options
author | Nils Adermann <naderman@naderman.de> | 2011-06-10 12:02:59 +0200 |
---|---|---|
committer | Nils Adermann <naderman@naderman.de> | 2011-06-10 12:18:19 +0200 |
commit | 2dee57fd43ebe1cf1f43fb0161cdd5f072eeaa63 (patch) | |
tree | 3c50ada87cc79e7488cb68a57d52dd3494d985ed /phpBB/install/database_update.php | |
parent | fc9b12669145f72414eb45bbb73860099c6cecef (diff) | |
download | forums-2dee57fd43ebe1cf1f43fb0161cdd5f072eeaa63.tar forums-2dee57fd43ebe1cf1f43fb0161cdd5f072eeaa63.tar.gz forums-2dee57fd43ebe1cf1f43fb0161cdd5f072eeaa63.tar.bz2 forums-2dee57fd43ebe1cf1f43fb0161cdd5f072eeaa63.tar.xz forums-2dee57fd43ebe1cf1f43fb0161cdd5f072eeaa63.zip |
[ticket/9992] Adding a limit on login attempts per IP.
A new table was created to save all failed login attempts with
corresponding information on username, ip and useragent. By default
the limit is 50 login attempts within 6 hours per IP. The limit is
relatively high to avoid big problems on sites behind a reverse
proxy that don't receive the forwarded-for value as REMOTE_ADDR but
see all users as coming from the same IP address. But if these
users run into problems a special forwarded-for option is available
to limit logins by forwarded-for value instead of ip.
PHPBB3-9992
Diffstat (limited to 'phpBB/install/database_update.php')
-rw-r--r-- | phpBB/install/database_update.php | 39 |
1 files changed, 38 insertions, 1 deletions
diff --git a/phpBB/install/database_update.php b/phpBB/install/database_update.php index 77b5f44502..24a69ab99b 100644 --- a/phpBB/install/database_update.php +++ b/phpBB/install/database_update.php @@ -916,9 +916,29 @@ function database_update_info() '3.0.7-PL1' => array(), // No changes from 3.0.8-RC1 to 3.0.8 '3.0.8-RC1' => array(), - // Changes from 3.0.8 to 3.0.9-RC1 '3.0.8' => array( + 'add_tables' => array( + LOGIN_ATTEMPT_TABLE => array( + 'COLUMNS' => array( + 'attempt_id' => array('UINT', NULL, 'auto_increment'), + 'attempt_ip' => array('VCHAR:40', ''), + 'attempt_browser' => array('VCHAR:150', ''), + 'attempt_forwarded_for' => array('VCHAR:255', ''), + 'attempt_time' => array('TIMESTAMP', 0), + 'user_id' => array('UINT', 0), + 'username' => array('VCHAR_UNI:255', 0), + 'username_clean' => array('VCHAR_CI', 0), + ), + 'PRIMARY_KEY' => 'attempt_id', + 'KEYS' => array( + 'attempt_ip' => array('INDEX', array('attempt_ip', 'attempt_time')), + 'attempt_forwarded_for' => array('INDEX', array('attempt_forwarded_for', 'attempt_time')), + 'attempt_time' => array('INDEX', array('attempt_time')), + 'user_id' => array('INDEX', 'user_id'), + ), + ), + ), 'change_columns' => array( BBCODES_TABLE => array( 'bbcode_id' => array('USINT', 0), @@ -1870,6 +1890,10 @@ function change_database_data(&$no_updates, $version) // Changes from 3.0.8 to 3.0.9-RC1 case '3.0.8': + set_config('ip_login_limit_max', '50'); + set_config('ip_login_limit_time', '21600'); + set_config('ip_login_limit_use_forwarded', '0'); + // Update file extension group names to use language strings, again. $sql = 'SELECT group_id, group_name FROM ' . EXTENSION_GROUPS_TABLE . ' @@ -2516,6 +2540,19 @@ class updater_db_tools $sqlite = true; } + // Add tables? + if (!empty($schema_changes['add_tables'])) + { + foreach ($schema_changes['add_tables'] as $table => $table_data) + { + $result = $this->sql_create_table($table, $table_data); + if ($this->return_statements) + { + $statements = array_merge($statements, $result); + } + } + } + // Change columns? if (!empty($schema_changes['change_columns'])) { |