From 11dd4b54fa1f3a15448271061e51907e3ba5c79d Mon Sep 17 00:00:00 2001
From: Bart van Bragt <phpbb@vanbragt.com>
Date: Thu, 21 Apr 2011 04:21:09 -0400
Subject: [ticket/10141] Use a cache in $auth->_fill_acl() for better
 performance.

Many sequences being converted are the same. Use a local cache to
convert each sequence once, speeding up the function.

PHPBB3-10141
---
 phpBB/includes/auth.php | 12 ++++++++++--
 1 file changed, 10 insertions(+), 2 deletions(-)

(limited to 'phpBB/includes/auth.php')

diff --git a/phpBB/includes/auth.php b/phpBB/includes/auth.php
index 02819f9e78..22fafd7b7f 100644
--- a/phpBB/includes/auth.php
+++ b/phpBB/includes/auth.php
@@ -109,6 +109,7 @@ class auth
 	*/
 	function _fill_acl($user_permissions)
 	{
+		$seq_cache = array();
 		$this->acl = array();
 		$user_permissions = explode("\n", $user_permissions);
 
@@ -125,8 +126,15 @@ class auth
 
 				while ($subseq = substr($seq, $i, 6))
 				{
-					// We put the original bitstring into the acl array
-					$this->acl[$f] .= str_pad(base_convert($subseq, 36, 2), 31, 0, STR_PAD_LEFT);
+					if (isset($seq_cache[$subseq]))
+					{
+						$this->acl[$f] .= $seq_cache[$subseq];
+					}
+					else
+					{
+						// We put the original bitstring into the acl array
+						$this->acl[$f] .= ($seq_cache[$subseq] = str_pad(base_convert($subseq, 36, 2), 31, 0, STR_PAD_LEFT));
+					}
 					$i += 6;
 				}
 			}
-- 
cgit v1.2.1


From b1367bce488d0acea00a5ebf8725d0cde5515655 Mon Sep 17 00:00:00 2001
From: Andreas Fischer <bantu@phpbb.com>
Date: Fri, 22 Apr 2011 00:15:05 +0200
Subject: [ticket/10141] Split double-assignment into conditional and
 unconditional part.

PHPBB3-10141
---
 phpBB/includes/auth.php | 12 +++++-------
 1 file changed, 5 insertions(+), 7 deletions(-)

(limited to 'phpBB/includes/auth.php')

diff --git a/phpBB/includes/auth.php b/phpBB/includes/auth.php
index 22fafd7b7f..4b13c6be7f 100644
--- a/phpBB/includes/auth.php
+++ b/phpBB/includes/auth.php
@@ -126,15 +126,13 @@ class auth
 
 				while ($subseq = substr($seq, $i, 6))
 				{
-					if (isset($seq_cache[$subseq]))
+					if (!isset($seq_cache[$subseq]))
 					{
-						$this->acl[$f] .= $seq_cache[$subseq];
-					}
-					else
-					{
-						// We put the original bitstring into the acl array
-						$this->acl[$f] .= ($seq_cache[$subseq] = str_pad(base_convert($subseq, 36, 2), 31, 0, STR_PAD_LEFT));
+						$seq_cache[$subseq] = str_pad(base_convert($subseq, 36, 2), 31, 0, STR_PAD_LEFT);
 					}
+
+					// We put the original bitstring into the acl array
+					$this->acl[$f] .= $seq_cache[$subseq];
 					$i += 6;
 				}
 			}
-- 
cgit v1.2.1


From f49656986cc1898e85d6d7e4cd859ec8e980dc4a Mon Sep 17 00:00:00 2001
From: Oleg Pudeyev <oleg@bsdpower.com>
Date: Thu, 21 Apr 2011 23:15:51 -0400
Subject: [ticket/10141] Save a hash lookup when value is not in cache.

PHPBB3-10141
---
 phpBB/includes/auth.php | 10 +++++++---
 1 file changed, 7 insertions(+), 3 deletions(-)

(limited to 'phpBB/includes/auth.php')

diff --git a/phpBB/includes/auth.php b/phpBB/includes/auth.php
index 4b13c6be7f..8324cb4977 100644
--- a/phpBB/includes/auth.php
+++ b/phpBB/includes/auth.php
@@ -126,13 +126,17 @@ class auth
 
 				while ($subseq = substr($seq, $i, 6))
 				{
-					if (!isset($seq_cache[$subseq]))
+					if (isset($seq_cache[$subseq]))
 					{
-						$seq_cache[$subseq] = str_pad(base_convert($subseq, 36, 2), 31, 0, STR_PAD_LEFT);
+						$converted = $seq_cache[$subseq];
+					}
+					else
+					{
+						$converted = $seq_cache[$subseq] = str_pad(base_convert($subseq, 36, 2), 31, 0, STR_PAD_LEFT);
 					}
 
 					// We put the original bitstring into the acl array
-					$this->acl[$f] .= $seq_cache[$subseq];
+					$this->acl[$f] .= $converted;
 					$i += 6;
 				}
 			}
-- 
cgit v1.2.1


From 2dee57fd43ebe1cf1f43fb0161cdd5f072eeaa63 Mon Sep 17 00:00:00 2001
From: Nils Adermann <naderman@naderman.de>
Date: Fri, 10 Jun 2011 12:02:59 +0200
Subject: [ticket/9992] Adding a limit on login attempts per IP.

A new table was created to save all failed login attempts with
corresponding information on username, ip and useragent. By default
the limit is 50 login attempts within 6 hours per IP. The limit is
relatively high to avoid big problems on sites behind a reverse
proxy that don't receive the forwarded-for value as REMOTE_ADDR but
see all users as coming from the same IP address. But if these
users run into problems a special forwarded-for option is available
to limit logins by forwarded-for value instead of ip.

PHPBB3-9992
---
 phpBB/includes/auth.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'phpBB/includes/auth.php')

diff --git a/phpBB/includes/auth.php b/phpBB/includes/auth.php
index 8324cb4977..5564de2943 100644
--- a/phpBB/includes/auth.php
+++ b/phpBB/includes/auth.php
@@ -908,7 +908,7 @@ class auth
 		$method = 'login_' . $method;
 		if (function_exists($method))
 		{
-			$login = $method($username, $password);
+			$login = $method($username, $password, $user->ip, $user->browser, $user->forwarded_for);
 
 			// If the auth module wants us to create an empty profile do so and then treat the status as LOGIN_SUCCESS
 			if ($login['status'] == LOGIN_SUCCESS_CREATE_PROFILE)
-- 
cgit v1.2.1