lkddi/nexusphp
1
0
Fork 0
mirror of https://github.com/lkddi/nexusphp.git synced 2026-04-23 19:37:23 +08:00
Code Issues Packages Projects Releases Wiki Activity

secure login use ip instead of REMOTE_ADDR

Browse Source
This commit is contained in:
xiaomlove
2022-08-25 22:38:06 +08:00
parent e34a11d70c
commit 414aaf9bf5
3 changed files with 10 additions and 9 deletions
Download Patch File Download Diff File Expand all files Collapse all files
public/takelogin.php
+4 -4
View File
@@ -7,7 +7,7 @@ dbconn();
require_once(get_langfile_path("", false, get_langfolder_cookie()));
failedloginscheck ();
cur_user_check () ;
$ip = getip();
function bark($text = "")
{
global $lang_takelogin;
@@ -33,7 +33,7 @@ if (!empty($row['two_step_secret'])) {
failedlogins($lang_takelogin['std_invalid_two_step_code']);
}
}
$log = "user: " . $row['id'];
$log = "user: {$row['id']}, ip: $ip";
if ($row["passhash"] != md5($row["secret"] . $password . $row["secret"]))
login_failedlogins();
@@ -43,8 +43,8 @@ if ($row["enabled"] == "no")
if (isset($_POST["securelogin"]) && $_POST["securelogin"] == "yes")
{
$securelogin_indentity_cookie = true;
$passh = md5($row["passhash"].$_SERVER["REMOTE_ADDR"]);
$log .= ", secure login == yeah, passhash: {$row['passhash']}, remote_addr: {$_SERVER["REMOTE_ADDR"]}, md5: $passh";
$passh = md5($row["passhash"].$ip);
$log .= ", secure login == yeah, passhash: {$row['passhash']}, ip: $ip, md5: $passh";
}
else
{