[aur-dev] [PATCH 2/4] Store banned IP addresses as plain text

[Lukas Fleischer]

Inspired by commit 32c8d0c (Store last login address as plain text,
2016-03-13).

Signed-off-by: Lukas Fleischer <lfleischer at archlinux.org>
---
 schema/aur-schema.sql     | 2 +-
 upgrading/4.5.0.txt       | 7 +++++++
 web/lib/acctfuncs.inc.php | 2 +-
 3 files changed, 9 insertions(+), 2 deletions(-)

diff --git a/schema/aur-schema.sql b/schema/aur-schema.sql
index b0663eb..99f9083 100644
--- a/schema/aur-schema.sql
+++ b/schema/aur-schema.sql
@@ -376,7 +376,7 @@ CREATE TABLE IF NOT EXISTS TU_Votes (
 -- Malicious user banning
 --
 CREATE TABLE Bans (
-	IPAddress INTEGER UNSIGNED NOT NULL DEFAULT 0,
+	IPAddress VARCHAR(45) NULL DEFAULT NULL,
 	BanTS TIMESTAMP NOT NULL,
 	PRIMARY KEY (IPAddress)
 ) ENGINE = InnoDB;
diff --git a/upgrading/4.5.0.txt b/upgrading/4.5.0.txt
index 5cf0888..fb0a299 100644
--- a/upgrading/4.5.0.txt
+++ b/upgrading/4.5.0.txt
@@ -11,3 +11,10 @@ ALTER TABLE Users
 	ADD COLUMN LastSSHLogin BIGINT UNSIGNED NOT NULL DEFAULT 0,
 	ADD COLUMN LastSSHLoginIPAddress VARCHAR(45) NULL DEFAULT NULL;
 ---
+
+3. Convert the IPAddress column of the Bans table to VARCHAR(45). If the table
+   contains any active bans, convert them accordingly:
+
+----
+ALTER TABLE Bans MODIFY IPAddress VARCHAR(45) NULL DEFAULT NULL;
+----
diff --git a/web/lib/acctfuncs.inc.php b/web/lib/acctfuncs.inc.php
index 08dbc67..b3cf612 100644
--- a/web/lib/acctfuncs.inc.php
+++ b/web/lib/acctfuncs.inc.php
@@ -621,7 +621,7 @@ function try_login() {
 function is_ipbanned() {
 	$dbh = DB::connect();
 
-	$q = "SELECT * FROM Bans WHERE IPAddress = " . $dbh->quote(ip2long($_SERVER['REMOTE_ADDR']));
+	$q = "SELECT * FROM Bans WHERE IPAddress = " . $dbh->quote($_SERVER['REMOTE_ADDR']);
 	$result = $dbh->query($q);
 
 	return ($result->fetchColumn() ? true : false);
-- 
2.11.0