[aur-dev] [PATCH 2/4] Store banned IP addresses as plain text
Lukas Fleischer
lfleischer at archlinux.org
Wed Jan 25 18:39:39 UTC 2017
Inspired by commit 32c8d0c (Store last login address as plain text,
2016-03-13).
Signed-off-by: Lukas Fleischer <lfleischer at archlinux.org>
---
schema/aur-schema.sql | 2 +-
upgrading/4.5.0.txt | 7 +++++++
web/lib/acctfuncs.inc.php | 2 +-
3 files changed, 9 insertions(+), 2 deletions(-)
diff --git a/schema/aur-schema.sql b/schema/aur-schema.sql
index b0663eb..99f9083 100644
--- a/schema/aur-schema.sql
+++ b/schema/aur-schema.sql
@@ -376,7 +376,7 @@ CREATE TABLE IF NOT EXISTS TU_Votes (
-- Malicious user banning
--
CREATE TABLE Bans (
- IPAddress INTEGER UNSIGNED NOT NULL DEFAULT 0,
+ IPAddress VARCHAR(45) NULL DEFAULT NULL,
BanTS TIMESTAMP NOT NULL,
PRIMARY KEY (IPAddress)
) ENGINE = InnoDB;
diff --git a/upgrading/4.5.0.txt b/upgrading/4.5.0.txt
index 5cf0888..fb0a299 100644
--- a/upgrading/4.5.0.txt
+++ b/upgrading/4.5.0.txt
@@ -11,3 +11,10 @@ ALTER TABLE Users
ADD COLUMN LastSSHLogin BIGINT UNSIGNED NOT NULL DEFAULT 0,
ADD COLUMN LastSSHLoginIPAddress VARCHAR(45) NULL DEFAULT NULL;
---
+
+3. Convert the IPAddress column of the Bans table to VARCHAR(45). If the table
+ contains any active bans, convert them accordingly:
+
+----
+ALTER TABLE Bans MODIFY IPAddress VARCHAR(45) NULL DEFAULT NULL;
+----
diff --git a/web/lib/acctfuncs.inc.php b/web/lib/acctfuncs.inc.php
index 08dbc67..b3cf612 100644
--- a/web/lib/acctfuncs.inc.php
+++ b/web/lib/acctfuncs.inc.php
@@ -621,7 +621,7 @@ function try_login() {
function is_ipbanned() {
$dbh = DB::connect();
- $q = "SELECT * FROM Bans WHERE IPAddress = " . $dbh->quote(ip2long($_SERVER['REMOTE_ADDR']));
+ $q = "SELECT * FROM Bans WHERE IPAddress = " . $dbh->quote($_SERVER['REMOTE_ADDR']);
$result = $dbh->query($q);
return ($result->fetchColumn() ? true : false);
--
2.11.0
More information about the aur-dev
mailing list