From 0cd6473909e3db54cb69df4de96ef8409b41e515 Mon Sep 17 00:00:00 2001 From: Axel Roenn Date: Mon, 9 Sep 2013 15:35:39 +0200 Subject: [PATCH] On an auth failure the uid and the IP address should be logged to the standard log file. This update works for a standard setup, when using a proxy for the server one can probably use the X-forwarded-for header instead of the remote address. --- lib/base.php | 2 ++ 1 file changed, 2 insertions(+) diff --git a/lib/base.php b/lib/base.php index ea5adbadc9..052444271c 100644 --- a/lib/base.php +++ b/lib/base.php @@ -730,6 +730,8 @@ class OC { // Someone wants to log in : } elseif (OC::tryFormLogin()) { $error[] = 'invalidpassword'; + OC_Log::write('core', 'Login failed: user \''.$_POST["user"].'\' , wrong password, IP:'.$_SERVER['REMOTE_ADDR'], + OC_Log::ERROR); } OC_Util::displayLoginPage(array_unique($error));