mbk-lab
/
nextcloud
2
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Changed default behaviour to not log IP address in case of an auth failure. Can be configured in OC conf now. 

Log level changed to warning .
This commit is contained in:
Axel Roenn 2013-09-10 11:07:26 +02:00
parent 0cd6473909
commit 7810e27dad
1 changed files with 8 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
lib/base.php
View File

@ -730,8 +730,14 @@ class OC {
// Someone wants to log in : // Someone wants to log in :
} elseif (OC::tryFormLogin()) { } elseif (OC::tryFormLogin()) {
$error[] = 'invalidpassword'; $error[] = 'invalidpassword';
if ( OC_Config::getValue('log_authfailip', '') ) {
OC_Log::write('core', 'Login failed: user \''.$_POST["user"].'\' , wrong password, IP:'.$_SERVER['REMOTE_ADDR'], OC_Log::write('core', 'Login failed: user \''.$_POST["user"].'\' , wrong password, IP:'.$_SERVER['REMOTE_ADDR'],
OC_Log::ERROR); OC_Log::WARN);
}
else {
OC_Log::write('core', 'Login failed: user \''.$_POST["user"].'\' , wrong password, IP:set log_authfailip=true in conf',
OC_Log::WARN);
}
} }
OC_Util::displayLoginPage(array_unique($error)); OC_Util::displayLoginPage(array_unique($error));