From 32c8d0c3f837950518f886ed9baef00e98740049 Mon Sep 17 00:00:00 2001
From: Lukas Fleischer <lfleischer@archlinux.org>
Date: Sun, 13 Mar 2016 11:37:48 +0100
Subject: Store last login address as plain text

Directly store the information contained in $_SERVER['REMOTE_ADDR']
instead of using ip2long() which does not support IPv6 addresses. Note
that the LastLoginIPAddress field is designed to be used by the
administrator on rare occasions only (e.g. to fight spam) and is not
displayed anywhere.

Fixes FS#48557.

Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
---
 web/lib/acctfuncs.inc.php | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

(limited to 'web/lib/acctfuncs.inc.php')

diff --git a/web/lib/acctfuncs.inc.php b/web/lib/acctfuncs.inc.php
index b39420fe..2d70f65f 100644
--- a/web/lib/acctfuncs.inc.php
+++ b/web/lib/acctfuncs.inc.php
@@ -554,8 +554,8 @@ function try_login() {
 	}
 
 	$q = "UPDATE Users SET LastLogin = UNIX_TIMESTAMP(), ";
-	$q.= "LastLoginIPAddress = " . $dbh->quote(ip2long($_SERVER['REMOTE_ADDR'])) . " ";
-	$q.= "WHERE ID = '$userID'";
+	$q.= "LastLoginIPAddress = " . $dbh->quote($_SERVER['REMOTE_ADDR']) . " ";
+	$q.= "WHERE ID = $userID";
 	$dbh->exec($q);
 
 	/* Set the SID cookie. */
-- 
cgit v1.2.3-24-g4f1b