summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--CGI.pl12
-rwxr-xr-xchecksetup.pl14
2 files changed, 15 insertions, 11 deletions
diff --git a/CGI.pl b/CGI.pl
index 76c53627d..e100c69f3 100644
--- a/CGI.pl
+++ b/CGI.pl
@@ -695,15 +695,12 @@ sub quietly_check_login() {
if (defined $::COOKIE{"Bugzilla_login"} &&
defined $::COOKIE{"Bugzilla_logincookie"}) {
ConnectToDatabase();
- if (!defined $ENV{'REMOTE_HOST'}) {
- $ENV{'REMOTE_HOST'} = $ENV{'REMOTE_ADDR'};
- }
SendSQL("SELECT profiles.userid, profiles.groupset, " .
"profiles.login_name, " .
"profiles.login_name = " .
SqlQuote($::COOKIE{"Bugzilla_login"}) .
- " AND logincookies.hostname = " .
- SqlQuote($ENV{"REMOTE_HOST"}) .
+ " AND logincookies.ipaddr = " .
+ SqlQuote($ENV{"REMOTE_ADDR"}) .
", profiles.disabledtext " .
" FROM profiles, logincookies WHERE logincookies.cookie = " .
SqlQuote($::COOKIE{"Bugzilla_logincookie"}) .
@@ -988,10 +985,7 @@ sub confirm_login {
# the cookies.
if($enteredlogin ne "") {
$::COOKIE{"Bugzilla_login"} = $enteredlogin;
- if (!defined $ENV{'REMOTE_HOST'}) {
- $ENV{'REMOTE_HOST'} = $ENV{'REMOTE_ADDR'};
- }
- SendSQL("insert into logincookies (userid,hostname) values (@{[DBNameToIdAndCheck($enteredlogin)]}, @{[SqlQuote($ENV{'REMOTE_HOST'})]})");
+ SendSQL("insert into logincookies (userid,ipaddr) values (@{[DBNameToIdAndCheck($enteredlogin)]}, @{[SqlQuote($ENV{'REMOTE_ADDR'})]})");
SendSQL("select LAST_INSERT_ID()");
my $logincookie = FetchOneColumn();
diff --git a/checksetup.pl b/checksetup.pl
index ab8b723fa..ba5d1e087 100755
--- a/checksetup.pl
+++ b/checksetup.pl
@@ -1155,11 +1155,10 @@ $table{groups} =
unique(bit),
unique(name)';
-
$table{logincookies} =
'cookie mediumint not null auto_increment primary key,
userid mediumint not null,
- hostname varchar(128),
+ ipaddr varchar(40) NOT NULL,
lastused timestamp,
index(lastused)';
@@ -2706,6 +2705,17 @@ if (GetFieldDef("bugs","qacontact_accessible")) {
DropField("bugs", "assignee_accessible");
}
+# 2002-03-15 bbaetz@student.usyd.edu.au - bug 129466
+# Use the ip, not the hostname, in the logincookies table
+if (GetFieldDef("logincookies", "hostname")) {
+ # We've changed what we match against, so all entries are now invalid
+ $dbh->do("DELETE FROM logincookies");
+
+ # Now update the logincookies schema
+ DropField("logincookies", "hostname");
+ AddField("logincookies", "ipaddr", "varchar(40) NOT NULL");
+}
+
# If you had to change the --TABLE-- definition in any way, then add your
# differential change code *** A B O V E *** this comment.
#