Permalink
Browse files

- Add HTTP_X_REAL_IP and HTTP_X_FORWARDED_FOR to successful logins lo…

…g (#1486441)
  • Loading branch information...
1 parent c576893 commit 3544558f2d1b7b53de77f5ea373850dce8b05947 @alecpl alecpl committed Apr 20, 2010
Showing with 30 additions and 6 deletions.
  1. +1 −0 CHANGELOG
  2. +1 −6 index.php
  3. +28 −0 program/include/main.inc
View
@@ -1,6 +1,7 @@
CHANGELOG RoundCube Webmail
===========================
+- Add HTTP_X_REAL_IP and HTTP_X_FORWARDED_FOR to successful logins log (#1486441)
- Fix setting spellcheck languages with extended codes (#1486605)
- Fix messages list scrolling in FF3.6 (#1486472)
- Fix quicksearch input focus (#1486637)
View
@@ -103,12 +103,7 @@
$RCMAIL->authenticate_session();
// log successful login
- if ($RCMAIL->config->get('log_logins')) {
- write_log('userlogins', sprintf('Successful login for %s (id %d) from %s',
- $RCMAIL->user->get_username(),
- $RCMAIL->user->ID,
- $_SERVER['REMOTE_ADDR']));
- }
+ rcmail_log_login();
// restore original request parameters
$query = array();
View
@@ -1141,6 +1141,34 @@ function write_log($name, $line)
/**
+ * Write login data (name, ID, IP address) to the 'userlogins' log file.
+ */
+function rcmail_log_login()
+{
+ global $RCMAIL;
+
+ if (!$RCMAIL->config->get('log_logins') || !$RCMAIL->user)
+ return;
+
+ $address = $_SERVER['REMOTE_ADDR'];
+ // append the NGINX X-Real-IP header, if set
+ if (!empty($_SERVER['HTTP_X_REAL_IP'])) {
+ $remote_ip[] = 'X-Real-IP: ' . $_SERVER['HTTP_X_REAL_IP'];
+ }
+ // append the X-Forwarded-For header, if set
+ if (!empty($_SERVER['HTTP_X_FORWARDED_FOR'])) {
+ $remote_ip[] = 'X-Forwarded-For: ' . $_SERVER['HTTP_X_FORWARDED_FOR'];
+ }
+
+ if (!empty($remote_ip))
+ $address .= '(' . implode(',', $remote_ip) . ')';
+
+ write_log('userlogins', sprintf('Successful login for %s (ID: %d) from %s',
+ $RCMAIL->user->get_username(), $RCMAIL->user->ID, $address));
+}
+
+
+/**
* @access private
*/
function rcube_timer()

0 comments on commit 3544558

Please sign in to comment.