From 2be1fd21311f57c261a71823f8b9b68df7aa436c Mon Sep 17 00:00:00 2001 From: Quentin Ligier Date: Wed, 16 Mar 2016 20:20:21 +0100 Subject: [PATCH 1/4] Add login logs --- php/Modules/Session.php | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/php/Modules/Session.php b/php/Modules/Session.php index 0b846ad..91ffbae 100755 --- a/php/Modules/Session.php +++ b/php/Modules/Session.php @@ -70,14 +70,15 @@ final class Session { // Call plugins Plugins::get()->activate(__METHOD__, 0, func_get_args()); - $username = crypt($username, Settings::get()['username']); + $username_crypt = crypt($username, Settings::get()['username']); $password = crypt($password, Settings::get()['password']); // Check login with crypted hash - if (Settings::get()['username']===$username&& + if (Settings::get()['username']===$username_crypt&& Settings::get()['password']===$password) { $_SESSION['login'] = true; $_SESSION['identifier'] = Settings::get()['identifier']; + Log::notice(Database::get(), __METHOD__, __LINE__, 'User ['.$username.'] has logged in from ['.$_SERVER['REMOTE_ADDR'].']'); return true; } @@ -87,6 +88,7 @@ final class Session { // Call plugins Plugins::get()->activate(__METHOD__, 1, func_get_args()); + Log::error(Database::get(), __METHOD__, __LINE__, 'User ['.$username.'] has tried to log in from ['.$_SERVER['REMOTE_ADDR'].']'); return false; } From 399619c6e8b0d6c4db0ac67be600386865440a5b Mon Sep 17 00:00:00 2001 From: Quentin Ligier Date: Sat, 19 Mar 2016 10:21:29 +0100 Subject: [PATCH 2/4] Corrections of Import::url --- php/Modules/Import.php | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/php/Modules/Import.php b/php/Modules/Import.php index 76adf19..c0d1a32 100644 --- a/php/Modules/Import.php +++ b/php/Modules/Import.php @@ -65,13 +65,12 @@ final class Import { continue; } - $pathinfo = pathinfo($url); - $filename = $pathinfo['filename'] . '.' . $pathinfo['extension']; + $filename = pathinfo($url, PATHINFO_FILENAME) . $extension; $tmp_name = LYCHEE_DATA . $filename; if (@copy($url, $tmp_name)===false) { $error = true; - Log::error(Database::get(), __METHOD__, __LINE__, 'Could not copy file (' . $tmp_name . ') to temp-folder (' . $tmp_name . ')'); + Log::error(Database::get(), __METHOD__, __LINE__, 'Could not copy file (' . $url . ') to temp-folder (' . $tmp_name . ')'); continue; } From e1056d1fc6a7b9e412f9adb1f28bc23cb815dc67 Mon Sep 17 00:00:00 2001 From: Tobias Reich Date: Sat, 19 Mar 2016 15:46:07 +0100 Subject: [PATCH 3/4] Removed unnecessary special case for question mark in extension #482 --- php/helpers/getExtension.php | 1 - 1 file changed, 1 deletion(-) diff --git a/php/helpers/getExtension.php b/php/helpers/getExtension.php index 0716aa6..2a48ad8 100644 --- a/php/helpers/getExtension.php +++ b/php/helpers/getExtension.php @@ -14,7 +14,6 @@ function getExtension($filename, $isURI = false) { // Special cases // https://github.com/electerious/Lychee/issues/482 list($extension) = explode(':', $extension, 2); - list($extension) = explode('?', $extension, 2); if (empty($extension)===false) $extension = '.' . $extension; From 082d306927949782576ebd99af147554370e596d Mon Sep 17 00:00:00 2001 From: Tobias Reich Date: Sat, 19 Mar 2016 16:16:41 +0100 Subject: [PATCH 4/4] Small adjustments to #491 --- php/Modules/Session.php | 10 ++++++---- 1 file changed, 6 insertions(+), 4 deletions(-) diff --git a/php/Modules/Session.php b/php/Modules/Session.php index 91ffbae..8d8714b 100755 --- a/php/Modules/Session.php +++ b/php/Modules/Session.php @@ -71,14 +71,14 @@ final class Session { Plugins::get()->activate(__METHOD__, 0, func_get_args()); $username_crypt = crypt($username, Settings::get()['username']); - $password = crypt($password, Settings::get()['password']); + $password_crypt = crypt($password, Settings::get()['password']); // Check login with crypted hash if (Settings::get()['username']===$username_crypt&& - Settings::get()['password']===$password) { + Settings::get()['password']===$password_crypt) { $_SESSION['login'] = true; $_SESSION['identifier'] = Settings::get()['identifier']; - Log::notice(Database::get(), __METHOD__, __LINE__, 'User ['.$username.'] has logged in from ['.$_SERVER['REMOTE_ADDR'].']'); + Log::notice(Database::get(), __METHOD__, __LINE__, 'User (' . $username . ') has logged in from ' . $_SERVER['REMOTE_ADDR']); return true; } @@ -88,7 +88,9 @@ final class Session { // Call plugins Plugins::get()->activate(__METHOD__, 1, func_get_args()); - Log::error(Database::get(), __METHOD__, __LINE__, 'User ['.$username.'] has tried to log in from ['.$_SERVER['REMOTE_ADDR'].']'); + // Log failed log in + Log::error(Database::get(), __METHOD__, __LINE__, 'User (' . $username . ') has tried to log in from ' . $_SERVER['REMOTE_ADDR']); + return false; }