Page 9 of 15

Re: Log connections

Posted: Sun Nov 23, 2008 8:48 am
by D_E_A_T_H
Yes

Re: Log connections

Posted: Wed Nov 26, 2008 12:33 pm
by GurlzLubme
thank you

Re: Log connections

Posted: Sun Nov 30, 2008 10:20 am
by andy2295
You have a debug error coming up as Notice: Undefined index: user_id. This is coming from the /includes/functions.php from:

//-- mod : log connections --------------------------------------------------------
//-- add
$user_id = ($user->data['user_id'] == ANONYMOUS) ? intval(array_shift($args)) : $user->data['user_id'];
//-- end : log connections --------------------------------------------------------

Dont know whether you want to adjust the code to rid the debug error?

Re: Log connections

Posted: Sun Dec 07, 2008 5:40 am
by bangpride
I didn't know that it was not compatible with v3.0.3 so I installed it anyways. It seems to work fine.

The only problem I came across with finding this:

Code: Select all

$log[$i]['action'] = @vsprintf($log[$i]['action'], $log_data_ary);
I found this instead so I continued with the instructions.

Code: Select all

$log[$i]['action'] = vsprintf($log[$i]['action'], $log_data_ary);
This is a marvelous mod. Thanks so much Elglobo

Re: Log connections

Posted: Sun Dec 07, 2008 1:52 pm
by TheKlan
Excuse me for my bad English.
The MOD works perfectly on phpBB 3.0.3.
You need to re-edit the file functions_admin.php as per instructions of the MOD, the only difference has reported the post above mine.
Upgrading from 3.0.2 to 3.0.3 are lost only changes to a file, everything else works (fine).

Re: Log connections

Posted: Tue Dec 09, 2008 9:35 pm
by MarcSto
I confirm, works fine on 3.0.3

Re: Log connections

Posted: Fri Dec 12, 2008 8:12 pm
by Andybritten
Yes this works really fine with phpBB 3.0.3 but I got a small problem anyway.
Normally the good logins should be green and the wrong logins red.
At 3.0.2 it worked but at 3.0.3 it looks like this:

Image

I also added:
/* Classes for log connections
---------------------------------------- */
.log-success {
color: #009900;
font-size: 100%;
}

.log-fail {
color: #FF0000;
font-size: 100%;
}

.inputboxlog {
width: 90%;
}
to the admin.css so this should work.
Could you help me please! I think it is only a small failure but I really cant find it!

Re: Log connections

Posted: Sat Dec 13, 2008 9:19 pm
by Smog
@mod author: useful mod, txs! :)

Re: Log connections

Posted: Tue Dec 23, 2008 8:53 pm
by rtadams89
I'm running phpBB 3.0.4 and attempting to install the latest version of this mod.

I'm instructed to open auth_db.php and find the following code

Code: Select all

			return array(
						'status'		=> LOGIN_ERROR_ATTEMPTS,
						'error_msg'		=> 'CONFIRM_CODE_WRONG',
						'user_row'		=> $row,
					);
				}
			}
problem is, this appears twice. Which one is this referring to? Could someone who has the mod installed successfully just upload their 3.0.4 auth_db.php file?

Re: Log connections

Posted: Fri Dec 26, 2008 11:11 pm
by Francisco.phpBB
Hi rtadams89

This is auth_db.php phpBB 3.0.4.
Att, Francisco

Code: Select all

<?php
/**
*
* Database auth plug-in for phpBB3
*
* Authentication plug-ins is largely down to Sergey Kanareykin, our thanks to him.
*
* This is for authentication via the integrated user table
*
* @package login
* @version $Id: auth_db.php 8479 2008-03-29 00:22:48Z naderman $
* @copyright (c) 2005 phpBB Group
* @license http://opensource.org/licenses/gpl-license.php GNU Public License
*
*/

/**
* @ignore
*/
if (!defined('IN_PHPBB'))
{
	exit;
}

/**
* login function
*/
function login_db(&$username, &$password)
{
	global $db, $config;

//-- mod : log connections --------------------------------------------------------
//-- add
	global $user;
//-- end : log connections --------------------------------------------------------

	// do not allow empty password
	if (!$password)
	{

//-- mod : log connections --------------------------------------------------------
//-- add
		if (!$user->data['is_registered'])
		{
			add_log('connections', ANONYMOUS, 'LOG_AUTH_FAIL_NO_PASSWORD', $username);
		}
//-- end : log connections --------------------------------------------------------

		return array(
			'status'	=> LOGIN_ERROR_PASSWORD,
			'error_msg'	=> 'NO_PASSWORD_SUPPLIED',
			'user_row'	=> array('user_id' => ANONYMOUS),
		);
	}

	if (!$username)
	{

//-- mod : log connections --------------------------------------------------------
//-- add
		if (!$user->data['is_registered'])
		{
			add_log('connections', ANONYMOUS, 'LOG_AUTH_FAIL_UNKNOWN', $username);
		}
//-- end : log connections --------------------------------------------------------

		return array(
			'status'	=> LOGIN_ERROR_USERNAME,
			'error_msg'	=> 'LOGIN_ERROR_USERNAME',
			'user_row'	=> array('user_id' => ANONYMOUS),
		);
	}

	$sql = 'SELECT user_id, username, user_password, user_passchg, user_pass_convert, user_email, user_type, user_login_attempts
		FROM ' . USERS_TABLE . "
		WHERE username_clean = '" . $db->sql_escape(utf8_clean_string($username)) . "'";
	$result = $db->sql_query($sql);
	$row = $db->sql_fetchrow($result);
	$db->sql_freeresult($result);

	if (!$row)
	{

//-- mod : log connections --------------------------------------------------------
//-- add
		if (!$user->data['is_registered'])
		{
			add_log('connections', ANONYMOUS, 'LOG_AUTH_FAIL_UNKNOWN', $username);
		}
//-- end : log connections --------------------------------------------------------

		return array(
			'status'	=> LOGIN_ERROR_USERNAME,
			'error_msg'	=> 'LOGIN_ERROR_USERNAME',
			'user_row'	=> array('user_id' => ANONYMOUS),
		);
	}

	// If there are too much login attempts, we need to check for an confirm image
	// Every auth module is able to define what to do by itself...
	if ($config['max_login_attempts'] && $row['user_login_attempts'] >= $config['max_login_attempts'])
	{
		$confirm_id = request_var('confirm_id', '');
		$confirm_code = request_var('confirm_code', '');

		// Visual Confirmation handling
		if (!$confirm_id)
		{

//-- mod : log connections --------------------------------------------------------
//-- add
			if (!$user->data['is_registered'])
			{
				add_log('connections', $row['user_id'], 'LOG_AUTH_FAIL');
			}
//-- end : log connections --------------------------------------------------------

			return array(
				'status'		=> LOGIN_ERROR_ATTEMPTS,
				'error_msg'		=> 'LOGIN_ERROR_ATTEMPTS',
				'user_row'		=> $row,
			);
		}
		else
		{
			global $user;

			$sql = 'SELECT code
				FROM ' . CONFIRM_TABLE . "
				WHERE confirm_id = '" . $db->sql_escape($confirm_id) . "'
					AND session_id = '" . $db->sql_escape($user->session_id) . "'
					AND confirm_type = " . CONFIRM_LOGIN;
			$result = $db->sql_query($sql);
			$confirm_row = $db->sql_fetchrow($result);
			$db->sql_freeresult($result);

			if ($confirm_row)
			{
				if (strcasecmp($confirm_row['code'], $confirm_code) === 0)
				{
					$sql = 'DELETE FROM ' . CONFIRM_TABLE . "
						WHERE confirm_id = '" . $db->sql_escape($confirm_id) . "'
							AND session_id = '" . $db->sql_escape($user->session_id) . "'
							AND confirm_type = " . CONFIRM_LOGIN;
					$db->sql_query($sql);
				}
				else
				{

//-- mod : log connections --------------------------------------------------------
//-- add
					if (!$user->data['is_registered'])
					{
						add_log('connections', $row['user_id'], 'LOG_AUTH_FAIL_CONFIRM');
					}
//-- end : log connections --------------------------------------------------------

					return array(
						'status'		=> LOGIN_ERROR_ATTEMPTS,
						'error_msg'		=> 'CONFIRM_CODE_WRONG',
						'user_row'		=> $row,
					);
				}
			}

			else
			{
//-- mod : log connections --------------------------------------------------------
//-- add
				if (!$user->data['is_registered'])
				{
					add_log('connections', $row['user_id'], 'LOG_AUTH_FAIL_CONFIRM');
				}
//-- end : log connections --------------------------------------------------------
				return array(
					'status'		=> LOGIN_ERROR_ATTEMPTS,
					'error_msg'		=> 'CONFIRM_CODE_WRONG',
					'user_row'		=> $row,
				);
			}

		}
	}

	// If the password convert flag is set we need to convert it
	if ($row['user_pass_convert'])
	{
		// in phpBB2 passwords were used exactly as they were sent, with addslashes applied
		$password_old_format = isset($_REQUEST['password']) ? (string) $_REQUEST['password'] : '';
		$password_old_format = (!STRIP) ? addslashes($password_old_format) : $password_old_format;
		$password_new_format = '';

		set_var($password_new_format, stripslashes($password_old_format), 'string');

		if ($password == $password_new_format)
		{
			if (!function_exists('utf8_to_cp1252'))
			{
				global $phpbb_root_path, $phpEx;
				include($phpbb_root_path . 'includes/utf/data/recode_basic.' . $phpEx);
			}

			// cp1252 is phpBB2's default encoding, characters outside ASCII range might work when converted into that encoding
			if (md5($password_old_format) == $row['user_password'] || md5(utf8_to_cp1252($password_old_format)) == $row['user_password'])
			{
				$hash = phpbb_hash($password_new_format);

				// Update the password in the users table to the new format and remove user_pass_convert flag
				$sql = 'UPDATE ' . USERS_TABLE . '
					SET user_password = \'' . $db->sql_escape($hash) . '\',
						user_pass_convert = 0
					WHERE user_id = ' . $row['user_id'];
				$db->sql_query($sql);

				$row['user_pass_convert'] = 0;
				$row['user_password'] = $hash;
			}
			else
			{
				// Although we weren't able to convert this password we have to
				// increase login attempt count to make sure this cannot be exploited
				$sql = 'UPDATE ' . USERS_TABLE . '
					SET user_login_attempts = user_login_attempts + 1
					WHERE user_id = ' . $row['user_id'];
				$db->sql_query($sql);

//-- mod : log connections --------------------------------------------------------
//-- add
				if (!$user->data['is_registered'])
				{
					add_log('connections', $row['user_id'], 'LOG_AUTH_FAIL_CONVERT');
				}
//-- end : log connections --------------------------------------------------------

				return array(
					'status'		=> LOGIN_ERROR_PASSWORD_CONVERT,
					'error_msg'		=> 'LOGIN_ERROR_PASSWORD_CONVERT',
					'user_row'		=> $row,
				);
			}
		}
	}

	// Check password ...
	if (!$row['user_pass_convert'] && phpbb_check_hash($password, $row['user_password']))
	{
		// Check for old password hash...
		if (strlen($row['user_password']) == 32)
		{
			$hash = phpbb_hash($password);

			// Update the password in the users table to the new format
			$sql = 'UPDATE ' . USERS_TABLE . "
				SET user_password = '" . $db->sql_escape($hash) . "',
					user_pass_convert = 0
				WHERE user_id = {$row['user_id']}";
			$db->sql_query($sql);

			$row['user_password'] = $hash;
		}

		if ($row['user_login_attempts'] != 0)
		{
			// Successful, reset login attempts (the user passed all stages)
			$sql = 'UPDATE ' . USERS_TABLE . '
				SET user_login_attempts = 0
				WHERE user_id = ' . $row['user_id'];
			$db->sql_query($sql);
		}

		// User inactive...
		if ($row['user_type'] == USER_INACTIVE || $row['user_type'] == USER_IGNORE)
		{

//-- mod : log connections --------------------------------------------------------
//-- add
			add_log('connections', $row['user_id'], 'LOG_AUTH_FAIL_INACTIVE');
//-- end : log connections --------------------------------------------------------

			return array(
				'status'		=> LOGIN_ERROR_ACTIVE,
				'error_msg'		=> 'ACTIVE_ERROR',
				'user_row'		=> $row,
			);
		}

		// Successful login... set user_login_attempts to zero...
		return array(
			'status'		=> LOGIN_SUCCESS,
			'error_msg'		=> false,
			'user_row'		=> $row,
		);
	}

	// Password incorrect - increase login attempts

//-- mod : log connections --------------------------------------------------------
//-- add
	if (!$user->data['is_registered'])
	{
		add_log('connections', $row['user_id'], 'LOG_AUTH_FAIL');
	}
//-- end : log connections --------------------------------------------------------
	
	$sql = 'UPDATE ' . USERS_TABLE . '
		SET user_login_attempts = user_login_attempts + 1
		WHERE user_id = ' . $row['user_id'];
	$db->sql_query($sql);

	// Give status about wrong password...
	return array(
		'status'		=> LOGIN_ERROR_PASSWORD,
		'error_msg'		=> 'LOGIN_ERROR_PASSWORD',
		'user_row'		=> $row,
	);
}

?>

Re: Log connections

Posted: Sat Dec 27, 2008 12:31 am
by rtadams89
That did it for me.

Mod author might want to update the instructions to be a little more clear on the subject though.

Re: Log connections

Posted: Sat Dec 27, 2008 3:35 am
by Jim Dominic
Andybritten wrote:Yes this works really fine with phpBB 3.0.3 but I got a small problem anyway.
Normally the good logins should be green and the wrong logins red.
At 3.0.2 it worked but at 3.0.3 it looks like this:

(image snipped)

I also added:
/* Classes for log connections
---------------------------------------- */
.log-success {
color: #009900;
font-size: 100%;
}

.log-fail {
color: #FF0000;
font-size: 100%;
}

.inputboxlog {
width: 90%;
}
to the admin.css so this should work.
Could you help me please! I think it is only a small failure but I really cant find it!
Try this:

Code: Select all

/* Classes for log connections
---------------------------------------- */
div.log-success {
	color: #009900;
	font-size: 100%;
}

div.log-fail {
	color: #FF0000;
	font-size: 100%;
}

.inputboxlog {
	width: 90%;
}

Re: Log connections; mod bug?

Posted: Sun Dec 28, 2008 7:54 pm
by Francisco.phpBB
My board it is working fine with LC mod.
But, if I "Disable logging of connections from administrators" from "Connection Log Settings", USERS CONNECTIONS LOGS it is sent to "Admin log" and not to "Connection log".
Can you help me?

Re: Log connections

Posted: Wed Dec 31, 2008 7:46 pm
by muggins
Hi, all, Happy New Year!

What is the status on getting guest connections logged in the Mod? The new version doesn't seem to be coming as quickly as I'd hoped. :(

Could anyone give me a hint as to where to start experimenting? :geek:

Re: Log connections

Posted: Thu Jan 01, 2009 5:31 pm
by GoBieN
muggins wrote:Hi, all, Happy New Year!

What is the status on getting guest connections logged in the Mod? The new version doesn't seem to be coming as quickly as I'd hoped. :(

Could anyone give me a hint as to where to start experimenting? :geek:
How can you log a login from a guest ?
They are called guests because they don't login.