Changeset 6435
- Timestamp:
- 06/06/12 11:16:36 (12 years ago)
- File:
-
- 1 edited
Legend:
- Unmodified
- Added
- Removed
-
trunk/phpgwapi/inc/class.sessions.inc.php
r6037 r6435 594 594 */ 595 595 function get_last_access_on_history($account_id) { 596 596 597 $GLOBALS['phpgw']->db->query("select li from phpgw_access_log where account_id='$account_id' order by li desc limit 1",__LINE__,__FILE__); 597 598 if(!$GLOBALS['phpgw']->db->next_record()) … … 619 620 } 620 621 $GLOBALS['phpgw']->db->query('INSERT INTO phpgw_access_log(sessionid,loginid,ip,li,lo,account_id,browser)' 621 . " VALUES ('" . $sessionid . "','" . $this->db->db_addslashes($login). "','"622 . $this->db->db_addslashes($user_ip) . "',$now,0," . (int)$account_id .",'".$this->db->db_addslashes(substr($_SERVER[ 'HTTP_USER_AGENT' ],0,199))."')",__LINE__,__FILE__);622 . " VALUES ('" . pg_escape_string($sessionid) . "','" . pg_escape_string($login). "','" 623 . pg_escape_string($user_ip) . "',$now,0," . (int)$account_id .",'".pg_escape_string(substr($_SERVER[ 'HTTP_USER_AGENT' ],0,199))."')",__LINE__,__FILE__); 623 624 } 624 625 else if($sessionid != 'bad login or password') 625 626 { 626 627 $GLOBALS['phpgw']->db->query("UPDATE phpgw_access_log SET lo=" . $now . " WHERE sessionid='" 627 . $sessionid. "'",__LINE__,__FILE__);628 . pg_escape_string($sessionid) . "'",__LINE__,__FILE__); 628 629 } 629 630 … … 662 663 } 663 664 */ 664 $login = $this->db->db_addslashes($login);665 $login = pg_escape_string($login); 665 666 $this->db->query("SELECT count(*) FROM phpgw_access_log WHERE account_id=0 AND (loginid='$login' OR loginid LIKE '$login@%') AND li > $block_time",__LINE__,__FILE__); 666 667 $this->db->next_record();
Note: See TracChangeset
for help on using the changeset viewer.