summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--CHANGELOG1
-rw-r--r--index.php7
-rw-r--r--program/include/main.inc28
3 files changed, 30 insertions, 6 deletions
diff --git a/CHANGELOG b/CHANGELOG
index fdfaf29fc..31063e7ce 100644
--- a/CHANGELOG
+++ b/CHANGELOG
@@ -1,6 +1,7 @@
CHANGELOG RoundCube Webmail
===========================
+- Add HTTP_X_REAL_IP and HTTP_X_FORWARDED_FOR to successful logins log (#1486441)
- Fix setting spellcheck languages with extended codes (#1486605)
- Fix messages list scrolling in FF3.6 (#1486472)
- Fix quicksearch input focus (#1486637)
diff --git a/index.php b/index.php
index d3cf06f0a..43cf7c413 100644
--- a/index.php
+++ b/index.php
@@ -103,12 +103,7 @@ if ($RCMAIL->task == 'login' && $RCMAIL->action == 'login') {
$RCMAIL->authenticate_session();
// log successful login
- if ($RCMAIL->config->get('log_logins')) {
- write_log('userlogins', sprintf('Successful login for %s (id %d) from %s',
- $RCMAIL->user->get_username(),
- $RCMAIL->user->ID,
- $_SERVER['REMOTE_ADDR']));
- }
+ rcmail_log_login();
// restore original request parameters
$query = array();
diff --git a/program/include/main.inc b/program/include/main.inc
index 9e1813182..1dbf0d406 100644
--- a/program/include/main.inc
+++ b/program/include/main.inc
@@ -1141,6 +1141,34 @@ function write_log($name, $line)
/**
+ * Write login data (name, ID, IP address) to the 'userlogins' log file.
+ */
+function rcmail_log_login()
+{
+ global $RCMAIL;
+
+ if (!$RCMAIL->config->get('log_logins') || !$RCMAIL->user)
+ return;
+
+ $address = $_SERVER['REMOTE_ADDR'];
+ // append the NGINX X-Real-IP header, if set
+ if (!empty($_SERVER['HTTP_X_REAL_IP'])) {
+ $remote_ip[] = 'X-Real-IP: ' . $_SERVER['HTTP_X_REAL_IP'];
+ }
+ // append the X-Forwarded-For header, if set
+ if (!empty($_SERVER['HTTP_X_FORWARDED_FOR'])) {
+ $remote_ip[] = 'X-Forwarded-For: ' . $_SERVER['HTTP_X_FORWARDED_FOR'];
+ }
+
+ if (!empty($remote_ip))
+ $address .= '(' . implode(',', $remote_ip) . ')';
+
+ write_log('userlogins', sprintf('Successful login for %s (ID: %d) from %s',
+ $RCMAIL->user->get_username(), $RCMAIL->user->ID, $address));
+}
+
+
+/**
* @access private
*/
function rcube_timer()