diff options
-rw-r--r-- | CHANGELOG | 1 | ||||
-rw-r--r-- | config/defaults.inc.php | 2 | ||||
-rw-r--r-- | index.php | 5 | ||||
-rw-r--r-- | program/include/rcmail.php | 26 |
4 files changed, 24 insertions, 10 deletions
@@ -1,6 +1,7 @@ CHANGELOG Roundcube Webmail =========================== +- Log also failed logins to userlogins log - Add temp_dir_ttl configuration option (#1489304) - Allow setting INBOX as Sent folder (#1489219) - Fix replacement variables in user-specific base_dn in some LDAP requests (#1489279) diff --git a/config/defaults.inc.php b/config/defaults.inc.php index 512455275..2a51b0805 100644 --- a/config/defaults.inc.php +++ b/config/defaults.inc.php @@ -63,7 +63,7 @@ $config['syslog_facility'] = LOG_USER; // Log sent messages to <log_dir>/sendmail or to syslog $config['smtp_log'] = true; -// Log successful logins to <log_dir>/userlogins or to syslog +// Log successful/failed logins to <log_dir>/userlogins or to syslog $config['log_logins'] = false; // Log session authentication errors to <log_dir>/session or to syslog @@ -138,7 +138,7 @@ if ($RCMAIL->task == 'login' && $RCMAIL->action == 'login') { } else { if (!$auth['valid']) { - $error_code = RCMAIL::ERROR_INVALID_REQUEST; + $error_code = RCMAIL::ERROR_INVALID_REQUEST; } else { $error_code = $auth['error'] ? $auth['error'] : $RCMAIL->login_error(); @@ -153,6 +153,9 @@ if ($RCMAIL->task == 'login' && $RCMAIL->action == 'login') { $error_message = $error_labels[$error_code] ? $error_labels[$error_code] : 'loginfailed'; + // log failed login + $RCMAIL->log_login($auth['user'], true, $error_code); + $OUTPUT->show_message($error_message, 'warning'); $RCMAIL->plugins->exec_hook('login_failed', array( 'code' => $error_code, 'host' => $auth['host'], 'user' => $auth['user'])); diff --git a/program/include/rcmail.php b/program/include/rcmail.php index 62f6b6c46..1c9f3dd9c 100644 --- a/program/include/rcmail.php +++ b/program/include/rcmail.php @@ -954,22 +954,32 @@ class rcmail extends rcube /** * Write login data (name, ID, IP address) to the 'userlogins' log file. */ - public function log_login() + public function log_login($user, $failed_login = false, $error_code = 0) { if (!$this->config->get('log_logins')) { return; } - $user_name = $this->get_user_name(); - $user_id = $this->get_user_id(); + // failed login + if ($failed_login) { + $message = sprintf('Failed login for %s from %s in session %s (error: %d)', + $user, rcube_utils::remote_ip(), session_id(), $error_code); + } + // successful login + else { + $user_name = $this->get_user_name(); + $user_id = $this->get_user_id(); - if (!$user_id) { - return; + if (!$user_id) { + return; + } + + $message = sprintf('Successful login for %s (ID: %d) from %s in session %s', + $user_name, $user_id, rcube_utils::remote_ip(), session_id()); } - self::write_log('userlogins', - sprintf('Successful login for %s (ID: %d) from %s in session %s', - $user_name, $user_id, rcube_utils::remote_ip(), session_id())); + // log login + self::write_log('userlogins', $message); } |