Fixed logging of user id in authentication failures
authorMarcel Werk <burntime@woltlab.com>
Mon, 23 May 2016 14:19:30 +0000 (16:19 +0200)
committerMarcel Werk <burntime@woltlab.com>
Mon, 23 May 2016 14:19:30 +0000 (16:19 +0200)
wcfsetup/install/files/lib/acp/form/LoginForm.class.php

index 1dee48335cc943faf579251d4b99888da555440a..da8418b9017853b6b360deb1bddac20fe953b35b 100755 (executable)
@@ -150,10 +150,13 @@ class LoginForm extends AbstractCaptchaForm {
                // save authentication failure
                if (ENABLE_USER_AUTHENTICATION_FAILURE) {
                        if ($this->errorField == 'username' || $this->errorField == 'password') {
+                               $user = User::getUserByUsername($this->username);
+                               if (!$user->userID) $user = User::getUserByEmail($this->username);
+                                       
                                $action = new UserAuthenticationFailureAction([], 'create', [
                                        'data' => [
                                                'environment' => (RequestHandler::getInstance()->isACPRequest() ? 'admin' : 'user'),
-                                               'userID' => ($this->user !== null ? $this->user->userID : null),
+                                               'userID' => ($user->userID ?: null),
                                                'username' => $this->username,
                                                'time' => TIME_NOW,
                                                'ipAddress' => UserUtil::getIpAddress(),