# This patch file was generated by NetBeans IDE # This patch can be applied using context Tools: Apply Diff Patch action on respective folder. # It uses platform neutral UTF-8 encoding. # Above lines and this line are ignored by the patching process. Index: contributions/modules/login_security/login_security.admin.inc --- contributions/modules/login_security/login_security.admin.inc Base (1.1.2.2) +++ contributions/modules/login_security/login_security.admin.inc Locally Modified (Based On 1.1.2.2) @@ -196,6 +196,14 @@ '#description' => t('Enter the message to be sent to the administrator informing about supicious activity.'), ); + //Clean event tracking list + $form['buttons']['login_security_clean_tracked_events'] = array( + '#type' => 'submit', + '#value' => t('Clear event tracking information'), + '#weight' => 20, + '#submit' => array('_login_security_clean_tracked_events'), + ); + return system_settings_form($form); } @@ -207,3 +215,11 @@ form_error($element, t('The !field field should be a positive integer value greater than or equal to 0.', array('!field' => $element['#title']))); } } + +/* + * Clean login_security_track table + */ +function _login_security_clean_tracked_events($form, &$form_state) { + drupal_set_message('Login Security event track list is now empty.'); + _login_security_remove_all_events(); +} \ No newline at end of file Index: contributions/modules/login_security/login_security.module --- contributions/modules/login_security/login_security.module Base (1.12.2.15) +++ contributions/modules/login_security/login_security.module Locally Modified (Based On 1.12.2.15) @@ -239,12 +239,28 @@ else { // Calculate protection time window and remove expired events $time = time() - (variable_get('login_security_track_time', LOGIN_SECURITY_TRACK_TIME) * 3600); - db_query("DELETE FROM {login_security_track} WHERE timestamp < %d", $time); + _login_security_remove_all_events($time); } return; } /** + * Remove all tracked events up to a date.. + * + * @param $time + * if specified, events up to this timestamp will be deleted. If not specified, + * all elements up to current timestamp will be deleted. + */ +function _login_security_remove_all_events($time = NULL) { + // Remove selected events + if (empty($time)) { + $time = time(); + } + db_query("DELETE FROM {login_security_track} WHERE timestamp < %d", $time); + return; +} + +/** * Save the login attempt in the tracking database: user name nd ip address. * * @param $name Index: contributions/modules/login_security/README.txt --- contributions/modules/login_security/README.txt Base (1.4.4.4) +++ contributions/modules/login_security/README.txt Locally Modified (Based On 1.4.4.4) @@ -97,7 +97,7 @@ Go to Administer -> Site configuration -> Login Security (the url path is admin/settings/login_security) and a form with the module options will be shown. -(Note: Any value set to 0 will disable that option.). You should have ' +(Note: Any value set to 0 will disable that option.). Basic options @@ -188,6 +188,15 @@ %activity_threshold : Value of attempts to detect ongoing attack. +Cleaning the event tracking information +--------------------------------------- +If for any reaons, you are encoutering problems with specific users (because +they are being delayed or access is restricted), or if you change settings and +want to do a module 'restart', you may clean the event track in this settings +page. At the bottom you will find a "Clea event tracking information" button. +If you click this button, all tracked events will be deleted. + + Understanding protections ------------------------- Internally, protections could consider user name, ip address or both. This is a