Fix forwarded IP comparison in login-ip plugin

The issue described in #372 is the same for the HTTP_X_FORWARDED_FOR comparison. strncasecmp returns 0 when the two strings are equal which is falsey.

diff --git a/plugins/login-ip.php b/plugins/login-ip.php
index 1d51551c9d0064c4d81008e1f4aa5f3f96aa38ed..c6f3f8e8247197f2356989b68f0d69d859e1de86 100644 (file)
--- a/plugins/login-ip.php
+++ b/plugins/login-ip.php
@@ -29,7 +29,7 @@ class AdminerLoginIp {
                                }
                                if ($_SERVER["HTTP_X_FORWARDED_FOR"]) {
                                        foreach ($this->forwarded_for as $forwarded_for) {
-                                               if (strncasecmp(preg_replace('~.*, *~', '', $_SERVER["HTTP_X_FORWARDED_FOR"]), $forwarded_for, strlen($forwarded_for))) {
+                                               if (strncasecmp(preg_replace('~.*, *~', '', $_SERVER["HTTP_X_FORWARDED_FOR"]), $forwarded_for, strlen($forwarded_for)) == 0) {
                                                        return true;
                                                }
                                        }