2015-01-25, 02:52 PM
SQL Error:
1264 - Out of range value for column 'loginattempts' at row 1
Query:
UPDATE users SET
How to reproduce: Simply trying to login.
Okay I went to the database and reset that column to 1. It was 127.
But well it's a serious bug, if someone wants to lock a certain account from being accessed, only he needs to do is try to login 127 times.
Honestly, some counter-measures should have been placed on his IP address or something to avoid this instead of relying on cookies.
Not sure if the counter can be upgraded immediately to 127 via cookies tinkering, but if it is, all the more to patch this urgently.
1264 - Out of range value for column 'loginattempts' at row 1
Query:
UPDATE users SET
loginattempts=loginattempts+1 WHERE uid='1' LIMIT 1How to reproduce: Simply trying to login.
Okay I went to the database and reset that column to 1. It was 127.
But well it's a serious bug, if someone wants to lock a certain account from being accessed, only he needs to do is try to login 127 times.
Honestly, some counter-measures should have been placed on his IP address or something to avoid this instead of relying on cookies.
Not sure if the counter can be upgraded immediately to 127 via cookies tinkering, but if it is, all the more to patch this urgently.