Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

add notification by email when an admin logs in from a new IP address. #1027

Merged
merged 7 commits into from
Mar 30, 2024

Conversation

michield
Copy link
Member

@michield michield commented Mar 3, 2024

Description

This does two things.

  1. ensure an admin is only logged in once
  2. send a notification when a login is from an IP address that hasn't been seen before.

Related Issue

Screenshots (if appropriate):

@michield michield requested a review from bramley March 3, 2024 15:18
Copy link
Contributor

@bramley bramley left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

A few comments after a quick skim-through the changed files

  • Should all fields on the new admin_login table be "not null"?

  • Should the detection of a new IP address be on a per-admin basis, i.e. a new IP address for that particular admin?

  • The sending of a notification of login from a new IP address seems confusing. The function sendAdminCopy() doesn't return success/failure but even if it did, it tries to send to the getConfig('admin_address') address, so there is no point in trying to send a further email to the same address if that failed.

  • I'm not sure that using sendAdminCopy() is appropriate though. It is described as "Send notifications about subscribe, update and unsubscribe". Maybe just send to the affected admin and also the system owner.

  • Using empty() is often unnecessary, e.g. this can be simply if (!$enabled)

    $enabled = getConfig('notify_admin_login');
    if (empty($enabled)) {
      return;
    }
  • There might be a need to view the contents of the admin_login table, otherwise would need to use a tool like phpmyadmin.
  • The admin_login table won't exist until an upgrade is performed, so all the uses of the table are going to fail.

@michield
Copy link
Member Author

michield commented Mar 9, 2024

A few comments after a quick skim-through the changed files

* Should all fields on the new `admin_login` table be "not null"?

Yes, good point, have added that.

* Should the detection of a new IP address be on a per-admin basis, i.e. a new IP address for that particular admin?

Yes, absolutely, that was an oversight.

* The sending of a notification of login from a new IP address seems confusing. The function sendAdminCopy() doesn't return success/failure but even if it did, it tries to send to the `getConfig('admin_address') `address, so there is no point in trying to send a further email to the same address if that failed.

* I'm not sure that using` sendAdminCopy()` is appropriate though. It is described as  "Send notifications about subscribe, update and unsubscribe". Maybe just send to the affected admin and also the system owner.

Yes, I agree, I'll change that.

* Using empty() is often unnecessary, e.g. this can be simply `if (!$enabled)`
    $enabled = getConfig('notify_admin_login');
    if (empty($enabled)) {
      return;
    }

Well, that's kind of cosmetic.

* There might be a need to view the contents of the admin_login table, otherwise would need to use a tool like phpmyadmin.

Yes, one to add at some point. There are more things we don't show in the UI, like the blacklist table.

* The admin_login table won't exist until an upgrade is performed, so all the uses of the table are going to fail.

Yes, I'll check that it won't block stuff like login, that would be bad.

@michield
Copy link
Member Author

michield commented Mar 9, 2024

OK, I've made sure it doesn't break on a non-upgraded system. I tried it and in fact, it allows you to login, but then kicks you our immediately.

I've also updated the sending of the alert. I'm not actually sure if "sendEmail" returns success or failure, but if it doesn't that would be good to change. So, the second bit may never kick in, but we can review that later.

@bramley
Copy link
Contributor

bramley commented Mar 10, 2024

it allows you to login, but then kicks you our immediately.

It didn't happen for me, and you don't want that to happen otherwise the database cannot be upgraded.

One further small comment, the layout of the email is a bit untidy possibly due to line-wrapping
image

@michield
Copy link
Member Author

Yes, the email content layout is really strange. The first one is slightly wonky, but any subsequent one is even worse

image

I'll try to figure out why, but sometimes life's too short ....

@michield
Copy link
Member Author

Ah, the culprit is https://github.com/phpList/phplist3/blob/main/public_html/lists/admin/languages.php#L385

Not sure why we're stripping newlines out there. I wonder what effect it has to remove that.

@michield
Copy link
Member Author

Ok, I've taken out the stripping of newlines. That should not matter for any other texts, as HTML ignores them anyway, so I think there's no issue with that. Also, reformatted the message a little to avoid line wrapping

@michield
Copy link
Member Author

I think this is ready to merge

@marianaballa marianaballa changed the base branch from main to release-3.6.15 March 27, 2024 15:39
@marianaballa marianaballa requested a review from aulona1 March 28, 2024 14:12
@michield michield merged commit 6a3c146 into release-3.6.15 Mar 30, 2024
6 of 7 checks passed
marianaballa added a commit that referenced this pull request Apr 26, 2024
* Translations for 3.6.15  (#1032)

* Translated using Weblate (English)

Currently translated at 91.4% (1950 of 2132 strings)

Translation: phpList/phpList3
Translate-URL: http://translate.phplist.org/projects/phplist/phplist3/en/

* Translated using Weblate (French)

Currently translated at 99.8% (2128 of 2132 strings)

Translation: phpList/phpList3
Translate-URL: http://translate.phplist.org/projects/phplist/phplist3/fr/

---------

Co-authored-by: Duncan Cameron <[email protected]>
Co-authored-by: Alain Rihs <[email protected]>

* Support for indicating and getting feedback for e-mail test messages (#1031)

* Update sendemaillib.php

1. Appended a test subject indicator to test messages
1. Added a reply-to address to test messages that have no manual reply-to: using the logged in admin's address or at least the general admin's

* Update sendemaillib.php

Rephrased variable name

* Update sendemaillib.php

Switched to using $admin_auth

* Allowing subscribers to be filtered by confirmed and/or blacklisted (#1030)

* Update users.php

Allowed to filter by confirmed and/or non blacklisted - and not just by unconfirmed and/or blacklisted

* Changed users to subscribers

* Bouncemgt - allowing processing only existing bounces + a related new rule action (#1028)

* Update bouncemgt.php

Added &justexisting=true

* Update processbounces.php

1. Added support for &justexisting=true
1. Added support for new bounce rule action

* Update lib.php

Added support for new bounce action

* Update bouncemgt.php

Added non default title (otherwise it takes the wrong one)

* Update processbounces.php

1. Replaced goto with if-else
1. Hardcoded "-1" instead of supplying it in a sprintf value

* Hardcoding defaults for older PHP versions

* Removed modern solution

* Update Common plugin and Segment plugin (#1024)

* Define timestamp columns explicitly (#1019)

* Define timestamp fields explicitly to avoid problem with the mysql setting explicit_defaults_for_timestamp

* Remove setting of timestamp fields that are automatically updated

* update CI to remove old PHP versions and add 8.3 (#1004)

* Escape single quote in error message (#1003)

* Allow ajax page links to have a title, defaulting to the link description (#1002)

Fixes #996

* Update CONTRIBUTING.md (#994)

Removed obsolete references

* update UUID class to the latest upstream (#990)

* update UUID class to the latest upstream

* clean up old files

* use the list order, even when grouping by category (#1025)

* restore ability to create other super users (#1014)

* restore ability to create other super users

* correctly initialise the privileges array

* Bounces' subscriber' status indicator + allowing to confirm right from bounces (#1029)

* Update listbounces.php

Added support for confirmed/blacklisted indicator

* Update bounces.php

Added confirmed/blacklisted indicator

* Update bounce.php

1. Added confirmed/blacklisted indicator
1. Added support for confirming user from a bounce

* Update bounce.php

1. Avoided ternary if because translation system doesn't support it
1. Used the newer s() function

* Update listbounces.php

Added curly brackets

* Used potential translation

* Php8fixes 202401 (#1026)

* remove deprecated ini_set call

* stop possible warning

* avoid warning

* avoid warning

* cast to int

* avoid warning on existing being null

* force template to be an integer

* suppress warnings

* check on valid var and cast to int

* give buttons an ID, so they can be targetted with testing

* avoid warning on empty array index

* add notification by email when an admin logs in from a new IP address. (#1027)

* add notification by email when an admin logs in from a new IP address.

* check IP per admin

* force columns to be not null

* prevent blocking login on an non-upgraded system and send login alert just to admin, or superuser

* keep newlines in translation as they are

* make shorter lines, so it renders a bit better

* Remove redundant upgrade steps (#1020)

* Remove steps that are unnecessary due to the 3.2.0 being the minimum upgrade version

* Keep silent when there are no subscriber UUIDs to generate

* Remove other unnecessary upgrade steps

---------

Co-authored-by: Michiel Dethmers <[email protected]>

* Use utf8mb4 for the connection etc (#1001)

* Use utf8mb4 for the connection etc

* Support utf8mb4 in campaign subject and content

---------

Co-authored-by: Michiel Dethmers <[email protected]>

* use PHP8.2 to build

* use latest phplint

* update docker build from bookworm

* set version

* avoid the admin being kicked out after upgrade (#1033)

* mark update translations as @wip

---------

Co-authored-by: Duncan Cameron <[email protected]>
Co-authored-by: Alain Rihs <[email protected]>
Co-authored-by: lwcorp <[email protected]>
Co-authored-by: Duncan Cameron <[email protected]>
Co-authored-by: Michiel Dethmers <[email protected]>
@utagawal
Copy link
Contributor

utagawal commented May 4, 2024

Hello,

Upgraded to version 3.6.15 and it seems this feature is creating side effect on API connection with a superuser.
Have you tested this ?
We cannot connect anylonger to the phpList rest API from our phpBB extension. The log entry is :

Identification invalide de [IP v6 addresss] sur [ID name] (erreur OK)

@bramley
Copy link
Contributor

bramley commented May 5, 2024

Upgraded to version 3.6.15 and it seems this feature is creating side effect on API connection with a superuser. Have you tested this ? We cannot connect anylonger to the phpList rest API from our phpBB extension. The log entry is :

Identification invalide de [IP v6 addresss] sur [ID name] (erreur OK)

You might have the same problem as described here #1038 (comment)

A work-around is to rename or delete the admin_login table.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

Successfully merging this pull request may close these issues.

3 participants