Uploaded image for project: 'phpBB3'
  1. phpBB3
  2. PHPBB3-10247

mediumint(8) too small for phpbb_login_attempts.attempt_id

    XMLWordPrintable

Details

    • Bug
    • Status: Closed (View Workflow)
    • Major
    • Resolution: Fixed
    • 3.0.9-RC3
    • 3.0.9-RC4
    • None
    • None

    Description

      Mediumint is 3 bytes in MySQL. Assuming there are 25000 failed login attempts per day, we will run out of free attempt_id values after

      (2^(3×8)÷25000)÷365 = ~2

      years.

      Solution is to either drop attempt_id if it is not needed or to change it to 4 byte integer.

      Considering half a million failed login attempts per day and four bytes:

      (2^(4×8)÷500000)÷365 = ~24 years

      Attachments

        Issue Links

          Activity

            People

              nickvergessen Joas Schilling [X] (Inactive)
              bantu Andreas Fischer
              Votes:
              0 Vote for this issue
              Watchers:
              0 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: