From 66e40c72224452f5734061237978cdea3ea9e710 Mon Sep 17 00:00:00 2001
From: Roland Gruber <post@rolandgruber.de>
Date: Wed, 6 Aug 2008 19:01:03 +0000
Subject: [PATCH] log denied clients

---
 lam/lib/security.inc | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/lam/lib/security.inc b/lam/lib/security.inc
index b1081b05..393677e1 100644
--- a/lam/lib/security.inc
+++ b/lam/lib/security.inc
@@ -49,11 +49,13 @@ function startSecureSession() {
 	// check session id
 	if (! isset($_SESSION["sec_session_id"]) || ($_SESSION["sec_session_id"] != session_id())) {
 		// session id is invalid
+		logNewMessage(LOG_WARNING, "Invalid session ID, access denied (" . $_SERVER['REMOTE_ADDR'] . ")");
 		die();
 	}
 	// check if client IP has not changed
 	if (!isset($_SESSION["sec_client_ip"]) || ($_SESSION["sec_client_ip"] != $_SERVER['REMOTE_ADDR'])) {
 		// IP is invalid
+		logNewMessage(LOG_WARNING, "Client IP changed, access denied (" . $_SERVER['REMOTE_ADDR'] . ")");
 		die();
 	}
 	// check if session time has not expired
@@ -93,7 +95,10 @@ function checkClientIP() {
 		}
 	}
 	// stop script is client may not access LAM
-	if (!$grantAccess) die();
+	if (!$grantAccess) {
+		logNewMessage(LOG_WARNING, "Invalid client IP, access denied (" . $_SERVER['REMOTE_ADDR'] . ")");
+		die();
+	}
 }
 
 /**