From 3f38b61366a6b594102cfe555157bf0e7141cd51 Mon Sep 17 00:00:00 2001
From: Hugues Lismonde <hugues.lismonde@gmail.com>
Date: Tue, 4 Feb 2020 16:11:53 +0100
Subject: [PATCH] Fix forwarded IP comparison in login-ip plugin

The issue described in #372 is the same for the HTTP_X_FORWARDED_FOR comparison. strncasecmp returns 0 when the two strings are equal which is falsey.
---
 plugins/login-ip.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/plugins/login-ip.php b/plugins/login-ip.php
index 1d51551c..c6f3f8e8 100644
--- a/plugins/login-ip.php
+++ b/plugins/login-ip.php
@@ -29,7 +29,7 @@ class AdminerLoginIp {
 				}
 				if ($_SERVER["HTTP_X_FORWARDED_FOR"]) {
 					foreach ($this->forwarded_for as $forwarded_for) {
-						if (strncasecmp(preg_replace('~.*, *~', '', $_SERVER["HTTP_X_FORWARDED_FOR"]), $forwarded_for, strlen($forwarded_for))) {
+						if (strncasecmp(preg_replace('~.*, *~', '', $_SERVER["HTTP_X_FORWARDED_FOR"]), $forwarded_for, strlen($forwarded_for)) == 0) {
 							return true;
 						}
 					}