From 30a006eab0d1afdb7ca3ff01b796fcd4d8d1f3fd Mon Sep 17 00:00:00 2001
From: Eric Schultz <eric@startuperic.com>
Date: Thu, 9 Jul 2020 21:48:04 -0500
Subject: [PATCH] store WAN IP in the login session

---
 login.php | 10 ++++++++++
 1 file changed, 10 insertions(+)

diff --git a/login.php b/login.php
index e93a98e9c..183cfd37a 100644
--- a/login.php
+++ b/login.php
@@ -11,6 +11,7 @@ if ($_SERVER['REQUEST_URI'] == '/logout') {
         session_start();
         unset($_SESSION['unraid_login']);
         unset($_SESSION['unraid_user']);
+        unset($_SESSION['unraid_user_wanip']);
         // delete session file
         session_destroy();
         // delete the session cookie
@@ -29,6 +30,7 @@ if ($_SERVER['REQUEST_URI'] == '/logout') {
             session_start();
             $_SESSION['unraid_login'] = time();
             $_SESSION['unraid_user'] = $_POST['username'];
+            $_SESSION['unraid_user_wanip'] = $_POST['wanip'];
             session_regenerate_id(true);
             session_write_close();
             exec("logger -t webGUI ".escapeshellarg("Successful login user {$_POST['username']} from {$_SERVER['REMOTE_ADDR']}"));
@@ -342,6 +344,7 @@ $theme_dark = in_array($display['theme'],['black','gray']);
                     <p>
                         <input name="username" type="text" placeholder="Username" autocapitalize="none" autocomplete="off" autofocus required>
                         <input name="password" type="password" placeholder="Password" required>
+                        <input id="wanip" type="hidden" value="">
                     </p>
                     <? if ($error) echo '<p class="error">'.$error.'</p>'; ?>
                     <script type="text/javascript">
@@ -351,6 +354,13 @@ $theme_dark = in_array($display['theme'],['black','gray']);
                         if (!cookieEnabled) {
                             document.write('<p class="error">Browser cookie support required for login</p>');
                         }
+                        var xmlHttp = new XMLHttpRequest();
+                        xmlHttp.onreadystatechange = function() { 
+                            if (xmlHttp.readyState == 4 && xmlHttp.status == 200)
+                                document.getElementById('wanip').value = xmlHttp.responseText;
+                        };
+                        xmlHttp.open("GET", "https://proxy.unraid.net/wanip", true);
+                        xmlHttp.send(null);
                     </script>
                     <p>
                         <button type="submit" class="button button--small">Login</button>