PHPBB3-10247 mediumint(8) too small for phpbb_login_attempts.attempt_id

Fix 3.0.9 files and 3.0.8 database

diff --git a/phpBB/includes/auth/auth_db.php b/phpBB/includes/auth/auth_db.php
index 6ca69d9..9d7deda 100644
--- a/phpBB/includes/auth/auth_db.php
+++ b/phpBB/includes/auth/auth_db.php
@@ -72,6 +72,9 @@ function login_db($username, $password, $ip = '', $browser = '', $forwarded_for
 	if (($ip && !$config['ip_login_limit_use_forwarded']) ||
 		($forwarded_for && $config['ip_login_limit_use_forwarded']))
 	{
+		// If the database is not yet updated, there will be an error due to missing LOGIN_ATTEMPT_TABLE
+		$db->sql_return_on_error(true);
+
 		$sql = 'SELECT COUNT(*) AS attempts
 			FROM ' . LOGIN_ATTEMPT_TABLE . '
 			WHERE attempt_time > ' . (time() - (int) $config['ip_login_limit_time']);
@@ -85,20 +88,27 @@ function login_db($username, $password, $ip = '', $browser = '', $forwarded_for
 		}
 
 		$result = $db->sql_query($sql);
-		$attempts = (int) $db->sql_fetchfield('attempts');
-		$db->sql_freeresult($result);
 
-		$attempt_data = array(
-			'attempt_ip'			=> $ip,
-			'attempt_browser'		=> trim(substr($browser, 0, 149)),
-			'attempt_forwarded_for'	=> $forwarded_for,
-			'attempt_time'			=> time(),
-			'user_id'				=> ($row) ? (int) $row['user_id'] : 0,
-			'username'				=> $username,
-			'username_clean'		=> $username_clean,
-		);
-		$sql = 'INSERT INTO ' . LOGIN_ATTEMPT_TABLE . $db->sql_build_array('INSERT', $attempt_data);
-		$result = $db->sql_query($sql);
+		$db->sql_return_on_error(false);
+
+		$attempts = 0;
+		if ($result !== false)
+		{
+			$attempts = (int) $db->sql_fetchfield('attempts');
+			$attempt_data = array(
+				'attempt_ip'			=> $ip,
+				'attempt_browser'		=> trim(substr($browser, 0, 149)),
+				'attempt_forwarded_for'	=> $forwarded_for,
+				'attempt_time'			=> time(),
+				'user_id'				=> ($row) ? (int) $row['user_id'] : 0,
+				'username'				=> $username,
+				'username_clean'		=> $username_clean,
+			);
+			$sql = 'INSERT INTO ' . LOGIN_ATTEMPT_TABLE . $db->sql_build_array('INSERT', $attempt_data);
+			$db->sql_query($sql);
+		}
+
+		$db->sql_freeresult($result);
 	}
 	else
 	{
@@ -218,10 +228,15 @@ function login_db($username, $password, $ip = '', $browser = '', $forwarded_for
 			$row['user_password'] = $hash;
 		}
 
+		// If the database is not yet updated, there will be an error due to missing LOGIN_ATTEMPT_TABLE
+		$db->sql_return_on_error(true);
+
 		$sql = 'DELETE FROM ' . LOGIN_ATTEMPT_TABLE . '
 			WHERE user_id = ' . $row['user_id'];
 		$db->sql_query($sql);
 
+		$db->sql_return_on_error(false);
+
 		if ($row['user_login_attempts'] != 0)
 		{
 			// Successful, reset login attempts (the user passed all stages)

Fix update issue

diff --git a/phpBB/install/database_update.php b/phpBB/install/database_update.php
index fe29465..2cceca2 100644
--- a/phpBB/install/database_update.php
+++ b/phpBB/install/database_update.php
@@ -960,7 +960,7 @@ function database_update_info()
 						'username'				=> array('VCHAR_UNI:255', 0),
 						'username_clean'		=> array('VCHAR_CI', 0),
 					),
-					'PRIMARY_KEY'		=> 'attempt_id',
+					//'PRIMARY_KEY'		=> 'attempt_id',
 					'KEYS'				=> array(
 						'att_ip'			=> array('INDEX', array('attempt_ip', 'attempt_time')),
 						'att_for'	=> array('INDEX', array('attempt_forwarded_for', 'attempt_time')),