From fc42c7d2e4803137287d7324e28bd83f0d01c4dd Mon Sep 17 00:00:00 2001
From: Prabhat Kumar <prabhatkumar.oc082@webkul.com>
Date: Tue, 24 Aug 2021 13:03:33 +0530
Subject: [PATCH] Fixed multiple IP issue of login attempts

---
 upload/admin/model/user/user.php          | 2 +-
 upload/catalog/model/account/customer.php | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/upload/admin/model/user/user.php b/upload/admin/model/user/user.php
index 88167c708e8..a41fdd98edf 100644
--- a/upload/admin/model/user/user.php
+++ b/upload/admin/model/user/user.php
@@ -107,7 +107,7 @@ public function getTotalUsersByEmail($email) {
 	}
 
 	public function addLoginAttempt($username) {
-		$query = $this->db->query("SELECT * FROM " . DB_PREFIX . "customer_login WHERE email = '" . $this->db->escape(utf8_strtolower((string)$username)) . "' AND ip = '" . $this->db->escape($this->request->server['REMOTE_ADDR']) . "'");
+		$query = $this->db->query("SELECT * FROM " . DB_PREFIX . "customer_login WHERE email = '" . $this->db->escape(utf8_strtolower((string)$username)) . "'");
 
 		if (!$query->num_rows) {
 			$this->db->query("INSERT INTO " . DB_PREFIX . "customer_login SET email = '" . $this->db->escape(utf8_strtolower((string)$username)) . "', ip = '" . $this->db->escape($this->request->server['REMOTE_ADDR']) . "', total = 1, date_added = '" . $this->db->escape(date('Y-m-d H:i:s')) . "', date_modified = '" . $this->db->escape(date('Y-m-d H:i:s')) . "'");
diff --git a/upload/catalog/model/account/customer.php b/upload/catalog/model/account/customer.php
index 4d74bab39a8..db9867f6af8 100644
--- a/upload/catalog/model/account/customer.php
+++ b/upload/catalog/model/account/customer.php
@@ -107,7 +107,7 @@ public function getIps($customer_id) {
 	}
 
 	public function addLoginAttempt($email) {
-		$query = $this->db->query("SELECT * FROM " . DB_PREFIX . "customer_login WHERE email = '" . $this->db->escape(utf8_strtolower((string)$email)) . "' AND ip = '" . $this->db->escape($this->request->server['REMOTE_ADDR']) . "'");
+		$query = $this->db->query("SELECT * FROM " . DB_PREFIX . "customer_login WHERE email = '" . $this->db->escape(utf8_strtolower((string)$email)) . "'");
 
 		if (!$query->num_rows) {
 			$this->db->query("INSERT INTO " . DB_PREFIX . "customer_login SET email = '" . $this->db->escape(utf8_strtolower((string)$email)) . "', ip = '" . $this->db->escape($this->request->server['REMOTE_ADDR']) . "', total = 1, date_added = '" . $this->db->escape(date('Y-m-d H:i:s')) . "', date_modified = '" . $this->db->escape(date('Y-m-d H:i:s')) . "'");