[ticket/9992] Adding a limit on login attempts per IP.

A new table was created to save all failed login attempts with
corresponding information on username, ip and useragent. By default
the limit is 50 login attempts within 6 hours per IP. The limit is
relatively high to avoid big problems on sites behind a reverse
proxy that don't receive the forwarded-for value as REMOTE_ADDR but
see all users as coming from the same IP address. But if these
users run into problems a special forwarded-for option is available
to limit logins by forwarded-for value instead of ip.

PHPBB3-9992

phpBB/install/schemas/oracle_schema.sql

@@ -1,6 +1,6 @@
 /*
 
- $Id$
+ $Id: $
 
 */
 
@@ -740,6 +740,47 @@ END;
 /
 
 
+/*
+	Table: 'phpbb_login_attempts'
+*/
+CREATE TABLE phpbb_login_attempts (
+	attempt_id number(8) NOT NULL,
+	attempt_ip varchar2(40) DEFAULT '' ,
+	attempt_browser varchar2(150) DEFAULT '' ,
+	attempt_forwarded_for varchar2(255) DEFAULT '' ,
+	attempt_time number(11) DEFAULT '0' NOT NULL,
+	user_id number(8) DEFAULT '0' NOT NULL,
+	username varchar2(765) DEFAULT '0' NOT NULL,
+	username_clean varchar2(255) DEFAULT '0' NOT NULL,
+	CONSTRAINT pk_phpbb_login_attempts PRIMARY KEY (attempt_id)
+)
+/
+
+CREATE INDEX phpbb_login_attempts_attempt_ip ON phpbb_login_attempts (attempt_ip, attempt_time)
+/
+CREATE INDEX phpbb_login_attempts_attempt_forwarded_for ON phpbb_login_attempts (attempt_forwarded_for, attempt_time)
+/
+CREATE INDEX phpbb_login_attempts_attempt_time ON phpbb_login_attempts (attempt_time)
+/
+CREATE INDEX phpbb_login_attempts_user_id ON phpbb_login_attempts (user_id)
+/
+
+CREATE SEQUENCE phpbb_login_attempts_seq
+/
+
+CREATE OR REPLACE TRIGGER t_phpbb_login_attempts
+BEFORE INSERT ON phpbb_login_attempts
+FOR EACH ROW WHEN (
+	new.attempt_id IS NULL OR new.attempt_id = 0
+)
+BEGIN
+	SELECT phpbb_login_attempts_seq.nextval
+	INTO :new.attempt_id
+	FROM dual;
+END;
+/
+
+
 /*
 	Table: 'phpbb_moderator_cache'
 */