Menu
▾
▴
[mxbb-commits] core common.php,1.45,1.46 login.php,1.15,1.16
|
From: Andrew <men...@us...> - 2005-12-30 18:50:02
|
Update of /cvsroot/mxbb/core In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv14789 Modified Files: common.php login.php Log Message: Updated in compliance with phpBB 2.0.19's release. Index: login.php =================================================================== RCS file: /cvsroot/mxbb/core/login.php,v retrieving revision 1.15 retrieving revision 1.16 diff -C2 -d -r1.15 -r1.16 *** login.php 9 Dec 2005 23:22:03 -0000 1.15 --- login.php 30 Dec 2005 18:49:52 -0000 1.16 *************** *** 56,60 **** $password = isset($HTTP_POST_VARS['password']) ? $HTTP_POST_VARS['password'] : ''; ! $sql = "SELECT user_id, username, user_password, user_active, user_level FROM " . USERS_TABLE . " WHERE username = '" . str_replace("\\'", "''", $username) . "'"; --- 56,60 ---- $password = isset($HTTP_POST_VARS['password']) ? $HTTP_POST_VARS['password'] : ''; ! $sql = "SELECT user_id, username, user_password, user_active, user_level, user_login_tries, user_last_login_try FROM " . USERS_TABLE . " WHERE username = '" . str_replace("\\'", "''", $username) . "'"; *************** *** 72,75 **** --- 72,90 ---- else { + + // If the last login is more than x minutes ago, then reset the login tries/time + if ($row['user_last_login_try'] && $board_config['login_reset_time'] && $row['user_last_login_try'] < (time() - ($board_config['login_reset_time'] * 60))) + { + $db->sql_query('UPDATE ' . USERS_TABLE . ' SET user_login_tries = 0, user_last_login_try = 0 WHERE user_id = ' . $row['user_id']); + $row['user_last_login_try'] = $row['user_login_tries'] = 0; + } + + // Check to see if user is allowed to login again... if his tries are exceeded + if ($row['user_last_login_try'] && $board_config['login_reset_time'] && $board_config['max_login_attempts'] && + $row['user_last_login_try'] >= (time() - ($board_config['login_reset_time'] * 60)) && $row['user_login_tries'] >= $board_config['max_login_attempts']) + { + message_die(GENERAL_MESSAGE, sprintf($lang['Login_attempts_exceeded'], $board_config['max_login_attempts'], $board_config['login_reset_time'])); + } + if( md5($password) == $row['user_password'] && $row['user_active'] ) { *************** *** 78,81 **** --- 93,99 ---- $admin = (isset($HTTP_POST_VARS['admin'])) ? 1 : 0; $session_id = session_begin($row['user_id'], $user_ip, PAGE_INDEX, FALSE, $autologin, $admin); + + // Reset login tries + $db->sql_query('UPDATE ' . USERS_TABLE . ' SET user_login_tries = 0, user_last_login_try = 0 WHERE user_id = ' . $row['user_id']); if( $session_id ) *************** *** 91,94 **** --- 109,122 ---- else { + + // Save login tries and last login + if ($row['user_id'] != ANONYMOUS) + { + $sql = 'UPDATE ' . USERS_TABLE . ' + SET user_login_tries = user_login_tries + 1, user_last_login_try = ' . time() . ' + WHERE user_id = ' . $row['user_id']; + $db->sql_query($sql); + } + $redirect = ( !empty($HTTP_POST_VARS['redirect']) ) ? str_replace('&', '&', htmlspecialchars($HTTP_POST_VARS['redirect'])) : ''; $redirect = str_replace('?', '&', $redirect); Index: common.php =================================================================== RCS file: /cvsroot/mxbb/core/common.php,v retrieving revision 1.45 retrieving revision 1.46 diff -C2 -d -r1.45 -r1.46 *** common.php 9 Dec 2005 23:22:03 -0000 1.45 --- common.php 30 Dec 2005 18:49:51 -0000 1.46 *************** *** 298,302 **** if( file_exists('install') || file_exists('contrib') ) { ! mx_message_die(GENERAL_MESSAGE, 'Please ensure both the install/ and contrib/ directories are deleted'); } --- 298,302 ---- if( file_exists('install') || file_exists('contrib') ) { ! mx_message_die(GENERAL_MESSAGE, 'Please_remove_install_contrib'); } |
