[Phpbb-php5mod-cvs-checkins] phpbb-php5 common.php,1.7,1.8 login.php,1.5,1.6 privmsg.php,1.7,1.8
Brought to you by:
jelly_doughnut
Menu
▾
▴
[Phpbb-php5mod-cvs-checkins] phpbb-php5 common.php,1.7,1.8 login.php,1.5,1.6 privmsg.php,1.7,1.8
|
From: Josh <jel...@us...> - 2005-12-31 01:35:34
|
Update of /cvsroot/phpbb-php5mod/phpbb-php5 In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv30842 Modified Files: common.php login.php privmsg.php Log Message: - 2.0.19 - Some Donut Holes Index: login.php =================================================================== RCS file: /cvsroot/phpbb-php5mod/phpbb-php5/login.php,v retrieving revision 1.5 retrieving revision 1.6 diff -C2 -d -r1.5 -r1.6 *** login.php 31 Oct 2005 03:18:41 -0000 1.5 --- login.php 31 Dec 2005 01:35:25 -0000 1.6 *************** *** 58,62 **** $password = isset($_POST['password']) ? $_POST['password'] : ''; ! $sql = "SELECT user_id, username, user_password, user_active, user_level FROM " . USERS_TABLE . " WHERE username = '" . str_replace("\\'", "''", $username) . "'"; --- 58,62 ---- $password = isset($_POST['password']) ? $_POST['password'] : ''; ! $sql = "SELECT user_id, username, user_password, user_active, user_level, user_login_tries, user_last_login_try FROM " . USERS_TABLE . " WHERE username = '" . str_replace("\\'", "''", $username) . "'"; *************** *** 74,77 **** --- 74,91 ---- else { + // If the last login is more than x minutes ago, then reset the login tries/time + if ($row['user_last_login_try'] && $board_config['login_reset_time'] && $row['user_last_login_try'] < (time() - ($board_config['login_reset_time'] * 60))) + { + $db->sql_query('UPDATE ' . USERS_TABLE . ' SET user_login_tries = 0, user_last_login_try = 0 WHERE user_id = ' . $row['user_id']); + $row['user_last_login_try'] = $row['user_login_tries'] = 0; + } + + // Check to see if user is allowed to login again... if his tries are exceeded + if ($row['user_last_login_try'] && $board_config['login_reset_time'] && $board_config['max_login_attempts'] && + $row['user_last_login_try'] >= (time() - ($board_config['login_reset_time'] * 60)) && $row['user_login_tries'] >= $board_config['max_login_attempts']) + { + message_die(GENERAL_MESSAGE, sprintf($lang['Login_attempts_exceeded'], $board_config['max_login_attempts'], $board_config['login_reset_time'])); + } + if( md5($password) == $row['user_password'] && $row['user_active'] ) { *************** *** 81,84 **** --- 95,101 ---- $session_id = session_begin($row['user_id'], $user_ip, PAGE_INDEX, FALSE, $autologin, $admin); + // Reset login tries + $db->sql_query('UPDATE ' . USERS_TABLE . ' SET user_login_tries = 0, user_last_login_try = 0 WHERE user_id = ' . $row['user_id']); + if( $session_id ) { *************** *** 93,96 **** --- 110,122 ---- else { + // Save login tries and last login + if ($row['user_id'] != ANONYMOUS) + { + $sql = 'UPDATE ' . USERS_TABLE . ' + SET user_login_tries = user_login_tries + 1, user_last_login_try = ' . time() . ' + WHERE user_id = ' . $row['user_id']; + $db->sql_query($sql); + } + $redirect = ( !empty($_POST['redirect']) ) ? str_replace('&', '&', htmlspecialchars($_POST['redirect'])) : ''; $redirect = str_replace('?', '&', $redirect); Index: privmsg.php =================================================================== RCS file: /cvsroot/phpbb-php5mod/phpbb-php5/privmsg.php,v retrieving revision 1.7 retrieving revision 1.8 diff -C2 -d -r1.7 -r1.8 *** privmsg.php 31 Oct 2005 03:18:41 -0000 1.7 --- privmsg.php 31 Dec 2005 01:35:25 -0000 1.8 *************** *** 36,41 **** } ! $html_entities_match = array('#&(?!(\#[0-9]+;))#', '#<#', '#>#'); ! $html_entities_replace = array('&', '<', '>'); // --- 36,41 ---- } ! $html_entities_match = array('#&(?!(\#[0-9]+;))#', '#<#', '#>#', '#"#'); ! $html_entities_replace = array('&', '<', '>', '"'); // Index: common.php =================================================================== RCS file: /cvsroot/phpbb-php5mod/phpbb-php5/common.php,v retrieving revision 1.7 retrieving revision 1.8 diff -C2 -d -r1.7 -r1.8 *** common.php 31 Oct 2005 21:03:26 -0000 1.7 --- common.php 31 Dec 2005 01:35:25 -0000 1.8 *************** *** 225,229 **** if (file_exists('install') || file_exists('contrib')) { ! message_die(GENERAL_MESSAGE, 'Please ensure both the install/ and contrib/ directories are deleted'); } --- 225,229 ---- if (file_exists('install') || file_exists('contrib')) { ! message_die(GENERAL_MESSAGE, 'Please_remove_install_contrib'); } |
