Update of /cvsroot/phpbb-php5mod/phpbb-php5
In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv30842
Modified Files:
common.php login.php privmsg.php
Log Message:
- 2.0.19
- Some Donut Holes
Index: login.php
===================================================================
RCS file: /cvsroot/phpbb-php5mod/phpbb-php5/login.php,v
retrieving revision 1.5
retrieving revision 1.6
diff -C2 -d -r1.5 -r1.6
*** login.php 31 Oct 2005 03:18:41 -0000 1.5
--- login.php 31 Dec 2005 01:35:25 -0000 1.6
***************
*** 58,62 ****
$password = isset($_POST['password']) ? $_POST['password'] : '';
! $sql = "SELECT user_id, username, user_password, user_active, user_level
FROM " . USERS_TABLE . "
WHERE username = '" . str_replace("\\'", "''", $username) . "'";
--- 58,62 ----
$password = isset($_POST['password']) ? $_POST['password'] : '';
! $sql = "SELECT user_id, username, user_password, user_active, user_level, user_login_tries, user_last_login_try
FROM " . USERS_TABLE . "
WHERE username = '" . str_replace("\\'", "''", $username) . "'";
***************
*** 74,77 ****
--- 74,91 ----
else
{
+ // If the last login is more than x minutes ago, then reset the login tries/time
+ if ($row['user_last_login_try'] && $board_config['login_reset_time'] && $row['user_last_login_try'] < (time() - ($board_config['login_reset_time'] * 60)))
+ {
+ $db->sql_query('UPDATE ' . USERS_TABLE . ' SET user_login_tries = 0, user_last_login_try = 0 WHERE user_id = ' . $row['user_id']);
+ $row['user_last_login_try'] = $row['user_login_tries'] = 0;
+ }
+
+ // Check to see if user is allowed to login again... if his tries are exceeded
+ if ($row['user_last_login_try'] && $board_config['login_reset_time'] && $board_config['max_login_attempts'] &&
+ $row['user_last_login_try'] >= (time() - ($board_config['login_reset_time'] * 60)) && $row['user_login_tries'] >= $board_config['max_login_attempts'])
+ {
+ message_die(GENERAL_MESSAGE, sprintf($lang['Login_attempts_exceeded'], $board_config['max_login_attempts'], $board_config['login_reset_time']));
+ }
+
if( md5($password) == $row['user_password'] && $row['user_active'] )
{
***************
*** 81,84 ****
--- 95,101 ----
$session_id = session_begin($row['user_id'], $user_ip, PAGE_INDEX, FALSE, $autologin, $admin);
+ // Reset login tries
+ $db->sql_query('UPDATE ' . USERS_TABLE . ' SET user_login_tries = 0, user_last_login_try = 0 WHERE user_id = ' . $row['user_id']);
+
if( $session_id )
{
***************
*** 93,96 ****
--- 110,122 ----
else
{
+ // Save login tries and last login
+ if ($row['user_id'] != ANONYMOUS)
+ {
+ $sql = 'UPDATE ' . USERS_TABLE . '
+ SET user_login_tries = user_login_tries + 1, user_last_login_try = ' . time() . '
+ WHERE user_id = ' . $row['user_id'];
+ $db->sql_query($sql);
+ }
+
$redirect = ( !empty($_POST['redirect']) ) ? str_replace('&', '&', htmlspecialchars($_POST['redirect'])) : '';
$redirect = str_replace('?', '&', $redirect);
Index: privmsg.php
===================================================================
RCS file: /cvsroot/phpbb-php5mod/phpbb-php5/privmsg.php,v
retrieving revision 1.7
retrieving revision 1.8
diff -C2 -d -r1.7 -r1.8
*** privmsg.php 31 Oct 2005 03:18:41 -0000 1.7
--- privmsg.php 31 Dec 2005 01:35:25 -0000 1.8
***************
*** 36,41 ****
}
! $html_entities_match = array('#&(?!(\#[0-9]+;))#', '#<#', '#>#');
! $html_entities_replace = array('&', '<', '>');
//
--- 36,41 ----
}
! $html_entities_match = array('#&(?!(\#[0-9]+;))#', '#<#', '#>#', '#"#');
! $html_entities_replace = array('&', '<', '>', '"');
//
Index: common.php
===================================================================
RCS file: /cvsroot/phpbb-php5mod/phpbb-php5/common.php,v
retrieving revision 1.7
retrieving revision 1.8
diff -C2 -d -r1.7 -r1.8
*** common.php 31 Oct 2005 21:03:26 -0000 1.7
--- common.php 31 Dec 2005 01:35:25 -0000 1.8
***************
*** 225,229 ****
if (file_exists('install') || file_exists('contrib'))
{
! message_die(GENERAL_MESSAGE, 'Please ensure both the install/ and contrib/ directories are deleted');
}
--- 225,229 ----
if (file_exists('install') || file_exists('contrib'))
{
! message_die(GENERAL_MESSAGE, 'Please_remove_install_contrib');
}
|
