X-Git-Url: https://delta.frontaccounting.com/gitweb/?a=blobdiff_plain;f=includes%2Fsession.inc;h=e2a7fca2f2e65f1bcb11684265e942697bb22e33;hb=9a1b3abd5371ad7f6315db1d56f8356587444314;hp=d8a82f8bd0699087dae83f27ff70d1fc1bf3a6fb;hpb=99c698c6fca8ef2fd7933eac66f9b7fbf24f45d7;p=fa-stable.git

diff --git a/includes/session.inc b/includes/session.inc
index d8a82f8b..e2a7fca2 100644
--- a/includes/session.inc
+++ b/includes/session.inc
@@ -149,9 +149,9 @@ function password_reset_fail()
 	global $path_to_root;
 	
   echo "<center><br><br><font size='5' color='red'><b>" . _("Incorrect Email") . "<b></font><br><br>";
-  echo "<b>" . _("The email address does not exist in the system.") . "<b><br><br>";
+  echo "<b>" . _("The email address does not exist in the system, or is used by more than one user.") . "<b><br><br>";
 
-  echo _("If you are not an authorized user, please contact your system administrator to obtain an account to enable you to use the system.");
+  echo _("Plase try again or contact your system administrator to obtain new password.");
   echo "<br><a href='$path_to_root/index.php?reset=1'>" . _("Try again") . "</a>";
   echo "</center>";
 
@@ -184,6 +184,16 @@ function check_faillog()
 
 	return false;
 }
+
+/*
+	Ensure file is re-read on next request if php caching is active
+*/
+function cache_invalidate($filename)
+{
+	if (function_exists('opcache_invalidate'))	// OpCode extension
+		opcache_invalidate($filename);
+}
+
 /*
 	Simple brute force attack detection is performed before connection to company database is open. Therefore access counters have to be stored in file.
 	Login attempts counter is created for every new user IP, which partialy prevent DOS attacks.
@@ -222,6 +232,7 @@ function write_login_filelog($login, $result)
 	if ((!file_exists($filename) && is_writable($path_to_root.'/tmp')) || is_writable($filename))
 	{
 		file_put_contents($filename, $msg);
+		cache_invalidate($filename);
 	}
 }
 
@@ -408,7 +419,6 @@ if ($SysPrefs->error_logfile != '') {
 	ini_set("log_errors", "On");
 }
 
-
 /*
 	Uncomment the setting below when using FA on shared hosting
 	to avoid unexpeced session timeouts.
@@ -476,7 +486,7 @@ if (!defined('FA_LOGOUT_PHP_FILE')){
 	login_timeout();
 
 	if (!$_SESSION["wa_current_user"]->old_db)
-		include_once($path_to_root . '/company/'.user_company().'/installed_extensions.php');
+		include($path_to_root . '/company/'.user_company().'/installed_extensions.php');
 
 	install_hooks();