function login_fail()
{
global $path_to_root;
-
+
header("HTTP/1.1 401 Authorization Required");
echo "<center><br><br><font size='5' color='red'><b>" . _("Incorrect Password") . "<b></font><br><br>";
echo "<b>" . _("The user and password combination is not valid for the system.") . "<b><br><br>";
-
echo _("If you are not an authorized user, please contact your system administrator to obtain an account to enable you to use the system.");
echo "<br><a href='$path_to_root/index.php'>" . _("Try again") . "</a>";
echo "</center>";
-
kill_login();
die();
}
$user = $_SESSION["wa_current_user"]->user;
+ $_SESSION["wa_current_user"]->login_attempt++;
if (@$SysPrefs->login_delay && (@$login_faillog[$user][$_SERVER['REMOTE_ADDR']] >= @$SysPrefs->login_max_attempts) && (time() < $login_faillog[$user]['last'] + $SysPrefs->login_delay))
return true;
$_SESSION['timeout'] = array( 'uri'=>preg_replace('/JsHttpRequest=(?:(\d+)-)?([^&]+)/s',
'', html_specials_encode($_SERVER['REQUEST_URI'])),
'post' => $_POST);
-
+ if (in_ajax())
+ $Ajax->popup($path_to_root ."/access/timeout.php");
+ else
include($path_to_root . "/access/login.php");
- if (in_ajax())
- $Ajax->activate('_page_body');
exit;
} else {
if (isset($_POST["company_login_nickname"]) && !isset($_POST["company_login_name"])) {
if (!$succeed)
{
// Incorrect password
- login_fail();
+ if (isset($_SESSION['timeout'])) {
+ include($path_to_root . "/access/login.php");
+ exit;
+ } else
+ login_fail();
}
elseif(isset($_SESSION['timeout']) && !$_SESSION['timeout']['post'])
{
projects / fa-stable.git / blobdiff