function login($company, $loginname, $password)
{
- global $security_areas, $security_groups, $security_headings, $path_to_root;
+ global $security_areas, $security_groups, $security_headings, $path_to_root, $login_delay;
$this->set_company($company);
$this->logged = false;
if (!isset($Auth_Result)) // if not used: standard method
$Auth_Result = get_user_auth($loginname, md5($password));
- write_login_filelog($loginname, $Auth_Result);
+ if ($login_delay > 0)
+ write_login_filelog($loginname, $Auth_Result);
if ($Auth_Result)
{
kill_login();
die();
}
-//----------------------------------------------------------------------------------------
-// set to reasonable values if not set in config file (pre-2.3.12 installations)
-
-if (!isset($login_delay))
-{
- $login_delay = 10;
- $login_max_attempts = 3;
-}
function check_faillog()
{
$path_to_root = ".";
}
+//----------------------------------------------------------------------------------------
+// set to reasonable values if not set in config file (pre-2.3.12 installations)
+
+if ((!isset($login_delay)) || ($login_delay < 0))
+ $login_delay = 10;
+
+if ((!isset($login_max_attempts)) || ($login_max_attempts < 0))
+ $login_max_attempts = 3;
+
+
// Prevent register_globals vulnerability
if (isset($_GET['path_to_root']) || isset($_POST['path_to_root']))
die("Restricted access");
include_once($path_to_root . "/admin/db/security_db.inc");
include_once($path_to_root . "/includes/lang/language.php");
include_once($path_to_root . "/config_db.php");
-@include_once($path_to_root . "/faillog.php");
include_once($path_to_root . "/includes/ajax.inc");
include_once($path_to_root . "/includes/ui/ui_msgs.inc");
include_once($path_to_root . "/includes/prefs/sysprefs.inc");
include_once($path_to_root . "/config.php");
get_text_init();
+if ($login_delay > 0)
+ @include_once($path_to_root . "/faillog.php");
+
// Page Initialisation
if (!isset($_SESSION['language']) || !method_exists($_SESSION['language'], 'set_language'))
{
projects / fa-stable.git / commitdiff