if (check_faillog())
{
- $blocked_msg = '<span class="redfg">'._('Too many failed login attempts.<br>Please wait a while or try later.').'</span>';
+ $blocked = true;
$js .= "<script>setTimeout(function() {
document.getElementsByName('SubmitUser')[0].disabled=0;
document.getElementById('log_msg').innerHTML='$demo_text'}, 1000*".$SysPrefs->login_delay.");</script>";
- $demo_text = $blocked_msg;
+ $demo_text = '<span class="redfg">'._('Too many failed login attempts.<br>Please wait a while or try later.').'</span>';
+ } elseif ($_SESSION["wa_current_user"]->login_attempt > 1) {
+ $demo_text = '<span class="redfg">'._("Invalid password or username. Please, try again.").'</span>';
}
+
flush_dir(user_js_cache());
if (!isset($def_coy))
$def_coy = 0;
end_row();
if (!$login_timeout)
table_section_title(_("Version")." $version Build ".$SysPrefs->build_version." - "._("Login"));
+
$value = $login_timeout ? $_SESSION['wa_current_user']->loginname : ($SysPrefs->allow_demo_mode ? "demouser":"");
text_row(_("User name"), "user_name_entry_field", $value, 20, 30);
end_table(1);
echo "<input type='hidden' id=ui_mode name='ui_mode' value='".!fallback_mode()."' >\n";
echo "<center><input type='submit' value=' "._("Login -->")." ' name='SubmitUser'"
- ." onclick='".(in_ajax() ? 'retry();': 'set_fullmode();')."'".(isset($blocked_msg) ? " disabled" : '')." ></center>\n";
+ ." onclick='".(in_ajax() ? 'retry();': 'set_fullmode();')."'".(isset($blocked) ? " disabled" : '')." ></center>\n";
foreach($_SESSION['timeout']['post'] as $p => $val) {
// add all request variables to be resend together with login data
var $old_db;
var $logged;
var $ui_mode = 0;
+ var $login_attempt=0;
var $prefs;
var $cur_con; // current db connection (can be different from $company for superuser)
$this->email = @$myrow["email"];
update_user_visitdate($this->username);
$this->logged = true;
+ $this->login_attempt=0;
$this->last_act = time();
$this->timeout = session_timeout();
flush_dir(user_js_cache()); // refresh cache on login
$user = $_SESSION["wa_current_user"]->user;
+ $_SESSION["wa_current_user"]->login_attempt++;
if (@$SysPrefs->login_delay && (@$login_faillog[$user][$_SERVER['REMOTE_ADDR']] >= @$SysPrefs->login_max_attempts) && (time() < $login_faillog[$user]['last'] + $SysPrefs->login_delay))
return true;
$_SESSION['timeout'] = array( 'uri'=>preg_replace('/JsHttpRequest=(?:(\d+)-)?([^&]+)/s',
'', html_specials_encode($_SERVER['REQUEST_URI'])),
'post' => $_POST);
-
if (in_ajax())
$Ajax->popup($path_to_root ."/access/timeout.php");
else
projects / fa-stable.git / commitdiff