Allow admin to set a failed-login attempt limit before auto-banning occurs.

2025-08-02 20:57:26 +02:00 · 2015-04-12 22:34:44 -07:00
parent 2f46c967da
commit bcfe20dd2b
3 changed files with 21 additions and 9 deletions
--- a/e107_admin/prefs.php
+++ b/e107_admin/prefs.php
@@ -2005,6 +2005,13 @@ $text .= "
 							<div class='field-help'>".PRFLAN_91."</div>
 						</td>
 					</tr>
+					<tr>
+						<td><label for='failed-login-limit'>Maximum failed logins before ban:</label></td>
+						<td>
+							".$frm->number('failed_login_limit', varset($pref['failed_login_limit'],10), 3, array('max'=>10, 'min'=>0))."
+							<div class='smalltext field-help'>Failed logins from the same IP will be banned after this many attempts.</div>
+						</td>
+					</tr>
 					<tr>
 						<td><label for='adminpwordchange'>".PRFLAN_139.":</label></td>
 						<td>
--- a/e107_handlers/form_handler.php
+++ b/e107_handlers/form_handler.php
@@ -440,11 +440,13 @@ class e_form
 		$options['type'] ='number';
 		
 		$mlength = vartrue($maxlength) ? "maxlength=".$maxlength : "";
-				
+
+		$min = varset($options['min']) ? 'min="'.$options['min'].'"' : '';
+		$max = vartrue($options['max']) ? 'max="'.$options['max'].'"' : '';
+
 		$options = $this->format_options('text', $name, $options);
 		
-		$min = vartrue($options['min']) ? 'min="'.$options['min'].'"' : '';
-		$max = vartrue($options['max']) ? 'min="'.$options['max'].'"' : '';
+
 		
 		//never allow id in format name-value for text fields
 		if(deftrue('BOOTSTRAP'))
--- a/e107_handlers/login.php
+++ b/e107_handlers/login.php
@@ -534,12 +534,15 @@ class userlogin

 		e107::getMessage()->addError(LOGINMESSAGE);	

-		if ($doCheck)
-		{		// See if ban required (formerly the checkibr() function)
-			if($pref['autoban'] == 1 || $pref['autoban'] == 3)
-			{ // Flood + Login or Login Only.
+		if ($doCheck) // See if ban required (formerly the checkibr() function)
+		{
+			if($pref['autoban'] == 1 || $pref['autoban'] == 3) // Flood + Login or Login Only.
+			{
 				$fails = $sql->count("generic", "(*)", "WHERE gen_ip='{$this->userIP}' AND gen_type='failed_login' ");
-				if($fails > 10)
+
+				$failLimit = vartrue($pref['failed_login_limit'],10);
+
+				if($fails >= $failLimit)
 				{
 					$time = time();
 					e107::getIPHandler()->add_ban(4,LAN_LOGIN_18,$this->userIP,1);
@@ -548,7 +551,7 @@ class userlogin
 				}
 			}
 		}
-		return FALSE;		// Passed back to signal failed login
+		return false;		// Passed back to signal failed login
 	}