mirror of
https://github.com/monstra-cms/monstra.git
synced 2025-08-05 04:37:51 +02:00
Added limits for login attempts #104
This commit is contained in:
Awilum
@@ -63,5 +63,6 @@
|
||||
'Your login details for :site_name' => 'Deine Login-Daten für :site_name',
|
||||
'About Me' => 'Über Mich',
|
||||
'Profile' => 'Profil',
|
||||
'You are banned for 10 minutes. Try again later' => 'You are banned for 10 minutes. Try again later',
|
||||
)
|
||||
);
|
||||
|
||||
@@ -63,5 +63,6 @@
|
||||
'Your login details for :site_name' => 'Your login details for :site_name',
|
||||
'About Me' => 'About Me',
|
||||
'Profile' => 'Profile',
|
||||
'You are banned for 10 minutes. Try again later' => 'You are banned for 10 minutes. Try again later',
|
||||
)
|
||||
);
|
||||
|
||||
@@ -63,5 +63,6 @@
|
||||
'Your login details for :site_name' => 'Detalles para entrar en :site_name',
|
||||
'About Me' => 'Sobre mi',
|
||||
'Profile' => 'Perfil',
|
||||
'You are banned for 10 minutes. Try again later' => 'You are banned for 10 minutes. Try again later',
|
||||
)
|
||||
);
|
||||
@@ -63,5 +63,6 @@
|
||||
'Your login details for :site_name' => 'جزئیات ورود شما برای :site_name',
|
||||
'About Me' => 'درباره من',
|
||||
'Profile' => 'پروفایل',
|
||||
'You are banned for 10 minutes. Try again later' => 'You are banned for 10 minutes. Try again later',
|
||||
)
|
||||
);
|
||||
|
||||
@@ -63,5 +63,6 @@
|
||||
'Your login details for :site_name' => 'Vos identifiants de connexion pour :site_name',
|
||||
'About Me' => 'A propos de moi',
|
||||
'Profile' => 'Profil',
|
||||
'You are banned for 10 minutes. Try again later' => 'You are banned for 10 minutes. Try again later',
|
||||
)
|
||||
);
|
||||
@@ -63,5 +63,6 @@
|
||||
'Your login details for :site_name' => 'Belépési adatok a(z) :site_name weboldalhoz',
|
||||
'About Me' => 'Rólam',
|
||||
'Profile' => 'Profil',
|
||||
'You are banned for 10 minutes. Try again later' => 'You are banned for 10 minutes. Try again later',
|
||||
)
|
||||
);
|
||||
@@ -60,5 +60,6 @@
|
||||
'Your login details for :site_name' => 'I tuoi dati di accesso per :site_name',
|
||||
'About Me' => 'Su di me',
|
||||
'Profile' => 'Profilo',
|
||||
'You are banned for 10 minutes. Try again later' => 'You are banned for 10 minutes. Try again later',
|
||||
)
|
||||
);
|
||||
|
||||
@@ -62,5 +62,6 @@
|
||||
'Your login details for :site_name' => 'Prisijungimo prie :site_name detalės',
|
||||
'About Me' => 'Apie mane',
|
||||
'Profile' => 'Profilis',
|
||||
'You are banned for 10 minutes. Try again later' => 'You are banned for 10 minutes. Try again later',
|
||||
)
|
||||
);
|
||||
|
||||
@@ -63,5 +63,6 @@
|
||||
'Your login details for :site_name' => 'Seu novo login para o site :site_name',
|
||||
'About Me' => 'Sobre mim',
|
||||
'Profile' => 'Perfil',
|
||||
'You are banned for 10 minutes. Try again later' => 'You are banned for 10 minutes. Try again later',
|
||||
)
|
||||
);
|
||||
|
||||
@@ -61,5 +61,6 @@
|
||||
'Your login details for :site_name' => 'Ваши данные для доступа к :site_name',
|
||||
'About Me' => 'Обо мне',
|
||||
'Profile' => 'Профиль',
|
||||
'You are banned for 10 minutes. Try again later' => 'You are banned for 10 minutes. Try again later',
|
||||
)
|
||||
);
|
||||
|
||||
@@ -63,5 +63,6 @@
|
||||
'Your login details for :site_name' => 'Vaše prihlasovacie detaily pre :site_name',
|
||||
'About Me' => 'O mne',
|
||||
'Profile' => 'Profil',
|
||||
'You are banned for 10 minutes. Try again later' => 'You are banned for 10 minutes. Try again later',
|
||||
)
|
||||
);
|
||||
|
||||
@@ -63,5 +63,6 @@
|
||||
'Your login details for :site_name' => 'Vaši podaci za logovanje na :site_name',
|
||||
'About Me' => 'O meni',
|
||||
'Profile' => 'Profil',
|
||||
'You are banned for 10 minutes. Try again later' => 'You are banned for 10 minutes. Try again later',
|
||||
)
|
||||
);
|
||||
@@ -61,5 +61,6 @@
|
||||
'Your login details for :site_name' => 'Ваші дані для доступу до :site_name',
|
||||
'About Me' => 'Про мене',
|
||||
'Profile' => 'Профіль',
|
||||
'You are banned for 10 minutes. Try again later' => 'You are banned for 10 minutes. Try again later',
|
||||
)
|
||||
);
|
||||
|
||||
@@ -383,31 +383,59 @@ class Users extends Frontend
|
||||
// Login Form Submit
|
||||
if (Request::post('login_submit')) {
|
||||
|
||||
// Check csrf
|
||||
if (Security::check(Request::post('csrf'))) {
|
||||
if (Cookie::get('login_attempts') && Cookie::get('login_attempts') >= 5) {
|
||||
|
||||
$user = Users::$users->select("[login='" . trim(Request::post('username')) . "']", null);
|
||||
Notification::setNow('error', __('You are banned for 10 minutes. Try again later', 'users'));
|
||||
|
||||
if (count($user) !== 0) {
|
||||
if ($user['login'] == Request::post('username')) {
|
||||
if (trim($user['password']) == Security::encryptPassword(Request::post('password'))) {
|
||||
if ($user['role'] == 'admin' || $user['role'] == 'editor') {
|
||||
Session::set('admin', true);
|
||||
} else {
|
||||
|
||||
// Check csrf
|
||||
if (Security::check(Request::post('csrf'))) {
|
||||
|
||||
$user = Users::$users->select("[login='" . trim(Request::post('username')) . "']", null);
|
||||
|
||||
if (count($user) !== 0) {
|
||||
if ($user['login'] == Request::post('username')) {
|
||||
if (trim($user['password']) == Security::encryptPassword(Request::post('password'))) {
|
||||
if ($user['role'] == 'admin' || $user['role'] == 'editor') {
|
||||
Session::set('admin', true);
|
||||
}
|
||||
Session::set('user_id', (int) $user['id']);
|
||||
Session::set('user_login', (string) $user['login']);
|
||||
Session::set('user_role', (string) $user['role']);
|
||||
Request::redirect(Site::url().'users/'.Session::get('user_id'));
|
||||
} else {
|
||||
Notification::setNow('error', __('Wrong <b>username</b> or <b>password</b>', 'users'));
|
||||
|
||||
if (Cookie::get('login_attempts')) {
|
||||
if (Cookie::get('login_attempts') < 5) {
|
||||
$attempts = Cookie::get('login_attempts') + 1;
|
||||
Cookie::set('login_attempts', $attempts , 600);
|
||||
} else {
|
||||
Notification::setNow('error', __('You are banned for 10 minutes. Try again later', 'users'));
|
||||
}
|
||||
} else {
|
||||
Cookie::set('login_attempts', 1, 600);
|
||||
}
|
||||
}
|
||||
}
|
||||
} else {
|
||||
Notification::setNow('error', __('Wrong <b>username</b> or <b>password</b>', 'users'));
|
||||
|
||||
if (Cookie::get('login_attempts')) {
|
||||
if (Cookie::get('login_attempts') < 5) {
|
||||
$attempts = Cookie::get('login_attempts') + 1;
|
||||
Cookie::set('login_attempts', $attempts , 600);
|
||||
} else {
|
||||
Notification::setNow('error', __('You are banned for 10 minutes. Try again later', 'users'));
|
||||
}
|
||||
Session::set('user_id', (int) $user['id']);
|
||||
Session::set('user_login', (string) $user['login']);
|
||||
Session::set('user_role', (string) $user['role']);
|
||||
Request::redirect(Site::url().'users/'.Session::get('user_id'));
|
||||
} else {
|
||||
Notification::setNow('error', __('Wrong <b>username</b> or <b>password</b>', 'users'));
|
||||
Cookie::set('login_attempts', 1, 600);
|
||||
}
|
||||
}
|
||||
} else {
|
||||
Notification::setNow('error', __('Wrong <b>username</b> or <b>password</b>', 'users'));
|
||||
}
|
||||
|
||||
} else { die('Request was denied because it contained an invalid security token. Please refresh the page and try again.'); }
|
||||
|
||||
} else { die('Request was denied because it contained an invalid security token. Please refresh the page and try again.'); }
|
||||
}
|
||||
}
|
||||
|
||||
View::factory('box/users/views/frontend/login')->display();
|
||||
|
||||
Reference in New Issue
Block a user