mirror of
				https://github.com/phpbb/phpbb.git
				synced 2025-10-24 21:26:24 +02:00 
			
		
		
		
	[ticket/16655] Add support for custom error message when exceeding attempts
PHPBB3-16655
This commit is contained in:
		| @@ -44,10 +44,11 @@ $lang = array_merge($lang, [ | ||||
| 	'CAPTCHA_RECAPTCHA'				=> 'reCaptcha v2', | ||||
| 	'CAPTCHA_RECAPTCHA_V3'			=> 'reCaptcha v3', | ||||
|  | ||||
| 	'RECAPTCHA_INCORRECT'			=> 'The solution you provided was incorrect', | ||||
| 	'RECAPTCHA_NOSCRIPT'			=> 'Please enable JavaScript in your browser to load the challenge.', | ||||
| 	'RECAPTCHA_NOT_AVAILABLE'		=> 'In order to use reCaptcha, you must create an account on <a href="https://www.google.com/recaptcha">www.google.com/recaptcha</a>.', | ||||
| 	'RECAPTCHA_INVISIBLE'			=> 'This CAPTCHA is actually invisible. To verify that it works, a small icon should appear in right bottom corner of this page.', | ||||
| 	'RECAPTCHA_INCORRECT'				=> 'The solution you provided was incorrect', | ||||
| 	'RECAPTCHA_NOSCRIPT'				=> 'Please enable JavaScript in your browser to load the challenge.', | ||||
| 	'RECAPTCHA_NOT_AVAILABLE'			=> 'In order to use reCaptcha, you must create an account on <a href="https://www.google.com/recaptcha">www.google.com/recaptcha</a>.', | ||||
| 	'RECAPTCHA_INVISIBLE'				=> 'This CAPTCHA is actually invisible. To verify that it works, a small icon should appear in right bottom corner of this page.', | ||||
| 	'RECAPTCHA_V3_LOGIN_ERROR_ATTEMPTS'	=> 'You have exceeded the maximum number of login attempts allowed.<br>In addition to your username and password the invisible reCAPTCHA v3 will be used to authenticate your session.', | ||||
|  | ||||
| 	'RECAPTCHA_PUBLIC'				=> 'Site key', | ||||
| 	'RECAPTCHA_PUBLIC_EXPLAIN'		=> 'Your site reCAPTCHA key. Keys can be obtained on <a href="https://www.google.com/recaptcha">www.google.com/recaptcha</a>. Please, use reCAPTCHA v2 > Invisible reCAPTCHA badge type.', | ||||
|   | ||||
| @@ -14,6 +14,7 @@ | ||||
| namespace phpbb\auth\provider; | ||||
|  | ||||
| use phpbb\captcha\factory; | ||||
| use phpbb\captcha\plugins\captcha_abstract; | ||||
| use phpbb\config\config; | ||||
| use phpbb\db\driver\driver_interface; | ||||
| use phpbb\passwords\manager; | ||||
| @@ -151,13 +152,27 @@ class db extends base | ||||
| 			$attempts = 0; | ||||
| 		} | ||||
|  | ||||
| 		$login_error_attempts = 'LOGIN_ERROR_ATTEMPTS'; | ||||
| 		$show_captcha = ($this->config['max_login_attempts'] && $row['user_login_attempts'] >= $this->config['max_login_attempts']) || | ||||
| 			($this->config['ip_login_limit_max'] && $attempts >= $this->config['ip_login_limit_max']); | ||||
| 		if ($show_captcha) | ||||
| 		{ | ||||
| 			$captcha = $this->captcha_factory->get_instance($this->config['captcha_plugin']); | ||||
|  | ||||
| 			// Get custom message for login error when exceeding maximum number of attempts | ||||
| 			if ($captcha instanceof captcha_abstract) | ||||
| 			{ | ||||
| 				$login_error_attempts = $captcha->get_login_error_attempts(); | ||||
| 			} | ||||
| 		} | ||||
|  | ||||
| 		if (!$row) | ||||
| 		{ | ||||
| 			if ($this->config['ip_login_limit_max'] && $attempts >= $this->config['ip_login_limit_max']) | ||||
| 			{ | ||||
| 				return array( | ||||
| 					'status'		=> LOGIN_ERROR_ATTEMPTS, | ||||
| 					'error_msg'		=> 'LOGIN_ERROR_ATTEMPTS', | ||||
| 					'error_msg'		=> $login_error_attempts, | ||||
| 					'user_row'		=> array('user_id' => ANONYMOUS), | ||||
| 				); | ||||
| 			} | ||||
| @@ -169,21 +184,17 @@ class db extends base | ||||
| 			); | ||||
| 		} | ||||
|  | ||||
| 		$show_captcha = ($this->config['max_login_attempts'] && $row['user_login_attempts'] >= $this->config['max_login_attempts']) || | ||||
| 			($this->config['ip_login_limit_max'] && $attempts >= $this->config['ip_login_limit_max']); | ||||
|  | ||||
| 		// If there are too many login attempts, we need to check for a confirm image | ||||
| 		// Every auth module is able to define what to do by itself... | ||||
| 		if ($show_captcha) | ||||
| 		{ | ||||
| 			$captcha = $this->captcha_factory->get_instance($this->config['captcha_plugin']); | ||||
| 			$captcha->init(CONFIRM_LOGIN); | ||||
| 			$vc_response = $captcha->validate($row); | ||||
| 			if ($vc_response) | ||||
| 			{ | ||||
| 				return array( | ||||
| 					'status'		=> LOGIN_ERROR_ATTEMPTS, | ||||
| 					'error_msg'		=> 'LOGIN_ERROR_ATTEMPTS', | ||||
| 					'error_msg'		=> $login_error_attempts, | ||||
| 					'user_row'		=> $row, | ||||
| 				); | ||||
| 			} | ||||
|   | ||||
| @@ -387,4 +387,15 @@ abstract class captcha_abstract | ||||
| 	* @return string the name of the class used to generate the captcha | ||||
| 	*/ | ||||
| 	abstract function get_generator_class(); | ||||
|  | ||||
| 	/** | ||||
| 	 * Get language variable for error message when CAPTCHA is being shown due | ||||
| 	 * to exceeding the maximum number of login attempts | ||||
| 	 * | ||||
| 	 * @return string | ||||
| 	 */ | ||||
| 	public function get_login_error_attempts(): string | ||||
| 	{ | ||||
| 		return 'LOGIN_ERROR_ATTEMPTS'; | ||||
| 	} | ||||
| } | ||||
|   | ||||
| @@ -352,4 +352,16 @@ class recaptcha_v3 extends captcha_abstract | ||||
|  | ||||
| 		return $language->lang('RECAPTCHA_INCORRECT'); | ||||
| 	} | ||||
|  | ||||
| 	/** | ||||
| 	 * {@inheritDoc} | ||||
| 	 */ | ||||
| 	public function get_login_error_attempts(): string | ||||
| 	{ | ||||
| 		global $language; | ||||
|  | ||||
| 		$language->add_lang('captcha_recaptcha'); | ||||
|  | ||||
| 		return 'RECAPTCHA_V3_LOGIN_ERROR_ATTEMPTS'; | ||||
| 	} | ||||
| } | ||||
|   | ||||
		Reference in New Issue
	
	Block a user