function increment_failed_logins($username = '') { global $wpdb, $aio_wp_security; //$login_attempts_permitted = $aio_wp_security->configs->get_value('aiowps_max_login_attempts'); //$lockout_time_length = $aio_wp_security->configs->get_value('aiowps_lockout_time_length'); $login_fails_table = AIOWPSEC_TBL_FAILED_LOGINS; $ip = AIOWPSecurity_Utility_IP::get_user_ip_address(); //Get the IP address of user $ip_range = AIOWPSecurity_Utility_IP::get_sanitized_ip_range($ip); //Get the IP range of the current user if (empty($ip_range)) { return false; } $username = sanitize_user($username); $user = get_user_by('login', $username); //Returns WP_User object if it exists if ($user) { //If the login attempt was made using a valid user set variables for DB storage later on $user_id = $user->ID; } else { //If the login attempt was made using a non-existent user then let's set user_id to blank and record the attempted user login name for DB storage later on $user_id = 0; } $ip_range_str = esc_sql($ip_range) . '.*'; $insert = "INSERT INTO " . $login_fails_table . " (user_id, user_login, failed_login_date, login_attempt_ip) " . "VALUES ('" . $user_id . "', '" . $username . "', now(), '" . $ip_range_str . "')"; $result = $wpdb->query($insert); if ($result === FALSE) { $aio_wp_security->debug_logger->log_debug("Error inserting record into " . $login_fails_table, 4); //Log the highly unlikely event of DB error } }
$display_form = true; echo '<div id="login_error">' . $errors . '</div>'; $sanitized_email = sanitize_email($email); echo display_unlock_form($sanitized_email); } else { $locked_user = get_user_by('email', $email); if (!$locked_user) { //user with this email does not exist in the system $errors .= '<p>' . __('User account not found!', 'all-in-one-wp-security-and-firewall') . '</p>'; echo '<div id="login_error">' . $errors . '</div>'; } else { //Process unlock request //Generate a special code and unlock url $ip = AIOWPSecurity_Utility_IP::get_user_ip_address(); //Get the IP address of user $ip_range = AIOWPSecurity_Utility_IP::get_sanitized_ip_range($ip); //Get the IP range of the current user $unlock_url = AIOWPSecurity_User_Login::generate_unlock_request_link($ip_range); if (!$unlock_url) { //No entry found in lockdown table with this IP range $error_msg = '<p>' . __('Error: No locked entry was found in the DB with your IP address range!', 'all-in-one-wp-security-and-firewall') . '</p>'; echo '<div id="login_error">' . $error_msg . '</div>'; } else { //Send an email to the user AIOWPSecurity_User_Login::send_unlock_request_email($email, $unlock_url); echo '<p class="message">An email has been sent to you with the unlock instructions.</p>'; } } $display_form = false; } }