/** * validate captcha result for specified field */ function secure_captcha_validate_result($field_name) { custom_session_set($field_name . '-validate', 1); $valid = false; if (isset($_POST[$field_name])) { if (!empty($_POST[$field_name])) { $captcha_result = custom_session_get($field_name . '-result', ""); if ($_POST[$field_name] == $captcha_result) { $valid = true; } } } else { // no submition $valid = true; } if ($valid) { custom_session_set($field_name . '-error', ""); } else { custom_session_set($field_name . '-error', __("invalid captcha", CUSTOM_PLUGIN_TEXT_DOMAIN)); } return $valid; }
/** * analyse request and determine if failed to ban */ function secure_is_failtoban() { $failedtoban = false; $timestamp = time(); $last_failtoban_time = custom_session_get("secure-last-failtoban-time", null); $last_login_time = custom_session_get("secure-last-login-time", null); $nb_try_login = custom_session_get("secure-nb-try-login", null); if (!empty($last_failtoban_time) && $timestamp - $last_failtoban_time < 60) { $failedtoban = true; // failtoban must wait 1min. custom_session_set("secure-last-failtoban-time", $timestamp); custom_session_unset("secure-last-login-time"); custom_session_unset("secure-nb-try-login"); } else { custom_session_unset("secure-last-failtoban-time"); if (!empty($last_login_time)) { if ($nb_try_login > 9) { // more than 10 tries in 1min. if ($timestamp - $last_login_time < 60) { // more than 10 tries in 1min. => failtoban $failedtoban = true; custom_session_set("secure-last-failtoban-time", $timestamp); custom_session_unset("secure-last-login-time"); custom_session_unset("secure-nb-try-login"); } else { // reset custom_session_set("secure-last-login-time", $timestamp); custom_session_set("secure-nb-try-login", 1); } } else { // increment try login custom_session_set("secure-nb-try-login", $nb_try_login + 1); } } else { // reset custom_session_set("secure-last-login-time", $timestamp); custom_session_set("secure-nb-try-login", 1); } } if (!$failedtoban) { custom_session_set('failtoban-error', ""); } else { custom_session_set('failtoban-error', __("Too many tries - please wait 1min", CUSTOM_PLUGIN_TEXT_DOMAIN)); } return $failedtoban; }