/** * login */ function image_login() { global $cfg; $bgImage = strpos($cfg["default_theme"], '/') === false ? 'themes/' . $cfg["default_theme"] . '/images/code_bg' : 'themes/tf_standard_themes/images/code_bg'; $rndCode = loginImageCode($cfg["db_user"], tfb_getRequestVar('rnd')); Image::paintLabelFromImage($bgImage, $rndCode, 5, 12, 2, 80, 80, 80); }
break; case 4: /* Form-Auth + Image-Validation */ // Image class require_once 'inc/classes/Image.php'; $user = strtolower(tfb_getRequestVar('username')); $iamhim = addslashes(tfb_getRequestVar('iamhim')); $md5password = ""; $isImageSupported = Image::isSupported(); if (!empty($user)) { $isLoginRequest = true; // image-validation if ($isImageSupported) { $secCode = tfb_getRequestVar('security'); $rndChk = tfb_getRequestVar('rnd_chk'); if ($secCode !== loginImageCode($cfg["db_user"], $rndChk)) { // log this AuditAction($cfg["constants"]["access_denied"], "FAILED IMAGE-VALIDATION: " . $user); // flush credentials if sec-code-validation fails (-> login-failure) $user = ""; $iamhim = ""; } } } if ($isImageSupported) { $tmpl->setvar('imageSupported', 1); // rand mt_srand((double) microtime() * 1000000); $rnd = mt_rand(0, 1000000); $tmpl->setvar('rnd', $rnd); } else {