Example #1
0
}
// LOGIN
$cnd_1 = !empty($user) && is_string($user);
$cnd_2 = !empty($pass) && is_string($pass);
if ($cnd_1 && $cnd_2) {
    $session = new Session($user, $pass, '');
    $config = new Config();
    //Disable first_login
    if ($accepted == 'yes') {
        $config->update('first_login', 'no');
    }
    $is_disabled = $session->is_user_disabled();
    if ($is_disabled == FALSE) {
        $login_return = $session->login();
        $first_user_login = $session->get_first_login();
        $last_pass_change = $session->last_pass_change();
        $login_exists = $session->is_logged_user_in_db();
        $lockout_duration = intval($conf->get_conf('unlock_user_interval')) * 60;
        if ($login_return != TRUE) {
            $_SESSION['_user'] = '';
            $infolog = array($user);
            Log_action::log(94, $infolog);
            $failed = TRUE;
            $bad_pass = TRUE;
            $failed_retries = $conf->get_conf('failed_retries');
            if ($login_exists && !$is_disabled && $lockout_duration > 0) {
                $_SESSION['bad_pass'][$user]++;
                if ($_SESSION['bad_pass'][$user] >= $failed_retries && $user != AV_DEFAULT_ADMIN) {
                    // Auto-disable user
                    $disabled = TRUE;
                    $session->disable_user();