Example #1
0
 $login_exists = $session->login_exists();
 $lockout_duration = intval($conf->get_conf("unlock_user_interval", FALSE)) * 60;
 $customize_wizard = intval($conf->get_conf("customize_wizard", FALSE)) ? true : false;
 if ($login_return != true) {
     $infolog = array(REQUEST('user'));
     $_SESSION['_user'] = "";
     Log_action::log(94, $infolog);
     $failed = true;
     $bad_pass = true;
     $failed_retries = $conf->get_conf("failed_retries", FALSE);
     if ($login_exists && !$is_disabled && $lockout_duration > 0) {
         $_SESSION['bad_pass'][$user]++;
         if ($_SESSION['bad_pass'][$user] >= $failed_retries && $user != ACL_DEFAULT_OSSIM_ADMIN) {
             // auto-disable user
             $disabled = true;
             $session->login_disable();
         }
     }
 } elseif (!$is_disabled) {
     $_SESSION['bad_pass'] = "";
     $first_login = $conf->get_conf("first_login", FALSE);
     $pass_expire_max = $conf->get_conf("pass_expire", FALSE) > 0 && $conf->get_conf("pass_expire", FALSE) != "yes" && $conf->get_conf("pass_expire", FALSE) != "no" ? $conf->get_conf("pass_expire", FALSE) : 0;
     $pass_length_min = $conf->get_conf("pass_length_min", FALSE) ? $conf->get_conf("pass_length_min", FALSE) : 7;
     if ($first_login == "" || $first_login == 0 || $first_login == "no") {
         $accepted = "yes";
     }
     $failed = false;
     if ($accepted == "yes") {
         $first_login = "******";
         $iv_size = mcrypt_get_iv_size(MCRYPT_RIJNDAEL_256, MCRYPT_MODE_ECB);
         //get vector size on ECB mode