function loginform_exec($Frm, $Err)
{
if ($Err) {
$Frm->_gui->Vars["login_message"] = "Ошибки при заполнении формы";
return;
}
// clr
db::delete(TABLE_LOGIN_HOST, "time < " . (time() - 900));
$last_login_time = db::get_arrays("SELECT time FROM " . TABLE_LOGIN_HOST . " WHERE ip = '" . db::input($_SERVER["REMOTE_ADDR"]) . "' ORDER BY time");
$cnt = count($last_login_time);
$rowx["time"] = 0;
if ($cnt) {
$rowx = $last_login_time[0];
}
$user = Employee::findOneBy(array('email' => strtolower($Frm->GetValue(0)), 'hpwd' => md5($Frm->GetValue(1) . $Frm->GetValue(0))));
if (!$user || $cnt > 2) {
if ($cnt > 1) {
$t = 900 - time() + $rowx["time"];
if ($t > 60) {
$w = floor($t / 60) . " мин.";
} else {
$w = " минуту";
}
$Frm->_gui->Vars["login_message"] = "Попытки исчерпаны. Подождите " . $w;
} else {
$Frm->_gui->Vars["login_message"] = "Ошибка. Осталось попыток: " . (2 - $cnt);
db::insert(TABLE_LOGIN_HOST, array('ip' => $_SERVER['REMOTE_ADDR'], 'time' => time()));
}
return;
} else {
// ok
if ($user["blocked"] || $user["black_list"]) {
$Frm->_gui->Vars["login_message"] = "Доступ запрещен";
return;
}
$ll = array();
if ($user["last_login"]) {
$ll = unserialize($user["last_login"]);
while (count($ll) > 99) {
array_shift($ll);
}
}
$ll[] = array("ip" => $_SERVER['REMOTE_ADDR'], "time" => time());
Employee::update($user['id'], array('last_act' => time(), 'last_login' => serialize($ll)));
unset($user["last_act"]);
unset($user["last_login"]);
$_SESSION["user"]["auth"] = true;
$_SESSION["user"]["data"] = $user;
page_reload();
}
}
