$num_failed_attempts = 0;
 if (BPConfig::$login_throttle_enabled) {
     $loginThrottleTable = substr(BPConfig::$login_throttle_blueprint, 0, strpos(BPConfig::$login_throttle_blueprint, "."));
     $query = "SELECT * FROM " . $loginThrottleTable . " WHERE (" . BPConfig::$login_throttle_field_id . "={$member_id}) AND (time >= (UTC_TIMESTAMP() - INTERVAL " . BPConfig::$login_throttle_lockout_period . " SECOND) )";
     $sql = new DatabaseQuery($query);
     $sql->doQuery();
     $num_failed_attempts = $sql->get_num_rows();
 }
 if ($num_failed_attempts >= BPConfig::$login_throttle_lockout_attempts) {
     Log::warning("* THROTTLE LOCKOUT: " . $num_failed_attempts . " failed login attempts during the last " . BPConfig::$login_throttle_lockout_period . " seconds");
     $status = "error";
     $message = "Login throttle has prevented another attempt.";
 } else {
     // Check Password
     if (Login::checkPassword($entity_blueprint, $login_key, $passwd_key, $login, $passwd)) {
         Login::start($login, $domain);
         // ! TODO: inject BPConfig::$guardian_identity_session_key into the users session
         $status = "success";
         $message = "Login Successful.";
     } else {
         $status = "error";
         $message = "Username or password is incorrect.";
         Log::warning("* Failed login attempt");
         if (BPConfig::$login_throttle_enabled) {
             // Record a failed login attempt
             $failedLoginAttemptBP = BlueprintReader::read(BPConfig::$login_throttle_blueprint);
             $failedLoginAttemptDAO = new EntityDAO($failedLoginAttemptBP, "+0:00");
             $fla = $failedLoginAttemptBP->build();
             $fla->set(BPConfig::$login_throttle_field_id, $member_id);
             $fla->set("time", gmdate("Y-m-d H:i:s"));
             $failedLoginAttemptDAO->insert($fla);
Exemple #2
0
                    break;
                default:
                    if (!isset($_SESSION['home'])) {
                        $_SESSION['home'] = 'http://' . URL . DS . $row[0];
                    }
                    break;
            }
            session_write_close();
            //echo $_SESSION['home'];
            exit(header('Location: ' . $_SESSION['home']));
            //echo $row[0];
        } else {
            //entra a esta parte en caso sean incorrectos los datos.
            //$loginP->start('error');
            echo "9";
        }
    } else {
        if ($loggedstatus === "islogged") {
            $loginP->start("logged");
        } else {
            if ($loggedstatus === "notexist") {
                $loginP->start("notexist");
            } else {
                $loginP->start("error");
            }
        }
    }
} else {
    // En caso no se ingresen los campos.
    $loginP->start("null");
}
Exemple #3
0
        <div id="logo">
            <div id="logo_text">
                <h1><a href="/">Lar da<span class="logo_colour"> Vovó</span></a></h1>

                <h2>Asilo Nossa Senhora da Piedade.</h2>
            </div>
        </div>
        <nav>
        </nav>
    </header>
    <div id="site_content">
        <div id="content">
            <div class="form_settings" style="width:315px;margin: 0 auto; padding-top:10px">
                <form id="login" method="post" action="">
                    <p><span>Usuário</span><input class="validate[required] text-input" type="text" name="name"
                                                  value=""/></p>

                    <p><span>Senha</span><input class="validate[required] text-input" type="password" name="senha"
                                                value=""/></p>
                    <input class="submit" type="submit" name="login_submit" value="Login"/></p>
                </form>
                <?php 
if (isset($_POST['login_submit'])) {
    $Login = new Login($_POST['name'], $_POST['senha']);
    $Login->start();
}
?>
            </div>
        </div>
    </div>
</div>