$db->update_query("adminoptions", array('loginlockoutexpiry' => 0, 'loginattempts' => 0), "uid='" . (int) $user['uid'] . "'");
admin_redirect("index.php");
} else {
$error = $lang->error_invalid_token;
}
}
$default_page->show_lockout_unlock($error, 'error');
} elseif ($mybb->input['do'] == "login") {
require_once MYBB_ROOT . "inc/datahandlers/login.php";
$loginhandler = new LoginDataHandler("get");
// Validate PIN first
if (!empty($config['secret_pin']) && (empty($mybb->input['pin']) || $mybb->input['pin'] != $config['secret_pin'])) {
$default_page->show_login($lang->error_invalid_secret_pin, "error");
}
$loginhandler->set_data(array('username' => $mybb->input['username'], 'password' => $mybb->input['password']));
if ($loginhandler->verify_username() !== false && $loginhandler->verify_password() !== false) {
$mybb->user = get_user($loginhandler->login_data['uid']);
}
if ($mybb->user['uid']) {
if (login_attempt_check_acp($mybb->user['uid']) == true) {
log_admin_action(array('type' => 'admin_locked_out', 'uid' => (int) $mybb->user['uid'], 'username' => $mybb->user['username']));
$default_page->show_lockedout();
}
$db->delete_query("adminsessions", "uid='{$mybb->user['uid']}'");
$sid = md5(uniqid(microtime(true), true));
$useragent = $_SERVER['HTTP_USER_AGENT'];
if (my_strlen($useragent) > 100) {
$useragent = my_substr($useragent, 0, 100);
}
// Create a new admin session for this user
$admin_session = array("sid" => $sid, "uid" => $mybb->user['uid'], "loginkey" => $mybb->user['loginkey'], "ip" => $db->escape_binary(my_inet_pton(get_ip())), "dateline" => TIME_NOW, "lastactive" => TIME_NOW, "data" => serialize(array()), "useragent" => $db->escape_string($useragent));
