function ValidateLoginAttempt($_clear = false) { if (DB_CONNECTION) { if (!empty($this->LoginIPRange)) { $match = false; $ranges = explode(",", $this->LoginIPRange); foreach ($ranges as $range) { if (Communication::GetIP(true) == trim($range) || OperatorRequest::IPMatch(Communication::GetIP(true), trim($range))) { $match = true; } } if (!$match) { return false; } } if (!empty($_POST[POST_INTERN_AUTHENTICATION_PASSWORD])) { $result = DBManager::Execute(true, "SELECT `id`,`password` FROM `" . DB_PREFIX . DATABASE_OPERATOR_LOGINS . "` WHERE `ip`='" . DBManager::RealEscape(Communication::GetIP(true)) . "' AND `user_id`='" . DBManager::RealEscape($this->UserId) . "' AND `time` > '" . DBManager::RealEscape(time() - 86400) . "';"); if (DBManager::GetRowCount($result) >= MAX_LOGIN_ATTEMPTS) { if (!$_clear) { $this->DeleteLoginAttempts(); return $this->ValidateLoginAttempt(true); } return false; } } } return true; }