$login_exists = $session->login_exists(); $lockout_duration = intval($conf->get_conf("unlock_user_interval", FALSE)) * 60; $customize_wizard = intval($conf->get_conf("customize_wizard", FALSE)) ? true : false; if ($login_return != true) { $infolog = array(REQUEST('user')); $_SESSION['_user'] = ""; Log_action::log(94, $infolog); $failed = true; $bad_pass = true; $failed_retries = $conf->get_conf("failed_retries", FALSE); if ($login_exists && !$is_disabled && $lockout_duration > 0) { $_SESSION['bad_pass'][$user]++; if ($_SESSION['bad_pass'][$user] >= $failed_retries && $user != ACL_DEFAULT_OSSIM_ADMIN) { // auto-disable user $disabled = true; $session->login_disable(); } } } elseif (!$is_disabled) { $_SESSION['bad_pass'] = ""; $first_login = $conf->get_conf("first_login", FALSE); $pass_expire_max = $conf->get_conf("pass_expire", FALSE) > 0 && $conf->get_conf("pass_expire", FALSE) != "yes" && $conf->get_conf("pass_expire", FALSE) != "no" ? $conf->get_conf("pass_expire", FALSE) : 0; $pass_length_min = $conf->get_conf("pass_length_min", FALSE) ? $conf->get_conf("pass_length_min", FALSE) : 7; if ($first_login == "" || $first_login == 0 || $first_login == "no") { $accepted = "yes"; } $failed = false; if ($accepted == "yes") { $first_login = "******"; $iv_size = mcrypt_get_iv_size(MCRYPT_RIJNDAEL_256, MCRYPT_MODE_ECB); //get vector size on ECB mode