if (eZOperationHandler::operationIsAvailable('user_setsettings')) { $operationResult = eZOperationHandler::execute('user', 'setsettings', array('user_id' => $UserID, 'is_enabled' => $isEnabled, 'max_login' => $maxLogin)); } else { eZUserOperationCollection::setSettings($UserID, $isEnabled, $maxLogin); } $Module->redirectTo('/content/view/full/' . $userObject->attribute('main_node_id')); return; } if ($http->hasPostVariable("CancelSettingButton")) { $Module->redirectTo('/content/view/full/' . $userObject->attribute('main_node_id')); return; } if ($http->hasPostVariable("ResetFailedLoginButton")) { // Reset number of failed login attempts eZUser::setFailedLoginAttempts($UserID, 0, true); } $failedLoginAttempts = $user->failedLoginAttempts(); $maxFailedLoginAttempts = eZUser::maxNumberOfFailedLogin(); $Module->setTitle("Edit user settings"); // Template handling $tpl = eZTemplate::factory(); $tpl->setVariable("module", $Module); $tpl->setVariable("http", $http); $tpl->setVariable("userID", $UserID); $tpl->setVariable("user", $user); $tpl->setVariable("userSetting", $userSetting); $tpl->setVariable("failed_login_attempts", $failedLoginAttempts); $tpl->setVariable("max_failed_login_attempts", $maxFailedLoginAttempts); $Result = array(); $Result['content'] = $tpl->fetch("design:user/setting.tpl"); $Result['path'] = array(array('text' => ezpI18n::tr('kernel/user', 'User'), 'url' => false), array('text' => ezpI18n::tr('kernel/user', 'Setting'), 'url' => false));
static function setFailedLoginAttempts($userID, $value = false, $setByForce = false) { $trustedUser = eZUser::isTrusted(); // If user is trusted we should stop processing if ($trustedUser and !$setByForce) { return true; } $maxNumberOfFailedLogin = eZUser::maxNumberOfFailedLogin(); if ($maxNumberOfFailedLogin == '0' and !$setByForce) { return true; } $userID = (int) $userID; $userObject = eZUser::fetch($userID); if (!$userObject) { return true; } $isEnabled = $userObject->isEnabled(); // If current user is disabled we should not continue if (!$isEnabled and !$setByForce) { return true; } $db = eZDB::instance(); $db->begin(); $userVisitArray = $db->arrayQuery("SELECT 1 FROM ezuservisit WHERE user_id={$userID}"); if (isset($userVisitArray[0])) { if ($value === false) { $failedLoginAttempts = $userObject->failedLoginAttempts(); $failedLoginAttempts += 1; } else { $failedLoginAttempts = (int) $value; } $db->query("UPDATE ezuservisit SET failed_login_attempts={$failedLoginAttempts} WHERE user_id={$userID}"); } else { if ($value === false) { $failedLoginAttempts = 1; } else { $failedLoginAttempts = (int) $value; } $db->query("INSERT INTO ezuservisit ( failed_login_attempts, user_id ) VALUES ( {$failedLoginAttempts}, {$userID} )"); } $db->commit(); eZContentCacheManager::clearContentCacheIfNeeded($userID); eZContentCacheManager::generateObjectViewCache($userID); }
// called from outside of a template (?) $requestedURI = $GLOBALS['eZRequestedURI']; if ($requestedURI instanceof eZURI) { $requestedModule = $requestedURI->element(0, false); $requestedView = $requestedURI->element(1, false); if ($requestedModule != 'user' or $requestedView != 'login') { $userRedirectURI = $requestedURI->originalURIString(false); } } } if ($http->hasPostVariable("RegisterButton")) { $Module->redirectToView('register'); } $userIsNotAllowedToLogin = false; $failedLoginAttempts = false; $maxNumOfFailedLogin = !eZUser::isTrusted() ? eZUser::maxNumberOfFailedLogin() : false; // Should we show message about failed login attempt and max number of failed login if ($loginWarning and isset($GLOBALS['eZFailedLoginAttemptUserID'])) { $showMessageIfExceeded = $ini->hasVariable('UserSettings', 'ShowMessageIfExceeded') ? $ini->variable('UserSettings', 'ShowMessageIfExceeded') == 'true' : false; $failedUserID = $GLOBALS['eZFailedLoginAttemptUserID']; $failedLoginAttempts = eZUser::failedLoginAttemptsByUserID($failedUserID); $canLogin = eZUser::isEnabledAfterFailedLogin($failedUserID); if ($showMessageIfExceeded and !$canLogin) { $userIsNotAllowedToLogin = true; } } $tpl = eZTemplate::factory(); $tpl->setVariable('login', $userLogin, 'User'); $tpl->setVariable('post_data', $postData, 'User'); $tpl->setVariable('password', $userPassword, 'User'); $tpl->setVariable('redirect_uri', $userRedirectURI, 'User');