protected function checkbrute($user_id)
{
$where_array = array('user_id' => $user_id, 'status_key' => 'acc_status');
$this->db->select('status_value, time');
$this->db->from('ing_user_status');
$this->db->where($where_array);
$query = $this->db->get();
$row = $query->row();
$status_value = $row->status_value;
$time = $row->time;
if ($status_value == 'locked') {
$diff = time_diff_min($time);
if ($diff > 5) {
// update the account status to 'active'
$update_data = array('status_value' => 'active', 'time' => db_time());
$where_data = array('user_id' => $user_id, 'status_key' => 'acc_status');
$this->db->where($where_data);
$this->db->update('ing_user_status', $update_data);
// delete the attempr table's user content
$this->db->where('user_id', $user_id);
$this->db->delete('ing_user_login_attempts');
return FALSE;
} else {
return TRUE;
}
}
// Get timestamp of current time
$now = curTime();
// All login attempts are counted from the past 2 hours
$valid_attempts = $now - 2 * 60 * 60;
$where_array = array('user_id' => $user_id, 'time >' => $valid_attempts);
$this->db->select('time');
$this->db->from('ing_user_login_attempts');
$this->db->where($where_array);
$query = $this->db->get();
//$query = $this->db->query('SELECT time FROM ing_admin_login_attempts WHERE user_id = '.$this->db->escape($user_id).' AND time > '.$valid_attempts);
if ($query->num_rows() > 5) {
// set the account status to 'locked'
$update_data = array('status_value' => 'locked', 'time' => db_time());
$where_data = array('user_id' => $user_id, 'status_key' => 'acc_status');
$this->db->where($where_data);
$this->db->update('ing_user_status', $update_data);
return TRUE;
} else {
return FALSE;
}
}
protected function checkPassword($sUserPass, $sPassWord, $sUserName)
{
if ($sUserName == $this->sUserName) {
if ($sUserPass == $sPassWord) {
// password is correct!
return 13804;
} else {
// password incorrect!
// record the incorrect login attempts
$user_ip_browser = $this->ENC->hash($sUserName . $this->UserIPAdd . $this->UserBrowser);
$time = curTime();
$bSQL = $this->DB->query("INSERT INTO `user_login_attempts` SET `user_ip_browser` = '{$user_ip_browser}', `time` = '{$time}'");
return $bSQL ? $this->checkBrute($user_ip_browser, TRUE) ? 13802 : 13805 : FALSE;
}
} else {
// unknown error
return FALSE;
}
}
protected function checkBrute($iUserId)
{
$sSQL = "\n\t\t\tSELECT `status_value`, `time`\n\t\t\tFROM `user_status`\n\t\t\tWHERE `user_id` = '{$iUserId}' AND `status_key` = '{acc_status}'\n\t\t\tLIMIT 1\n\t\t";
$aStatus = $this->DB->query($sSQL);
$aStatus = $this->DB->fetch_array($aStatus);
$sStatusValue = $aStatus['status_value'];
$tTime = $aStatus['time'];
if ($sStatusValue == 'locked') {
$tDiff = time_diff_min($tTime);
if ($tDiff > 5) {
// update the account status to 'active'
$sSQL = "\n\t\t\t\t\tUPDATE `user_status`\n\t\t\t\t\tSET `status_value` = 'active', `time` = {db_time()}\n\t\t\t\t\tWHERE `user_id` = '{$iUserId}' AND `status_key` = 'acc_status'\n\t\t\t\t\tLIMIT 1\n\t\t\t\t";
$this->DB->query($sSQL);
// delete the attempt table's user content
$sSQL = "\n\t\t\t\t\tDELETE FROM `user_login_attempts`\n\t\t\t\t\tWHERE `user_id` = {$iUserId}\n\t\t\t\t";
$this->DB->query($sSQL);
return FALSE;
} else {
return TRUE;
}
}
// Get timestamp of current time
$tNow = curTime();
// All login attempts are counted from the past 2 hours
$tValidAttempts = $tNow - 2 * 60 * 60;
$sSQL = "\n\t\t\t\n\t\t";
$where_array = array('user_id' => $user_id, 'time >' => $valid_attempts);
$this->db->select('time');
$this->db->from('ing_user_login_attempts');
$this->db->where($where_array);
$query = $this->db->get();
//$query = $this->db->query('SELECT time FROM ing_admin_login_attempts WHERE user_id = '.$this->db->escape($user_id).' AND time > '.$valid_attempts);
if ($query->num_rows() > 5) {
// set the account status to 'locked'
$update_data = array('status_value' => 'locked', 'time' => db_time());
$where_data = array('user_id' => $user_id, 'status_key' => 'acc_status');
$this->db->where($where_data);
$this->db->update('ing_user_status', $update_data);
return TRUE;
} else {
return FALSE;
}
}
function time_diff_min($firstTime, $secondTime = '')
{
if ($firstTime == '') {
return FALSE;
}
$firstTime = strtotime($firstTime);
$secondTime = $secondTime == '' ? curTime() : strtotime($secondTime);
$timeDiff = $firstTime > $secondTime ? $firstTime - $secondTime : $secondTime - $firstTime;
return floor($timeDiff / 60);
}
function getYear($date = FALSE)
{
if ($date === FALSE) {
return date('Y', curTime());
} else {
return date('Y', strtotime($date));
}
return FALSE;
}
function db_time($datetime = FALSE)
{
if ($datetime === FALSE) {
return date('Y-m-d h:i:s', curTime());
} else {
return date('Y-m-d h:i:s', strtotime($datetime));
}
return FALSE;
}
