function siteaccess_login_hook($hook, $type, $result, $params) { if (siteaccess_login_captcha_enabled()) { $username = get_input('username'); $password = get_input('password', null, false); if (empty($username) || empty($password)) { return true; // if not set bail } // check if logging in with email address if (strpos($username, '@') !== false && ($users = get_user_by_email($username))) { $username = $users[0]->username; } $user = get_user_by_username($username); if (!$user) { return true; // doesn't exit bail } if (!$_SESSION['login_failure']) { $_SESSION['login_failure'] = (int) $user->getPrivateSetting("login_failures"); } if ($_SESSION['login_failure'] >= siteaccess_login_threshold()) { if (!siteaccess_validate_captcha()) { return false; } } // require captcha if (elgg_authenticate($username, $password) !== true) { $_SESSION['login_failure']++; register_error(elgg_echo('login:baduser')); return false; } else { $_SESSION['login_failure'] = 0; } } return true; }
<div> <?php if (siteaccess_login_captcha_enabled() and $_SESSION['login_failure'] >= siteaccess_login_threshold()) { echo elgg_view('siteaccess/code', $vars); } ?> </div>