static function setFailedLoginAttempts($userID, $value = false, $setByForce = false)
{
$trustedUser = eZUser::isTrusted();
// If user is trusted we should stop processing
if ($trustedUser and !$setByForce) {
return true;
}
$maxNumberOfFailedLogin = eZUser::maxNumberOfFailedLogin();
if ($maxNumberOfFailedLogin == '0' and !$setByForce) {
return true;
}
$userID = (int) $userID;
$userObject = eZUser::fetch($userID);
if (!$userObject) {
return true;
}
$isEnabled = $userObject->isEnabled();
// If current user is disabled we should not continue
if (!$isEnabled and !$setByForce) {
return true;
}
$db = eZDB::instance();
$db->begin();
$userVisitArray = $db->arrayQuery("SELECT 1 FROM ezuservisit WHERE user_id={$userID}");
if (isset($userVisitArray[0])) {
if ($value === false) {
$failedLoginAttempts = $userObject->failedLoginAttempts();
$failedLoginAttempts += 1;
} else {
$failedLoginAttempts = (int) $value;
}
$db->query("UPDATE ezuservisit SET failed_login_attempts={$failedLoginAttempts} WHERE user_id={$userID}");
} else {
if ($value === false) {
$failedLoginAttempts = 1;
} else {
$failedLoginAttempts = (int) $value;
}
$db->query("INSERT INTO ezuservisit ( failed_login_attempts, user_id ) VALUES ( {$failedLoginAttempts}, {$userID} )");
}
$db->commit();
eZContentCacheManager::clearContentCacheIfNeeded($userID);
eZContentCacheManager::generateObjectViewCache($userID);
}
// called from outside of a template (?)
$requestedURI = $GLOBALS['eZRequestedURI'];
if ($requestedURI instanceof eZURI) {
$requestedModule = $requestedURI->element(0, false);
$requestedView = $requestedURI->element(1, false);
if ($requestedModule != 'user' or $requestedView != 'login') {
$userRedirectURI = $requestedURI->originalURIString(false);
}
}
}
if ($http->hasPostVariable("RegisterButton")) {
$Module->redirectToView('register');
}
$userIsNotAllowedToLogin = false;
$failedLoginAttempts = false;
$maxNumOfFailedLogin = !eZUser::isTrusted() ? eZUser::maxNumberOfFailedLogin() : false;
// Should we show message about failed login attempt and max number of failed login
if ($loginWarning and isset($GLOBALS['eZFailedLoginAttemptUserID'])) {
$showMessageIfExceeded = $ini->hasVariable('UserSettings', 'ShowMessageIfExceeded') ? $ini->variable('UserSettings', 'ShowMessageIfExceeded') == 'true' : false;
$failedUserID = $GLOBALS['eZFailedLoginAttemptUserID'];
$failedLoginAttempts = eZUser::failedLoginAttemptsByUserID($failedUserID);
$canLogin = eZUser::isEnabledAfterFailedLogin($failedUserID);
if ($showMessageIfExceeded and !$canLogin) {
$userIsNotAllowedToLogin = true;
}
}
$tpl = eZTemplate::factory();
$tpl->setVariable('login', $userLogin, 'User');
$tpl->setVariable('post_data', $postData, 'User');
$tpl->setVariable('password', $userPassword, 'User');
$tpl->setVariable('redirect_uri', $userRedirectURI, 'User');
