• IPv4 and IPv6 addresses
  • individual addresses (192.168.0.1)
  • masks for individual addresses (192.168.0.1/32)
  • masks for Class C networks (192.168.0.1/24)
This is disabled for AdX when it is contained within Operators: ADD, SET.
Inheritance: extends Criterion
Exemplo n.º 1
0
 /**
  * If there were no login attempt or it failed render login form page
  * otherwise redirect him to wherever he should return to.
  *
  * Also, this endpoint serves as the AJAX endpoint for client-side validation of login info.
  */
 public function run()
 {
     $ip_addr = Yii::app()->request->userHostAddress;
     $locks = IpBlock::model()->findAllByAttributes(array('ip_addr' => $ip_addr));
     if (count($locks) > 0) {
         if ($locks[0]->until_time >= time()) {
             $this->controller->render('locked');
         } else {
             foreach ($locks as $lock) {
                 if ($lock->id_user) {
                     $locked_user = User::model()->findByPk($lock->id_user);
                     if ($locked_user) {
                         $locked_user->saveAttributes(array('login_attempts' => 0));
                     }
                 }
                 $lock->delete();
             }
         }
     } else {
         $user = Yii::app()->user;
         $userdata = $user->data();
         $this->redirectAwayAlreadyAuthenticatedUsers($user);
         $model = new FrontendLoginForm();
         $request = Yii::app()->request;
         $this->respondIfAjaxRequest($request, $model);
         $formData = $request->getPost(get_class($model), false);
         $show_remaining = false;
         $remaining_attempts = FrontendLoginForm::LOCK_LOGIN_ATTEMPTS;
         if ($formData) {
             $model->attributes = $formData;
             if ($model->validate(array('username', 'password', 'verifyCode')) && $model->login()) {
                 //Yii::app()->user->setFlash('danger', '<strong>Error!</strong> Ingresa los datos de accesso correctamente.');
                 $this->controller->redirect($user->returnUrl);
             } else {
                 $login_attempts = $model->getUser()->login_attempts;
                 $remaining_attempts = FrontendLoginForm::LOCK_LOGIN_ATTEMPTS - $login_attempts;
                 $remaining_attempts = $remaining_attempts >= 0 ? $remaining_attempts : 0;
                 if ($remaining_attempts <= 3) {
                     $show_remaining = true;
                 }
             }
         }
         $this->controller->render('index', compact('model', 'show_remaining', 'remaining_attempts'));
     }
 }
Exemplo n.º 2
0
 /**
  * Inline validator for password field.
  *
  * @param string
  * @param array
  */
 public function authenticate($attribute, $params)
 {
     if ($this->hasErrors()) {
         return;
     }
     $this->_identity = new UserIdentity($this->username, $this->password);
     if ($this->_identity->authenticate()) {
         $this->user->saveAttributes(array('login_attempts' => 0));
         $locks = IpBlock::model()->findAllByAttributes(array('ip_addr' => Yii::app()->request->userHostAddress));
         foreach ($locks as $lock) {
             $lock->delete();
         }
         return;
     }
     if ($this->user !== null and $this->user->login_attempts < 100) {
         $this->user->saveAttributes(array('login_attempts' => $this->user->login_attempts + 1));
         if ($this->user->login_attempts >= self::LOCK_LOGIN_ATTEMPTS) {
             $ipblock = new IpBlock();
             $ipblock->ip_addr = Yii::app()->request->userHostAddress;
             $ipblock->id_user = $this->user->id;
             $ipblock->until_time = time() + 3600;
             // 3600 => 1 hr
             $ipblock->save();
         }
     }
     $this->addError('username', Yii::t('errors', 'Incorrect username and/or password.'));
     $this->addError('password', Yii::t('errors', 'Incorrect username and/or password.'));
 }