function CheckOfficePassword() { $redirect_to = 'step7' . (Input::get('np') ? '?np=' . Input::get('np') : ''); ## check if the office login timeout has expired if (Session::get('office_login_timeout') > 0 && time() > Session::get('office_login_timeout')) { Session::put('office_login_attempts', 0); } ## when does the bruteforce check expire ? $login_attempts = Session::get('office_login_attempts') ? Session::get('office_login_attempts') : 0; ## check if they exceeded 3 max logins. if ($login_attempts > 3) { Session::put('office_login_timeout', time() + 60); $messages = new Illuminate\Support\MessageBag(); $timeleft = Session::get('office_login_timeout') - time(); $messages->add('Error', '<b>Login Error:</b> To many login attempts, please wait <b>' . $timeleft . '</b> seconds before you try again.'); return Redirect::to($redirect_to)->withErrors($messages); } ## increase the number of times attempted to login $login_attempts++; Session::put('office_login_attempts', $login_attempts); ### now verify if the password is bad or good.. if (!verify_office_password(Input::get('p'))) { $messages = new Illuminate\Support\MessageBag(); $messages->add('Error', '<b>Office Password Not Authorized:</b> Please enter office password to access this restricted area.. [' . Session::get('office_login_attempts') . '/3]'); return Redirect::to($redirect_to)->withErrors($messages); } else { // password verified, phew. $this->Grant_Office_Use_Access(Input::get('p')); Session::forget('office_login_attempts'); Session::forget('office_login_timeout'); $messages = new Illuminate\Support\MessageBag(); $messages->add('Success', '<b>Access Granted:</b> You now have access to office use only features.'); $this->errors = $messages; $this->layout->errors = $this->errors; return Redirect::to('step7'); // $this->Step7(); } }
public function System_Verify_OfficePassword($password) { $redirect_to = 'office/login'; ## check if the office login timeout has expired if (Session::get('office_login_timeout') > 0 && time() > Session::get('office_login_timeout')) { Session::put('office_login_attempts', 0); } ## when does the bruteforce check expire ? $login_attempts = Session::get('office_login_attempts') ? Session::get('office_login_attempts') : 0; ## check if they exceeded 3 max logins. if ($login_attempts > 3) { Session::put('office_login_timeout', time() + 60); $messages = new Illuminate\Support\MessageBag(); $timeleft = Session::get('office_login_timeout') - time(); $messages->add('Error', '<b>Login Error:</b> To many login attempts, please wait <b>' . $timeleft . '</b> seconds before you try again.'); return Redirect::to($redirect_to)->withErrors($messages); } ## increase the number of times attempted to login $login_attempts++; Session::put('office_login_attempts', $login_attempts); ### now verify if the password is bad or good.. if (!verify_office_password($password)) { $messages = new Illuminate\Support\MessageBag(); $messages->add('Error', '<b>Office Password Not Authorized:</b> Please enter office password to access this restricted area.. [' . Session::get('office_login_attempts') . '/3]'); return Redirect::to($redirect_to)->withErrors($messages); } else { // password verified, phew. $this->System_User_Has_Logged_In($password); Session::forget('office_login_attempts'); Session::forget('office_login_timeout'); return $this->RedirectWithSuccess('/office/', 'You are now logged in. You can create a new client below or search for client using the button above.'); // $this->Step7(); } }