die(ossim_error()); } $failed = true; $first_login = "******"; if (REQUEST('user') && trim($pass) != "") { require_once "classes/Config.inc"; $session = new Session($user, $pass, ""); $conf = new Config(); if ($accepted == "yes") { $conf->update("first_login", "no"); } $is_disabled = $session->is_disabled(); $login_return = $session->login(); $first_userlogin = $session->first_login(); $last_pass_change = $session->last_pass_change(); $login_exists = $session->login_exists(); $lockout_duration = intval($conf->get_conf("unlock_user_interval", FALSE)) * 60; $customize_wizard = intval($conf->get_conf("customize_wizard", FALSE)) ? true : false; if ($login_return != true) { $infolog = array(REQUEST('user')); $_SESSION['_user'] = ""; Log_action::log(94, $infolog); $failed = true; $bad_pass = true; $failed_retries = $conf->get_conf("failed_retries", FALSE); if ($login_exists && !$is_disabled && $lockout_duration > 0) { $_SESSION['bad_pass'][$user]++; if ($_SESSION['bad_pass'][$user] >= $failed_retries && $user != ACL_DEFAULT_OSSIM_ADMIN) { // auto-disable user $disabled = true; $session->login_disable();