51ff3226 |
1 | <?php |
2 | function login_lockout_test() { |
3 | // lockout test |
4 | // with honeypot. check this:: http://kyberia.sk/id/2192591 |
5 | global $db,$error,$node_id; |
6 | $login=addslashes($_POST['login']); |
7 | $password=$_POST['password']; |
8 | $hash=md5($password); |
9 | $login_type=$_POST['login_type']; |
10 | |
11 | if (!session_id()) { |
12 | $error='asi nemas zapnute cookies alebo co'; |
13 | return false; |
14 | } |
15 | |
16 | switch ($login_type) { |
17 | case "name": |
18 | $q="select * from users where login='$login'"; |
19 | $set=$db->query($q); |
20 | $set->next(); |
e909f81b |
21 | require(INCLUDE_DIR.'ldap.inc'); |
51ff3226 |
22 | $user_id=$set->getString('user_id'); |
23 | $user_name=$set->getString('login'); |
24 | break; |
25 | case "id": |
26 | $q="select * from users where user_id='$login'"; |
27 | $set=$db->query($q); |
28 | $set->next(); |
e909f81b |
29 | require(INCLUDE_DIR.'ldap.inc'); |
51ff3226 |
30 | $user_id=$set->getString('user_id'); |
31 | $user_name=$set->getString('login'); |
32 | break; |
33 | } |
34 | |
35 | $ldap_response=LDAPuser::auth($user_id,$password); |
36 | if ($set->getString('password')!=$hash and !$ldap_response) { |
37 | $error="Zadal si nespravne uzivatelske meno [alebo id] alebo heslo. Rob so sebou nieco"; |
e23557a6 |
38 | $log->log('login',$node_id,'failed',$_SERVER['REMOTE_ADDR'],$login); |
51ff3226 |
39 | return false; |
40 | } |
41 | |
42 | elseif ($set->getString('user_status')=='waiting') { |
43 | $error='Tvoja registracia este nebola schvalena.'; |
44 | return false; |
45 | } |
46 | |
47 | |
48 | |
49 | else { |
50 | $now=date("Y-m-d H:i:s"); |
51 | echo $now;echo "<br>"; |
52 | $lockout=$set->getString('acc_lockout'); |
53 | echo $lockout; |
54 | if ($lockout >= $now ){echo 'xxxxxx';return false;} |
55 | |
56 | |
57 | echo 'zzzzzzzzzzzzzzz'; |
58 | |
59 | |
60 | $cube_vector=$set->getString('cube_vector'); |
61 | |
62 | // saves friends list as an array into user session |
63 | $q="select distinct node_parent,node_name from nodes where node_creator='$user_id' and |
64 | external_link='session://friend' order by node_parent"; |
65 | $friendset=$db->query($q); |
66 | |
67 | while ($friendset->next()){ |
68 | $_SESSION['friends'][$friendset->getString('node_parent')]=true; |
69 | } |
70 | |
71 | $q="select nodes.node_name,nodes.node_id from node_access left join nodes on node_access.node_id=nodes.node_id |
72 | where node_access.user_id='$user_id' and node_bookmark='yes' order by node_name"; |
73 | $bookmarkset=$db->query($q); |
74 | |
75 | while ($bookmarkset->next()){ |
76 | |
77 | $_SESSION['bookmarks'][$bookmarkset->getString('node_id')]=$bookmarkset->getString('node_name'); |
78 | } |
79 | |
80 | //saves ignored users as an array into user session |
81 | $q="select node_parent,node_name from nodes where node_creator='$user_id' and |
82 | external_link='session://ignore'"; |
83 | $ignoreset=$db->query($q); |
84 | |
85 | while ($ignoreset->next()){ |
86 | $_SESSION['ignore'][$ignoreset->getString('node_parent')]=true; |
87 | } |
88 | |
89 | LDAPuser::replicate($user_name,$user_id,$password); |
90 | |
91 | $_SESSION['user_id']=$user_id; |
92 | $_SESSION['user_name']=addslashes($user_name); |
93 | if (!empty($cube_vector)) $_SESSION['cube_vector']=$cube_vector; |
94 | if (empty($_SESSION['template_set'])) |
95 | $_SESSION['template_set']=$set->getString('template_set'); |
96 | if (is_numeric($_POST['screen_width'])) |
97 | $_SESSION['browser']['screen_width']=$_POST['screen_width']; |
98 | if (is_numeric($_POST['screen_height'])) |
99 | $_SESSION['browser']['screen_height']=$_POST['screen_height']; |
100 | $_SESSION['listing_amount']=$set->getString('listing_amount'); |
101 | |
102 | $_SESSION['listing_order']=$set->getString('listing_order'); |
103 | $_SESSION['header_id']=$set->getString('header_id'); |
e23557a6 |
104 | $log->log('login',$node_id,'ok',$user_name); |
51ff3226 |
105 | if ($user_id==1583521){ |
106 | $ip=$_SERVER['REMOTE_ADDR']; |
107 | $forwarded=$_SERVER['HTTP_X_FORWARDED_FOR']; |
108 | $ubik['mail_to']="789"; |
109 | $ubik['mail_text']="kostra logged from ip: $ip HTTP_X_FORWARDED_FOR is: $forwarded"; |
110 | ubik::ubikMail($ubik); |
111 | } |
112 | |
113 | } |
114 | return false; |
115 | } |
e909f81b |
116 | ?> |