tyler.durden/pandorafms
1
0
Fork 0
mirror of https://github.com/pandorafms/pandorafms.git synced 2025-04-08 18:55:09 +02:00
Code Issues Packages Projects Releases Wiki Activity

Merge branch 'ent-10294-enumeracion-usuarios-en-errores-login-pandora-fms' into 'develop'

Browse Source 
Ent 10294 enumeracion usuarios en errores login pandora fms

See merge request artica/pandorafms!5519
This commit is contained in:
Rafael Ameijeiras 2023-03-06 10:43:26 +00:00
commit 3a97227336
3 changed files with 40 additions and 12 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

43
pandora_console/general/login_page.php
View File

@ -485,9 +485,36 @@ if (isset($correct_reset_pass_process)) {
}
if (isset($login_failed)) {
$nick = get_parameter_post('nick');
$fails = db_get_value('failed_attempt', 'tusuario', 'id_user', $nick);
$nick = io_safe_input(get_parameter_post('nick'));
$user_in_db = db_get_row_filter(
'tusuario',
['id_user' => $nick],
'*'
);
$fails = $user_in_db['failed_attempt'];
// If user not exist, and attempts its enable, lets make array and fails attemps.
if ($fails == false && $config['enable_pass_policy'] && $user_in_db === false) {
$nick_array_error = json_decode(base64_decode($config['nicks_error']), true);
$nick = strtolower($nick);
if (isset($nick_array_error[$nick]) !== false) {
$nick_array_error[$nick] += 1;
} else {
$nick_array_error[$nick] = 1;
}
$fails = $nick_array_error[$nick];
// Save or update the array.
if ($config['nicks_error']) {
config_update_value('nicks_error', base64_encode(json_encode($nick_array_error)));
} else {
config_create_value('nicks_error', base64_encode(json_encode($nick_array_error)));
}
} else {
$fails = ++$fails;
}
$attemps = ($config['number_attempts'] - $fails);
$attemps = ($attemps < 0) ? 0 : $attemps;
echo '<div id="login_failed" title="'.__('Login failed').'">';
echo '<div class="content_alert">';
echo '<div class="icon_message_alert">';
@ -500,7 +527,12 @@ if (isset($login_failed)) {
echo '</div>';
if ($config['enable_pass_policy']) {
echo '<div class="text_message_alert">';
echo '<p><strong>Remaining attempts: '.$attemps.'</strong></p>';
if ($attemps !== 0 && $user_in_db['login_blocked'] == 0) {
echo '<p><strong>'.__('Remaining attempts: ').$attemps.'</strong></p>';
} else {
echo '<p><strong>'.__('User is blocked').'</strong></p>';
}
echo '</div>';
}
@ -791,8 +823,8 @@ html_print_div(['id' => 'forced_title_layer', 'class' => 'forced_title_layer', '
resizable: true,
draggable: true,
modal: true,
height: 220,
width: 528,
height: 230,
width: 530,
overlay: {
opacity: 0.5,
background: "black"
@ -805,7 +837,6 @@ html_print_div(['id' => 'forced_title_layer', 'class' => 'forced_title_layer', '
$("#login_correct_pass").dialog('close');
});
});
$('#nick').focus();
break;
}

2
pandora_console/mobile/include/ui.class.php
View File

@ -744,7 +744,7 @@ class Ui
$dialogHtml .= "<div id='".$content_id."' class='".$content_class."' data-role='content'>\n";
$dialogHtml .= $content_text;
if ($button_close) {
$dialogHtml .= "<a data-role='button' href='#main_page' id='".$dialog_id."-button_close'>";
$dialogHtml .= "<a data-role='button' href='javascript:history.back()' id='".$dialog_id."-button_close'>";
if (empty($button_text)) {
$dialogHtml .= __('Close');
} else {

7
pandora_console/mobile/include/user.class.php
View File

@ -349,11 +349,7 @@ class User
if ($this->errorLogin) {
$options['type'] = 'onStart';
$options['title_text'] = __('Login Failed');
if ($this->errorLogin !== false) {
$options['content_text'] = $this->errorLogin;
} else {
$options['content_text'] = __('User not found in database or incorrect password.');
}
$options['content_text'] = __('User not found in database or incorrect password.');
$ui->addDialog($options);
}
@ -401,6 +397,7 @@ class User
'value' => '',
'placeholder' => __('password'),
'label' => __('Password'),
'required' => 'required',
];
$ui->formAddInputPassword($options);
$options = [