#10294 login user bloqued and attempts

2023-02-08 11:59:20 +01:00 · 2023-02-08 11:59:20 +01:00 · d190c36a9e
parent 1d7230e9ca
commit d190c36a9e
3 changed files with 19 additions and 11 deletions
--- a/pandora_console/general/login_page.php
+++ b/pandora_console/general/login_page.php
@ -482,12 +482,16 @@ if (isset($correct_reset_pass_process)) {

 if (isset($login_failed)) {
    $nick = io_safe_input(get_parameter_post('nick'));
-    $fails = db_get_value('failed_attempt', 'tusuario', 'id_user', $nick);
-
+    $user_in_db = db_get_row_filter(
+        'tusuario',
+        ['id_user' => $nick],
+        '*'
+    );
+    $fails = $user_in_db['failed_attempt'];
    // If user not exist, and attempts its enable, lets make array and fails attemps.
-    if ($fails == false && $config['enable_pass_policy']) {
+    if ($fails == false && $config['enable_pass_policy'] && $user_in_db === false) {
        $nick_array_error = json_decode(base64_decode($config['nicks_error']), true);
-
+        $nick = strtolower($nick);
        if (isset($nick_array_error[$nick]) !== false) {
            $nick_array_error[$nick] += 1;
        } else {
@ -495,11 +499,14 @@ if (isset($login_failed)) {
        }

        $fails = $nick_array_error[$nick];
+        // Save or update the array.
        if ($config['nicks_error']) {
            config_update_value('nicks_error', base64_encode(json_encode($nick_array_error)));
        } else {
            config_create_value('nicks_error', base64_encode(json_encode($nick_array_error)));
        }
+    } else {
+        $fails = ++$fails;
    }

    $attemps = ($config['number_attempts'] - $fails);
@ -516,7 +523,12 @@ if (isset($login_failed)) {
                echo '</div>';
    if ($config['enable_pass_policy']) {
        echo '<div class="text_message_alert">';
-            echo '<p><strong>Remaining attempts: '.$attemps.'</strong></p>';
+        if ($attemps !== 0 && $user_in_db['login_blocked'] == 0) {
+            echo '<p><strong>'.__('Remaining attempts: ').$attemps.'</strong></p>';
+        } else {
+            echo '<p><strong>'.__('User is blocked').'</strong></p>';
+        }
+
        echo '</div>';
    }

--- a/pandora_console/mobile/include/ui.class.php
+++ b/pandora_console/mobile/include/ui.class.php
@ -744,7 +744,7 @@ class Ui
        $dialogHtml .= "<div id='".$content_id."' class='".$content_class."' data-role='content'>\n";
        $dialogHtml .= $content_text;
        if ($button_close) {
-            $dialogHtml .= "<a data-role='button' href='#main_page' id='".$dialog_id."-button_close'>";
+            $dialogHtml .= "<a data-role='button' href='javascript:history.back()' id='".$dialog_id."-button_close'>";
            if (empty($button_text)) {
                $dialogHtml .= __('Close');
            } else {
--- a/pandora_console/mobile/include/user.class.php
+++ b/pandora_console/mobile/include/user.class.php
@ -349,11 +349,7 @@ class User
        if ($this->errorLogin) {
            $options['type'] = 'onStart';
            $options['title_text'] = __('Login Failed');
-            if ($this->errorLogin !== false) {
-                $options['content_text'] = $this->errorLogin;
-            } else {
-                $options['content_text'] = __('User not found in database or incorrect password.');
-            }
+            $options['content_text'] = __('User not found in database or incorrect password.');

            $ui->addDialog($options);
        }