WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A
PARTICULAR PURPOSE. See the GNU General Public License for more details.
+<<<<<<< HEAD
+* @version $Id: NP_SecurityEnforcer.php 1721 2012-03-31 10:18:25Z sakamocchi $
+=======
* @version $Id: NP_SecurityEnforcer.php 1874 2012-06-17 07:27:38Z sakamocchi $
+>>>>>>> skinnable-master
*/
class NP_SecurityEnforcer extends NucleusPlugin
{
$this->createOption('login_lockout', '_SECURITYENFORCER_OPT_LOGIN_LOCKOUT', 'text', '15');
// create needed tables
+<<<<<<< HEAD
+ DB::execute("CREATE TABLE IF NOT EXISTS ". sql_table('plug_securityenforcer').
+=======
DB::execute('CREATE TABLE IF NOT EXISTS '. sql_table('plug_securityenforcer').
+>>>>>>> skinnable-master
" (login varchar(255),
fails int(11) NOT NULL default '0',
lastfail bigint NOT NULL default '0',
global $_SERVER;
$login = $data['login'];
$ip = $_SERVER['REMOTE_ADDR'];
+<<<<<<< HEAD
+ DB::execute("DELETE FROM " . sql_table('plug_securityenforcer') . " WHERE lastfail < " . (time() - ($this->login_lockout * 60)));
+ $query = "SELECT fails as result FROM " . sql_table('plug_securityenforcer') . " ";
+ $query .= 'WHERE login=' . DB::quoteValue($login);
+ $flogin = DB::getValue($query);
+ $query = "SELECT fails as result FROM " . sql_table('plug_securityenforcer') . " ";
+ $query .= 'WHERE login=' . DB::quoteValue($ip);
+=======
$query = "DELETE FROM %s WHERE lastfail < %d;";
$query = sprintf($query, sql_table('plug_securityenforcer'), (integer) (time() - ($this->login_lockout * 60)));
$query = "SELECT fails as result FROM %s WHERE login=%s;";
$query = sprintf($query, sql_table('plug_securityenforcer'), DB::quoteValue($ip));
+>>>>>>> skinnable-master
$fip = DB::getValue($query);
if ( $flogin >= $this->max_failed_login || $fip >= $this->max_failed_login )
global $_SERVER;
$login = $data['username'];
$ip = $_SERVER['REMOTE_ADDR'];
+<<<<<<< HEAD
+ DB::execute("DELETE FROM " . sql_table('plug_securityenforcer') . " WHERE login=" . DB::quoteValue($login));
+ DB::execute("DELETE FROM " . sql_table('plug_securityenforcer') . " WHERE login=" . DB::quoteValue($ip));
+=======
DB::execute('DELETE FROM ' . sql_table('plug_securityenforcer') . ' WHERE login=' . DB::quoteValue($login));
DB::execute('DELETE FROM ' . sql_table('plug_securityenforcer') . ' WHERE login=' . DB::quoteValue($ip));
+>>>>>>> skinnable-master
return;
}
global $_SERVER;
$login = $data['username'];
$ip = $_SERVER['REMOTE_ADDR'];
+<<<<<<< HEAD
+ $lres = DB::getValue("SELECT * FROM " . sql_table('plug_securityenforcer') . ' WHERE login=' . DB::quoteValue($login));
+ if ( $lres )
+ {
+ DB::execute("UPDATE " . sql_table('plug_securityenforcer') . " SET fails=fails+1, lastfail=" . time() . ' WHERE login=' . DB::quoteValue($login));
+ }
+ else
+ {
+ DB::execute("INSERT INTO " . sql_table('plug_securityenforcer') . ' (login,fails,lastfail) VALUES (' . DB::quoteValue($login) . ',1,' . time() . ')');
+ }
+ $lres = DB::getValue("SELECT * FROM " . sql_table('plug_securityenforcer') . " WHERE login='" . DB::quoteValue($ip) . "'");
+ if ( $lres )
+ {
+ DB::execute("UPDATE " . sql_table('plug_securityenforcer') . ' SET fails=fails+1, lastfail=' . time() . ' WHERE login=' . DB::quoteValue($ip));
+ }
+ else
+ {
+ DB::execute("INSERT INTO " . sql_table('plug_securityenforcer') . ' (login,fails,lastfail) VALUES (' . DB::quoteValue($ip) . ',1,' . time() . ')');
+=======
$lres = DB::getResult('SELECT * FROM ' . sql_table('plug_securityenforcer') . ' WHERE login=' . DB::quoteValue($login));
if ( $lres->rowCount() > 0 )
{
else
{
DB::execute('INSERT INTO ' . sql_table('plug_securityenforcer') . ' (login,fails,lastfail) VALUES (' . DB::quoteValue($ip) . ',1,' . time() . ')');
+>>>>>>> skinnable-master
}
return;
}
$complexity = 4;
}
+<<<<<<< HEAD
+ $ucchars = "[A-Z]";
+ $lcchars = "[a-z]";
+ $numchars = "[0-9]";
+ $ochars = "[-~!@#$%^&*()_+=,.<>?:;|]";
+=======
$ucchars = '[A-Z]';
$lcchars = '[a-z]';
$numchars = '[0-9]';
$ochars = '[#-~!@\\$%^&*()_+=,.<>?:;|]';
+>>>>>>> skinnable-master
$chartypes = array($ucchars, $lcchars, $numchars, $ochars);
$tot = array(0,0,0,0);
$i = 0;