diff options
| author | moehm | 2014-03-28 22:39:47 +0100 |
|---|---|---|
| committer | moehm | 2014-03-28 22:39:47 +0100 |
| commit | 6419201108e177b9547fda1fe9141989cf9db806 (patch) | |
| tree | 40e86d5b787b4b9e10f65c40d8dc91794d0b2bfb /www/index.php | |
| parent | ed5dabd4df988f63d300fa4ed6cc388990b0fdfb (diff) | |
| download | files.iamfabulous.de-6419201108e177b9547fda1fe9141989cf9db806.tar.gz | |
Butforce protection, now banns malicious user.
Diffstat (limited to 'www/index.php')
| -rwxr-xr-x | www/index.php | 18 |
1 files changed, 15 insertions, 3 deletions
diff --git a/www/index.php b/www/index.php index d7adf38..be63506 100755 --- a/www/index.php +++ b/www/index.php @@ -14,8 +14,16 @@ if(!isset($_SESSION["banned"])){ } if($_SESSION["banned"]){ - echo "You are banned."; - exit; + if(check_if_banned($db)){ + $_SESSION["banned"] = false; + } else { + echo "You are banned. ;_;"; + exit; + } +} + +if(!isset($_SESSION["login_attempts"])){ + $_SESSION["login_attempts"] = 6; } if(empty($_GET)){ @@ -40,8 +48,12 @@ if(empty($_GET)){ if($_SERVER['REQUEST_METHOD'] == 'POST'){ $var = login($db); if($var == LOGIN_SUCCESSFULL){ + $_SESSION["login_attempts"] = 6; header("Refresh: 0; ".$scheme.$_SERVER["HTTP_HOST"]."/".$_SESSION["username"]); - //account($db); + } elseif ($var == LOGIN_PASSWORD){ + brutforce_protection($db); + print_login($var); + } else { print_login($var); } |