aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat
-rwxr-xr-xwww/functions/func_login.php11
1 files changed, 8 insertions, 3 deletions
diff --git a/www/functions/func_login.php b/www/functions/func_login.php
index 166c835..63c7e61 100755
--- a/www/functions/func_login.php
+++ b/www/functions/func_login.php
@@ -93,16 +93,21 @@ function brutforce_protection($db){
} else {
if($db->exec("
BEGIN TRANSACTION;
- INSERT INTO banned_user (id, login_attemps, ip, session_id) VALUES (NULL, ".$_SESSION["login_attempts"].", ".$db->escapeString($remote_ip).", '".SQLite3::escapeString($session_id)."');
+ INSERT INTO banned_user (id, login_attemps, ip, session_id, time) VALUES (NULL, ".$_SESSION["login_attempts"].", ".$db->escapeString($remote_ip).", '".SQLite3::escapeString($session_id)."', '".$time."');
COMMIT;
- "))
+ ")){
+ return true;
+ } else {
+ return false;
+ }
}
}
function check_if_banned($db){
+
$remote_ip = $_SERVER["REMOTE_ADDR"];
$session_id = session_id();
- $check_db = $db->query("SELECT time, login_attempts, id FROM banned_user WHERE ip='".SQLite3::escapeString($remote_ip)."' OR session_id='".SQLite3::escapeString($session_id)."';");
+ $check_db = $db->query("SELECT time, login_attempts, id FROM banned_user WHERE ip='".SQLite3::escapeString($remote_ip)."' OR session_id='".SQLite3::escapeString($session_id)."' ORDER BY id DESC;");
$check_ar = $check_db->fetchArray(SQLITE3_NUM);
$log_at = $check_ar[1];