aboutsummaryrefslogtreecommitdiff
path: root/www/functions/func_login.php
diff options
context:
space:
mode:
Diffstat (limited to 'www/functions/func_login.php')
-rwxr-xr-xwww/functions/func_login.php19
1 files changed, 12 insertions, 7 deletions
diff --git a/www/functions/func_login.php b/www/functions/func_login.php
index ccd99db..d909180 100755
--- a/www/functions/func_login.php
+++ b/www/functions/func_login.php
@@ -10,8 +10,9 @@ function login($db){
$real_password = "";
if($username == "Guest"){
- $real_password_db = $db->query("SELECT email FROM jg");
- while($row = $real_passsword_db->fetchArray(SQLITE3_NUM)){
+
+ $real_password_db = $db->query("SELECT email FROM jg;");
+ while($row = $real_password_db->fetchArray(SQLITE3_NUM)){
if($row[0] == $password){
$log_in = true;
break;
@@ -83,14 +84,13 @@ function brutforce_protection($db){
$time = $_SERVER["REQUEST_TIME"];
if($_SESSION["login_attempts"] <= 0){
- if($db->exec("
+ $db->exec("
BEGIN TRANSACTION;
INSERT INTO banned_user (id, login_attempts, ip, session_id, time) VALUES (NULL, ".$_SESSION["login_attempts"].", '".SQLite3::escapeString($remote_ip)."', '".SQLite3::escapeString($session_id)."', ".$time.");
COMMIT;
- ")){
- echo "You are banned. ;_;";
- }
- exit;
+ ");
+ banned();
+
} else {
if($db->exec("
BEGIN TRANSACTION;
@@ -127,3 +127,8 @@ function check_if_banned($db){
return false; // not longer banned
}
+
+function banned(){
+ header("Refresh: 0; ".$GLOBALS["scheme"].$_SERVER["HTTP_HOST"]."/banned");
+ exit;
+}