bashclub/piler
1
0
Fork 0
mirror of https://bitbucket.org/jsuto/piler.git synced 2024-12-26 05:20:11 +01:00
Code Issues Packages Projects Releases Wiki Activity

4eyes fix

Browse Source
This commit is contained in:
SJ 2015-02-20 13:53:32 +01:00
parent 4356a91b59
commit 0a15910379
1 changed files with 19 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
webui/controller/login/foureyes.php
View File

@ -43,6 +43,20 @@ class ControllerLoginFoureyes extends Controller {
if($this->request->server['REQUEST_METHOD'] == 'POST' && $this->validate() == true) { if($this->request->server['REQUEST_METHOD'] == 'POST' && $this->validate() == true) {
if($this->model_user_auth->checkLogin($this->request->post['username'], $_POST['password']) == 1) { if($this->model_user_auth->checkLogin($this->request->post['username'], $_POST['password']) == 1) {
// check if the 2nd login is indeed an admin
$data2 = $session->get("auth_data");
if(!isset($data2['admin_user']) || $data2['admin_user'] != 1) {
syslog(LOG_INFO, "user " . $data2['username'] . " is not an admin user");
$this->model_user_auth->increment_failed_login_count($this->data['failed_login_count']);
$this->data['failed_login_count']++;
$session->set("auth_data", $data);
}
else {
$session->remove("four_eyes"); $session->remove("four_eyes");
$this->model_user_auth->apply_user_auth_session($data); $this->model_user_auth->apply_user_auth_session($data);
@ -64,6 +78,8 @@ class ControllerLoginFoureyes extends Controller {
header("Location: " . SITE_URL . "search.php"); header("Location: " . SITE_URL . "search.php");
exit; exit;
} }
}
else { else {
$this->model_user_auth->increment_failed_login_count($this->data['failed_login_count']); $this->model_user_auth->increment_failed_login_count($this->data['failed_login_count']);
$this->data['failed_login_count']++; $this->data['failed_login_count']++;