mirror of
https://bitbucket.org/jsuto/piler.git
synced 2024-12-25 17:50:13 +01:00
4eyes fix
This commit is contained in:
parent
4356a91b59
commit
0a15910379
@ -43,6 +43,20 @@ class ControllerLoginFoureyes extends Controller {
|
||||
if($this->request->server['REQUEST_METHOD'] == 'POST' && $this->validate() == true) {
|
||||
|
||||
if($this->model_user_auth->checkLogin($this->request->post['username'], $_POST['password']) == 1) {
|
||||
|
||||
// check if the 2nd login is indeed an admin
|
||||
|
||||
$data2 = $session->get("auth_data");
|
||||
if(!isset($data2['admin_user']) || $data2['admin_user'] != 1) {
|
||||
syslog(LOG_INFO, "user " . $data2['username'] . " is not an admin user");
|
||||
|
||||
$this->model_user_auth->increment_failed_login_count($this->data['failed_login_count']);
|
||||
$this->data['failed_login_count']++;
|
||||
|
||||
$session->set("auth_data", $data);
|
||||
}
|
||||
else {
|
||||
|
||||
$session->remove("four_eyes");
|
||||
|
||||
$this->model_user_auth->apply_user_auth_session($data);
|
||||
@ -64,6 +78,8 @@ class ControllerLoginFoureyes extends Controller {
|
||||
header("Location: " . SITE_URL . "search.php");
|
||||
exit;
|
||||
}
|
||||
|
||||
}
|
||||
else {
|
||||
$this->model_user_auth->increment_failed_login_count($this->data['failed_login_count']);
|
||||
$this->data['failed_login_count']++;
|
||||
|
Loading…
Reference in New Issue
Block a user