Misterzym
/
CodeIgniter-Aauth
mirror of https://github.com/misterzym/CodeIgniter-Aauth.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
Browse Source

fixed fatal flaw on `update_login_attempts` (#133) 

- changed `last_login_attempt` value to `Y-m-d H:i:s` from `Y-m-d H:0:0`
 - changed `last_login_attempt`-check to check every x minute based on config var (`max_login_attempt_per_minutes`)
 - added optional `last_login_attempt` update on login attempt (`update_last_login_attempt`)
 - added config var `max_login_attempt_per_minutes`
 - added config var `update_last_login_attempt`
 - fixed config var info for `max_login_attempt` (`20` to `10`)
develop
REJack 9 years ago
parent
952f3ebe46
commit
30a576df06
2 changed files with 11 additions and 3 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 6
      application/config/aauth.php
  2. 8
      application/libraries/Aauth.php

6
application/config/aauth.php
Unescape View File

@ -51,7 +51,9 @@ defined('BASEPATH') OR exit('No direct script access allowed');
| ['totp_only_on_ip_change'] TOTP only on IP Change
| ['totp_reset_over_reset_password'] TOTP reset over reset Password
|
| ['max_login_attempt'] Login attempts time interval (default 20 times in one hour)
| ['max_login_attempt'] Login attempts time interval (default 10 times in one hour)
| ['max_login_attempt_per_minutes'] Max Login attempts per Minute (default 5)
| ['update_last_login_attempt'] Update last Login attempt on login (default false)
|
| ['login_with_name'] Login Identificator, if TRUE username needed to login else email address.
|
@ -109,6 +111,8 @@ $config_aauth["default"] = array(
'totp_reset_over_reset_password' => false,
'max_login_attempt' => 10,
'max_login_attempt_per_minutes' => 5,
'update_last_login_attempt' => false,
'login_with_name' => false,

8
application/libraries/Aauth.php
Unescape View File

@ -640,15 +640,19 @@ class Aauth {
$data = array();
if ( strtotime($row->last_login_attempt) == strtotime(date("Y-m-d H:0:0"))) {
if (strtotime($row->last_login_attempt) > strtotime($this->config_vars['max_login_attempt_per_minutes'])) {
$data['login_attempts'] = $row->login_attempts + 1;
if($this->config_vars['update_last_login_attempt']){
$data['last_login_attempt'] = date("Y-m-d H:i:s");
}
$query = $this->aauth_db->where('id', $user_id);
$this->aauth_db->update($this->config_vars['users'], $data);
} else {
$data['last_login_attempt'] = date("Y-m-d H:0:0");
$data['last_login_attempt'] = date("Y-m-d H:i:s");
$data['login_attempts'] = 1;
$this->aauth_db->where('id', $user_id);

Write Preview
Loading…
Cancel
Save