mirror of
https://github.com/slawkens/myaac.git
synced 2025-10-14 09:44:55 +02:00
Remove google recaptcha from code
will be included as plugin. This allows for custom recaptcha's
This commit is contained in:
slawkens
@@ -72,14 +72,6 @@ if($save)
|
||||
$errors['country'] = 'Country is invalid.';
|
||||
}
|
||||
|
||||
if(config('recaptcha_enabled'))
|
||||
{
|
||||
require_once LIBS . 'GoogleReCAPTCHA.php';
|
||||
if (!GoogleReCAPTCHA::verify('register')) {
|
||||
$errors['verification'] = GoogleReCAPTCHA::getErrorMessage();
|
||||
}
|
||||
}
|
||||
|
||||
// password
|
||||
if(empty($password)) {
|
||||
$errors['password'] = 'Please enter the password for your new account.';
|
||||
@@ -149,7 +141,9 @@ if($save)
|
||||
}
|
||||
}
|
||||
|
||||
$hooks->trigger(HOOK_ACCOUNT_CREATE_AFTER_SUBMIT, $params);
|
||||
if (!$hooks->trigger(HOOK_ACCOUNT_CREATE_POST, $params)) {
|
||||
return;
|
||||
}
|
||||
|
||||
if(config('account_create_character_create')) {
|
||||
$character_name = isset($_POST['name']) ? stripslashes(ucwords(strtolower($_POST['name']))) : null;
|
||||
|
||||
115
system/pages/account/login.php
Normal file
115
system/pages/account/login.php
Normal file
@@ -0,0 +1,115 @@
|
||||
<?php
|
||||
|
||||
// new login with data from form
|
||||
if(!$logged && isset($_POST['account_login'], $_POST['password_login']))
|
||||
{
|
||||
$login_account = $_POST['account_login'];
|
||||
$login_password = $_POST['password_login'];
|
||||
$remember_me = isset($_POST['remember_me']);
|
||||
if(!empty($login_account) && !empty($login_password))
|
||||
{
|
||||
if($cache->enabled())
|
||||
{
|
||||
$tmp = '';
|
||||
if($cache->fetch('failed_logins', $tmp))
|
||||
{
|
||||
$tmp = unserialize($tmp);
|
||||
$to_remove = array();
|
||||
foreach($tmp as $ip => $t)
|
||||
{
|
||||
if(time() - $t['last'] >= 5 * 60)
|
||||
$to_remove[] = $ip;
|
||||
}
|
||||
|
||||
foreach($to_remove as $ip)
|
||||
unset($tmp[$ip]);
|
||||
}
|
||||
else
|
||||
$tmp = array();
|
||||
|
||||
$ip = $_SERVER['REMOTE_ADDR'];
|
||||
$t = $tmp[$ip] ?? null;
|
||||
}
|
||||
|
||||
if (!$hooks->trigger(HOOK_ACCOUNT_LOGIN_POST)) {
|
||||
return;
|
||||
}
|
||||
|
||||
$account_logged = new OTS_Account();
|
||||
if (config('account_login_by_email')) {
|
||||
$account_logged->findByEMail($login_account);
|
||||
}
|
||||
|
||||
if (!config('account_login_by_email') || config('account_login_by_email_fallback')) {
|
||||
if(USE_ACCOUNT_NAME) {
|
||||
$account_logged->find($login_account);
|
||||
} else {
|
||||
$account_logged->load($login_account, true);
|
||||
}
|
||||
}
|
||||
|
||||
if($account_logged->isLoaded() && encrypt((USE_ACCOUNT_SALT ? $account_logged->getCustomField('salt') : '') . $login_password) == $account_logged->getPassword()
|
||||
&& (!isset($t) || $t['attempts'] < 5)
|
||||
)
|
||||
{
|
||||
setSession('account', $account_logged->getNumber());
|
||||
setSession('password', encrypt((USE_ACCOUNT_SALT ? $account_logged->getCustomField('salt') : '') . $login_password));
|
||||
if($remember_me) {
|
||||
setSession('remember_me', true);
|
||||
}
|
||||
|
||||
$logged = true;
|
||||
$logged_flags = $account_logged->getWebFlags();
|
||||
|
||||
if(isset($_POST['admin']) && !admin()) {
|
||||
$errors[] = 'This account has no admin privileges.';
|
||||
unsetSession('account');
|
||||
unsetSession('password');
|
||||
unsetSession('remember_me');
|
||||
$logged = false;
|
||||
}
|
||||
else {
|
||||
$account_logged->setCustomField('web_lastlogin', time());
|
||||
}
|
||||
|
||||
$hooks->trigger(HOOK_LOGIN, array('account' => $account_logged, 'password' => $login_password, 'remember_me' => $remember_me));
|
||||
}
|
||||
else
|
||||
{
|
||||
$hooks->trigger(HOOK_LOGIN_ATTEMPT, array('account' => $login_account, 'password' => $login_password, 'remember_me' => $remember_me));
|
||||
|
||||
$errorMessage = getAccountLoginByLabel() . ' or password is not correct.';
|
||||
|
||||
// temporary solution for blocking failed login attempts
|
||||
if($cache->enabled())
|
||||
{
|
||||
if(isset($t))
|
||||
{
|
||||
$t['attempts']++;
|
||||
$t['last'] = time();
|
||||
|
||||
if($t['attempts'] >= 5)
|
||||
$errors[] = 'A wrong password has been entered 5 times in a row. You are unable to log into your account for the next 5 minutes. Please wait.';
|
||||
else
|
||||
$errors[] = $errorMessage;
|
||||
}
|
||||
else
|
||||
{
|
||||
$t = array('attempts' => 1, 'last' => time());
|
||||
$errors[] = $errorMessage;
|
||||
}
|
||||
|
||||
$tmp[$ip] = $t;
|
||||
$cache->set('failed_logins', serialize($tmp), 60 * 60); // save for 1 hour
|
||||
}
|
||||
else {
|
||||
$errors[] = $errorMessage;
|
||||
}
|
||||
}
|
||||
}
|
||||
else {
|
||||
$errors[] = 'Please enter your ' . getAccountLoginByLabel() . ' and password.';
|
||||
|
||||
$hooks->trigger(HOOK_LOGIN_ATTEMPT, array('account' => $login_account, 'password' => $login_password, 'remember_me' => $remember_me));
|
||||
}
|
||||
}
|
||||
@@ -11,6 +11,7 @@
|
||||
defined('MYAAC') or die('Direct access not allowed!');
|
||||
|
||||
$title = 'Account Management';
|
||||
require __DIR__ . '/login.php';
|
||||
require __DIR__ . '/base.php';
|
||||
|
||||
if(!$logged) {
|
||||
|
||||
Reference in New Issue
Block a user