@ -559,7 +619,13 @@ function hesk_limitBfAttempts($showError=1)
{
global $hesk_settings, $hesklang;
/* If this feature is disabled or already called, return false */
// Check if this IP is banned permanently
if ( hesk_isBannedIP($_SERVER['REMOTE_ADDR']) )
{
hesk_error($hesklang['baned_ip'], 0);
}
/* If this feature is disabled or already called, return false */
if ( ! $hesk_settings['attempt_limit'] || defined('HESK_BF_LIMIT') )
{
return false;
@ -571,7 +637,7 @@ function hesk_limitBfAttempts($showError=1)
$ip = $_SERVER['REMOTE_ADDR'];
/* Get number of failed attempts from the database */
$res = hesk_dbQuery("SELECT `number`, (CASE WHEN `last_attempt` IS NOT NULL AND DATE_ADD( last_attempt, INTERVAL " . hesk_dbEscape($hesk_settings['attempt_banmin']) . " MINUTE ) > NOW( ) THEN 1 ELSE 0 END) AS `banned` FROM `".hesk_dbEscape($hesk_settings['db_pfix'])."logins` WHERE `ip`='".hesk_dbEscape($ip)."' LIMIT 1");
$res = hesk_dbQuery("SELECT `number`, (CASE WHEN `last_attempt` IS NOT NULL AND DATE_ADD(`last_attempt`, INTERVAL ".intval($hesk_settings['attempt_banmin'])." MINUTE ) > NOW() THEN 1 ELSE 0 END) AS `banned` FROM `".hesk_dbEscape($hesk_settings['db_pfix'])."logins` WHERE `ip`='".hesk_dbEscape($ip)."' LIMIT 1");
/* Not in the database yet? Add first one and return false */
if (hesk_dbNumRows($res) != 1)
@ -702,6 +768,9 @@ function hesk_process_messages($message,$redirect_to,$type='ERROR')
case 'NOTICE':
$_SESSION['HESK_NOTICE'] = TRUE;
break;
case 'INFO':
$_SESSION['HESK_INFO'] = TRUE;
break;
default:
$_SESSION['HESK_ERROR'] = TRUE;
}
@ -741,6 +810,10 @@ function hesk_handle_messages()
{
hesk_show_notice($_SESSION['HESK_MESSAGE']);
}
elseif ( isset($_SESSION['HESK_INFO']) )
{
hesk_show_info($_SESSION['HESK_MESSAGE']);
}
hesk_cleanSessionVars('HESK_MESSAGE');
}
@ -749,6 +822,7 @@ function hesk_handle_messages()
hesk_cleanSessionVars('HESK_ERROR');
hesk_cleanSessionVars('HESK_SUCCESS');
hesk_cleanSessionVars('HESK_NOTICE');
hesk_cleanSessionVars('HESK_INFO');
// Secondary message
if ( isset($_SESSION['HESK_2ND_NOTICE']) && isset($_SESSION['HESK_2ND_MESSAGE']) )
@ -762,39 +836,55 @@ function hesk_handle_messages()
} // END hesk_handle_messages()
function hesk_show_error($message,$title='') {
function hesk_show_error($message,$title='',$append_colon=true) {
global $hesk_settings, $hesklang;
$title = $title ? $title : $hesklang['error'];
$title = $append_colon ? $title . ':' : $title;
?>
<divalign="left"class="alert alert-danger">
<b><?phpecho$title;?>:</b><?phpecho$message;?>
<b><?phpecho$title;?></b><?phpecho$message;?>
</div>
<?php
} // END hesk_show_error()
function hesk_show_success($message,$title='') {
function hesk_show_success($message,$title='',$append_colon=true) {
global $hesk_settings, $hesklang;
$title = $title ? $title : $hesklang['success'];
$title = $append_colon ? $title . ':' : $title;
?>
<divalign="left"class="alert alert-success">
<b><?phpecho$title;?>:</b><?phpecho$message;?>
<b><?phpecho$title;?></b><?phpecho$message;?>
</div>
<?php
} // END hesk_show_success()
function hesk_show_notice($message,$title='') {
function hesk_show_notice($message,$title='',$append_colon=true) {
global $hesk_settings, $hesklang;
$title = $title ? $title : $hesklang['note'];
$title = $append_colon ? $title . ':' : $title;
?>
<divclass="alert alert-warning">
<b><?phpecho$title;?>:</b><?phpecho$message;?>
<b><?phpecho$title;?></b><?phpecho$message;?>
</div>
<br/>
<?php
} // END hesk_show_notice()
function hesk_show_info($message,$title='',$append_colon=true)