-
Notifications
You must be signed in to change notification settings - Fork 13
/
login.php
139 lines (106 loc) · 2.35 KB
/
login.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
<?php
require_once('includes/header.php');
require_once('includes/recaptcha.php');
$smarty->assign('title', _('Login - SeaVPN'));
$action = isset($_GET['action']) ? $_GET['action'] : '';
switch ($action) {
case 'chk':
login_check();
break;
default:
login_main();
break;
}
function login_main() {
global $smarty;
if (login_needcaptcha()) {
$smarty->assign('recaptcha_html', recaptcha_get_html(RECAPTCHA_PUBLIC_KEY, null, true));
}
$smarty->display('templates/login.html');
}
function login_check() {
global $smarty;
$email = @$_POST['email'];
$pass = @$_POST['loginpass'];
if (login_needcaptcha()) {
if (recaptcha_verify() !== true) {
login_error(_('The CAPTCHA you entered is incorrect'));
die();
}
}
$ret = user_verify($email, $pass);
if ($ret !== true) {
login_incfail();
login_error($ret);
die();
}
else {
user_online($email);
login_resetfail();
$url = 'account.php';
header("Location: $url");
$smarty->assign('url', $url);
$smarty->display('templates/redirect.html');
}
}
/**
* 设置当前 IP 访客的登录失败次数 +1
*/
function login_incfail() {
$ip = $_SERVER['REMOTE_ADDR'];
$num = cache_get("login_fails_$ip");
if (!$num) {
$num = 1;
}
else {
$num++;
}
cache_set("login_fails_$ip", $num);
if ($num >= LOGIN_MAXTRIES_WITHOUT_CAPTCHA) {
cache_set("need_captcha_$ip", time(), LOGIN_FAIL_ANNEAL_TIME);
}
}
/**
* 清除当前 IP 访客的登录失败次数。
* 如果登录失败次数是 0,不管;如果不是 0,则将其设为 0,并设置一个超时时间
*/
function login_resetfail() {
$ip = $_SERVER['REMOTE_ADDR'];
$num = cache_get("login_fails_$ip");
if ($num != 0) {
echo "set it to expire";
cache_set("login_fails_$ip", 0, LOGIN_FAIL_ANNEAL_TIME);
}
}
/**
* 判断当前访客是否必须输入验证码
*/
function login_needcaptcha() {
$ip = $_SERVER['REMOTE_ADDR'];
if (cache_isset("need_captcha_$ip")) {
return true;
}
else {
return false;
}
}
/**
* 获取当前 IP 访客的登录失败次数
*/
function login_failtimes() {
$ip = $_SERVER['REMOTE_ADDR'];
$num = cache_get("login_fails_$ip");
if (!$num) {
return 0;
}
else {
return $num;
}
}
function login_error($msg) {
global $smarty;
$smarty->assign('error_msg', $msg);
$smarty->assign('email', htmlspecialchars(@$_POST['email']));
login_main();
}
?>