Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- public function executeLog(sfWebRequest $request)
- {
- if ($this->getUser()->isAuthenticated())
- {
- $this->getUser()->logOut();
- }
- else
- {
- //code against brute force
- $time = sfDbConfigHandler::get('log_wait');
- $max = sfDbConfigHandler::get('log_max');
- if (!isset($_SESSION['log_try']))
- {
- $_SESSION['log_try'] = array('wait' => strtotime($time), 'count' => 0);
- }
- ++$_SESSION['log_try']['count']; //here, because the check is just lower
- if (-1 != $max && $_SESSION['log_try']['count'] > $max)
- {
- if ($_SESSION['log_try']['wait'] < time())
- { //reset
- $_SESSION['log_try'] = array('wait' => strtotime($time), 'count' => 1);
- }
- else
- {
- $this->wait = $_SESSION['log_try']['wait'];
- return sfView::ERROR;
- }
- }
- $this->forward404Unless($username = $request->getParameter('username'));
- $this->forward404Unless($password = $request->getParameter('password'));
- $this->account = Doctrine_Core::getTable('Account')
- ->findOneByUsernameAndPasswordAndBanned($username, $password, false);
- if ($this->account)
- {
- /**
- $this->forward404If($this->account->getValidationToken());
- */
- $this->getUser()->logIn($this->account);
- unset($_SESSION['log_try']); //reset attempts infos
- }
- }
- }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
