mirror of
https://github.com/Mowie/Mowie
synced 2024-06-14 06:34:09 +00:00
Fixed user is only every 10 minitues asked for his password
This commit is contained in:
parent
2398fa28c0
commit
81530d956b
|
@ -92,6 +92,7 @@ if(isset($_GET['checkPassword']))
|
||||||
if (password_verify($_POST['pw'], $db->data[0]['pass']))
|
if (password_verify($_POST['pw'], $db->data[0]['pass']))
|
||||||
{
|
{
|
||||||
echo 'success';
|
echo 'success';
|
||||||
|
$_SESSION['sudomode'] = time();
|
||||||
}
|
}
|
||||||
else
|
else
|
||||||
{
|
{
|
||||||
|
@ -108,4 +109,24 @@ if(isset($_GET['checkPassword']))
|
||||||
{
|
{
|
||||||
echo 'login first.';
|
echo 'login first.';
|
||||||
}
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
// Check if the user already entered his password
|
||||||
|
if (isset($_GET['checkSudo']))
|
||||||
|
{
|
||||||
|
if(is_loggedin())
|
||||||
|
{
|
||||||
|
// Check if the user entered his password less then 10 minutes ago
|
||||||
|
if (isset($_SESSION['sudomode']) && $_SESSION['sudomode'] >= (time() - 600))
|
||||||
|
{
|
||||||
|
echo 'true';
|
||||||
|
} else
|
||||||
|
{
|
||||||
|
echo 'false';
|
||||||
|
}
|
||||||
|
}
|
||||||
|
else
|
||||||
|
{
|
||||||
|
echo 'login first.';
|
||||||
|
}
|
||||||
}
|
}
|
|
@ -141,36 +141,46 @@ if (!isset($_GET['direct']))
|
||||||
|
|
||||||
//Confirm user password
|
//Confirm user password
|
||||||
if (needsPwConfirm) {
|
if (needsPwConfirm) {
|
||||||
$('#showMsg').html('<div class="overlay" style="display:none;"><div class="window-confirm"><div class="head"><?php echo $lang->get('legitimate_title')?><a onclick="closeW();" class="closeMsg"><i class="fa fa-close"></i></a></div><div id="content"></div></div></div>');
|
// check if the user already entered his password
|
||||||
$('#content').append('<p><?php echo $lang->get('legitimate_text')?></p><p><input type="password" placeholder="<?php echo $lang->get('password')?>" id="password_legitimate" autofocus/><input type="submit" value="<?php echo $lang->get('legitimate_confirm')?>" id="legitimateSmbt"/><a onclick="closeW();" class="button btn_del"><?php echo $lang->get('legitimate_abort')?></a></p><span id="sendMsg"></span>');
|
$.get('login.php?checkSudo', function( data ) {
|
||||||
$('#password_legitimate').focus();
|
if (data == 'false'){
|
||||||
$(".overlay").fadeIn(250);
|
$('#showMsg').html('<div class="overlay" style="display:none;"><div class="window-confirm"><div class="head"><?php echo $lang->get('legitimate_title')?><a onclick="closeW();" class="closeMsg"><i class="fa fa-close"></i></a></div><div id="content"></div></div></div>');
|
||||||
|
$('#content').append('<p><?php echo $lang->get('legitimate_text')?></p><p><input type="password" placeholder="<?php echo $lang->get('password')?>" id="password_legitimate" autofocus/><input type="submit" value="<?php echo $lang->get('legitimate_confirm')?>" id="legitimateSmbt"/><a onclick="closeW();" class="button btn_del"><?php echo $lang->get('legitimate_abort')?></a></p><span id="sendMsg"></span>');
|
||||||
|
$('#password_legitimate').focus();
|
||||||
|
$(".overlay").fadeIn(250);
|
||||||
|
|
||||||
$('#legitimateSmbt').click(function () {
|
$('#legitimateSmbt').click(function () {
|
||||||
$.ajax({
|
$.ajax({
|
||||||
url: 'login.php?checkPassword',
|
url: 'login.php?checkPassword',
|
||||||
type: 'POST',
|
type: 'POST',
|
||||||
cache: false,
|
cache: false,
|
||||||
data: 'pw=' + $('#password_legitimate').val(),
|
data: 'pw=' + $('#password_legitimate').val(),
|
||||||
success: function (result) { // On success, display a message...
|
success: function (result) { // On success, display a message...
|
||||||
if (result == 'success') {
|
if (result == 'success') {
|
||||||
closeW();
|
closeW();
|
||||||
|
|
||||||
//Send the request
|
//Send the request
|
||||||
if (!isAjax) {
|
if (!isAjax) {
|
||||||
sendPost(ctx, requestData);
|
sendPost(ctx, requestData);
|
||||||
|
}
|
||||||
|
} else if (result == 'fail') {
|
||||||
|
$('#sendMsg').html('<p style="color:red;"><?php echo $lang->get('legitimate_fail')?></p>');
|
||||||
|
} else {
|
||||||
|
$('#sendMsg').html('<p style="color:red;"><?php echo $lang->get('legitimate_error')?></p>');
|
||||||
|
}
|
||||||
|
},
|
||||||
|
error: function (xhr, status, error) {
|
||||||
|
console.log(status, error);
|
||||||
|
showMsg('<?php echo $lang->get('legitimate_error')?>');
|
||||||
}
|
}
|
||||||
} else if (result == 'fail') {
|
});
|
||||||
$('#sendMsg').html('<p style="color:red;"><?php echo $lang->get('legitimate_fail')?></p>');
|
});
|
||||||
} else {
|
} else {
|
||||||
$('#sendMsg').html('<p style="color:red;"><?php echo $lang->get('legitimate_error')?></p>');
|
//Send the request
|
||||||
}
|
if (!isAjax) {
|
||||||
},
|
sendPost(ctx, requestData);
|
||||||
error: function (xhr, status, error) {
|
|
||||||
console.log(status, error);
|
|
||||||
showMsg('<?php echo $lang->get('legitimate_error')?>');
|
|
||||||
}
|
}
|
||||||
});
|
}
|
||||||
});
|
});
|
||||||
} else {
|
} else {
|
||||||
if (!isAjax) {
|
if (!isAjax) {
|
||||||
|
|
Loading…
Reference in New Issue
Block a user