diff options
| author | artem <artem@97f52cf1-0a1b-0410-bd0e-c28be96e8082> | 2008-07-02 13:14:35 +0000 |
|---|---|---|
| committer | artem <artem@97f52cf1-0a1b-0410-bd0e-c28be96e8082> | 2008-07-02 13:14:35 +0000 |
| commit | 15b3431d068216bb134c64ff52af63bebc8f45f0 (patch) | |
| tree | 71e8667413452be6de6a27de24e32f634131d8cd /frontends/php/index.php | |
| parent | 9c1ce6fd1d7f4617f0796fa9eb9246e4e184813c (diff) | |
- [DEV-144] improvements in users authentication methods (Artem)
- [ZBX-387] fixed issue with undefined function ctype_digit (Artem)
git-svn-id: svn://svn.zabbix.com/trunk@5814 97f52cf1-0a1b-0410-bd0e-c28be96e8082
Diffstat (limited to 'frontends/php/index.php')
| -rw-r--r-- | frontends/php/index.php | 12 |
1 files changed, 9 insertions, 3 deletions
diff --git a/frontends/php/index.php b/frontends/php/index.php index a53c2cdd..eb4bf878 100644 --- a/frontends/php/index.php +++ b/frontends/php/index.php @@ -54,7 +54,7 @@ die(); // return; } - + $config = select_config(); $authentication_type = $config['authentication_type']; @@ -72,10 +72,12 @@ } if(isset($_REQUEST['enter'])&&($_REQUEST['enter']=='Enter')){ - + $name = get_request('name',''); - $password = md5(get_request('password','')); + $passwd = get_request('password',''); + $password = md5($passwd); + $sql = 'SELECT u.userid,u.attempt_failed, u.attempt_clock, u.attempt_ip '. ' FROM users u '. ' WHERE u.alias='.zbx_dbstr($name); @@ -87,6 +89,10 @@ $login = $attempt = DBfetch(DBselect($sql)); + if(($name!=ZBX_GUEST_USER) && zbx_empty($passwd)){ + $login = $attempt = false; + } + if($login){ if($login['attempt_failed'] >= ZBX_LOGIN_ATTEMPTS){ sleep(ZBX_LOGIN_BLOCK); |