holm/egroupware
1
1
Fork 0
forked from extern/egroupware
Code Issues Pull Requests Packages Projects Releases Wiki Activity

"dont log failed login attempts for the anon user, as it is a simple dos to sitemgr"

Browse Source
This commit is contained in:
Ralf Becker 2008-11-22 08:14:59 +00:00
parent 6164f3f1e8
commit 0123dc5d89
1 changed files with 5 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
phpgwapi/inc/class.egw_session.inc.php
View File

@ -484,7 +484,11 @@ class egw_session
$this->reason = $blocked ? 'blocked, too many attempts' : 'bad login or password'; $this->reason = $blocked ? 'blocked, too many attempts' : 'bad login or password';
$this->cd_reason = $blocked ? 99 : 5; $this->cd_reason = $blocked ? 99 : 5;
$this->log_access($this->reason,$login,$user_ip,0); // log unsuccessfull login // we dont log anon users as it would block the website
if (!$GLOBALS['egw']->acl->get_specific_rights_for_account($this->account_id,'anonymous','phpgwapi'))
{
$this->log_access($this->reason,$login,$user_ip,0); // log unsuccessfull login
}
return false; return false;
} }