Révision 01dfd3b5
Ajouté par Assos Assos il y a plus de 3 ans
drupal7/modules/user/user.module | ||
---|---|---|
2225 | 2225 |
if (isset($form_state['flood_control_triggered'])) { |
2226 | 2226 |
if ($form_state['flood_control_triggered'] == 'user') { |
2227 | 2227 |
form_set_error('name', format_plural(variable_get('user_failed_login_user_limit', 5), 'Sorry, there has been more than one failed login attempt for this account. It is temporarily blocked. Try again later or <a href="@url">request a new password</a>.', 'Sorry, there have been more than @count failed login attempts for this account. It is temporarily blocked. Try again later or <a href="@url">request a new password</a>.', array('@url' => url('user/password')))); |
2228 |
module_invoke_all('user_flood_control', ip_address(), $form_state['values']['name']); |
|
2228 | 2229 |
} |
2229 | 2230 |
else { |
2230 | 2231 |
// We did not find a uid, so the limit is IP-based. |
2231 | 2232 |
form_set_error('name', t('Sorry, too many failed login attempts from your IP address. This IP address is temporarily blocked. Try again later or <a href="@url">request a new password</a>.', array('@url' => url('user/password')))); |
2233 |
module_invoke_all('user_flood_control', ip_address()); |
|
2232 | 2234 |
} |
2235 |
// We cannot call drupal_access_denied() here as that can result in an |
|
2236 |
// infinite loop if the login form is rendered on the 403 page (e.g. in a |
|
2237 |
// block). So add the 403 header and allow form processing to finish. |
|
2238 |
drupal_add_http_header('Status', '403 Forbidden'); |
|
2233 | 2239 |
} |
2234 | 2240 |
else { |
2235 | 2241 |
// Use $form_state['input']['name'] here to guarantee that we send |
... | ... | |
2247 | 2253 |
} |
2248 | 2254 |
} |
2249 | 2255 |
|
2256 |
/** |
|
2257 |
* Implements hook_user_flood_control(). |
|
2258 |
*/ |
|
2259 |
function user_user_flood_control($ip, $username = FALSE) { |
|
2260 |
if (variable_get('log_user_flood_control', TRUE)) { |
|
2261 |
if (!empty($username)) { |
|
2262 |
watchdog('user', 'Flood control blocked login attempt for %user from %ip.', array( |
|
2263 |
'%user' => $username, |
|
2264 |
'%ip' => $ip |
|
2265 |
)); |
|
2266 |
} |
|
2267 |
else { |
|
2268 |
watchdog('user', 'Flood control blocked login attempt from %ip.', array('%ip' => $ip)); |
|
2269 |
} |
|
2270 |
} |
|
2271 |
} |
|
2272 |
|
|
2250 | 2273 |
/** |
2251 | 2274 |
* Try to validate the user's login credentials locally. |
2252 | 2275 |
* |
Formats disponibles : Unified diff
Udpate to 7.77