← Back to branch summary

~ubuntu-branches/ubuntu/lucid/gallery/lucid

« back to all changes in this revision

Viewing changes to classes/Logins.php

  • Committer: Bazaar Package Importer
  • Author(s): Stefan Lesicnik
  • Date: 2008-08-08 10:51:25 UTC
  • mfrom: (1.1.8 upstream)
  • Revision ID: james.westby@ubuntu.com-20080808105125-6qyhpf7krzxnjeh4
Tags: 1.5.8-1ubuntu1
* Merge from debian unstable, remaining changes:
  - debian/postrm:
    + Delete config.php and htaccess on purge.
* debian/control:
  - Added Homepage field.
* Removed the ubuntu specific po files and using
  debian / upstream provided po files.

Show diffs side-by-side

added added

removed removed

Lines of Context:
classes/Logins.php
 
1
<?php
 
2
/*
 
3
 * Gallery - a web based photo album viewer and editor
 
4
 * Copyright (C) 2000-2008 Bharat Mediratta
 
5
 *
 
6
 * This program is free software; you can redistribute it and/or modify
 
7
 * it under the terms of the GNU General Public License as published by
 
8
 * the Free Software Foundation; either version 2 of the License, or (at
 
9
 * your option) any later version.
 
10
 *
 
11
 * This program is distributed in the hope that it will be useful, but
 
12
 * WITHOUT ANY WARRANTY; without even the implied warranty of
 
13
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
 
14
 * General Public License for more details.
 
15
 *
 
16
 * You should have received a copy of the GNU General Public License
 
17
 * along with this program; if not, write to the Free Software
 
18
 * Foundation, Inc., 51 Franklin Street - Fifth Floor, Boston, MA  02110-1301, USA.
 
19
 *
 
20
 * $Id: Album.php 17321 2007-12-29 07:17:50Z JensT $
 
21
*/
 
22
 
 
23
/**
 
24
 * Class to log, manipulate, check etc. login attempts.
 
25
 *
 
26
 * @author Jens Tkotz
 
27
 */
 
28
class Logins {
 
29
 
 
30
        var $attempts;          // array('number', 'lasttry')
 
31
        var $maxtries;          // Number of login tries after which an account is locked.
 
32
        var $expireTime;        // Time in seconds when a lock is removed
 
33
        var $filename;          // File where the logins are protocolled
 
34
 
 
35
        /**
 
36
         * Constructor with defaults.
 
37
         *
 
38
         * @return Logins
 
39
         * @author Jens Tkotz
 
40
         */
 
41
        function Logins() {
 
42
                global $gallery;
 
43
 
 
44
                $dir = $gallery->app->albumDir;
 
45
 
 
46
                $this->attempts         = array();
 
47
                $this->maxtries         = 10;
 
48
                $this->expireTime       = 1 * 60 * 60; // Default 1 hour.
 
49
                $this->filename         = "$dir/logins.dat";
 
50
        }
 
51
 
 
52
        /**
 
53
         * Add a login try for a username.
 
54
         *
 
55
         * @param string $username
 
56
         * @author Jens Tkotz
 
57
         */
 
58
        function addLoginTry($username) {
 
59
                if(!isset($this->attempts[$username])) {
 
60
                        $this->attempts[$username] = array(
 
61
                                'tries' => 1,
 
62
                                'lasttry' => time()
 
63
                        );
 
64
                }
 
65
                else {
 
66
                        $this->attempts[$username]['tries']++;
 
67
                        $this->attempts[$username]['lasttry'] = time();
 
68
                }
 
69
        }
 
70
 
 
71
        /**
 
72
         * Remove all login attemps for a username (or array of usernames)
 
73
         *
 
74
         * @param mixed $username
 
75
         * @author Jens Tkotz
 
76
         */
 
77
        function reset($username) {
 
78
                if(is_array($username)) {
 
79
                        foreach ($username as $uname) {
 
80
                                $this->reset($uname);
 
81
                        }
 
82
                        return;
 
83
                }
 
84
 
 
85
                if(empty($this->attempts[$username])) {
 
86
                        return;
 
87
                }
 
88
                else {
 
89
                        unset($this->attempts[$username]);
 
90
                }
 
91
        }
 
92
 
 
93
        /**
 
94
         * A username is locked when the number of login attempts is greater
 
95
         * than number of maxtries set in the constructore
 
96
         *
 
97
         * @param string $username
 
98
         * @return boolean
 
99
         * @author Jens Tkotz
 
100
         */
 
101
        function userIslocked($username) {
 
102
                if(!isset($this->attempts[$username])) {
 
103
                        return false;
 
104
                }
 
105
                elseif ($this->attempts[$username]['tries'] < $this->maxtries) {
 
106
                        return false;
 
107
                }
 
108
                else {
 
109
                        return true;
 
110
                }
 
111
        }
 
112
 
 
113
        /**
 
114
         * The lock for a username expires when the expireTime from constructor has went by.
 
115
         * than number of maxtries set in the constructore
 
116
         *
 
117
         * @param string $username
 
118
         * @return boolean
 
119
         * @author Jens Tkotz
 
120
         */
 
121
        function lockIsExpired($username) {
 
122
                if (time() - $this->attempts[$username]['lasttry'] > $this->expireTime) {
 
123
                        return true;
 
124
                }
 
125
                else {
 
126
                        return false;
 
127
                }
 
128
        }
 
129
 
 
130
        /**
 
131
         * Checks for every username if the username is locked and expired.
 
132
         * If so, the login attempts are resetted.
 
133
         *
 
134
         * After this procedure, the list is saved.
 
135
         *
 
136
         * @author Jens Tkotz
 
137
         */
 
138
        function cleanup() {
 
139
                if(empty($this->attempts)) {
 
140
                        return;
 
141
                }
 
142
 
 
143
                foreach($this->attempts as $username => $values) {
 
144
                        if($this->userIslocked($username) && $this->lockIsExpired($username)) {
 
145
                                $this->reset($username);
 
146
                        }
 
147
                }
 
148
 
 
149
                $this->save();
 
150
        }
 
151
 
 
152
        /**
 
153
         * Load the attempts from the disk
 
154
         *
 
155
         * @author Jens Tkotz
 
156
         */
 
157
        function load() {
 
158
                $tmp = fs_file_get_contents($this->filename);
 
159
 
 
160
                if (!empty($tmp)) {
 
161
                        $this->attempts = unserialize($tmp);
 
162
 
 
163
                        if (empty($this->attempts)) {
 
164
                                $this->attempts = array();
 
165
                        }
 
166
                }
 
167
        }
 
168
 
 
169
        /**
 
170
         * Save the attempts to the disk
 
171
         *
 
172
         * @return boolean    True on success, false otherwise.
 
173
         * @author Jens Tkotz
 
174
         */
 
175
        function save() {
 
176
                $ret = unsafe_serialize($this->attempts, $this->filename);
 
177
 
 
178
                return $ret;
 
179
        }
 
180
}
 
 
b'\\ No newline at end of file'