Fixed the security hole (really, I'm a moron - used $failed > $threshold instead of $failed >= $threashold) and patched up some...erm... math issues
authorDan
Sun, 07 Oct 2007 22:06:15 -0400
changeset 182 c69730750be3
parent 181 06bdbdfec160
child 187 9dbbec5e6096
Fixed the security hole (really, I'm a moron - used $failed > $threshold instead of $failed >= $threashold) and patched up some...erm... math issues
includes/clientside/static/misc.js
includes/sessions.php
plugins/SpecialUserFuncs.php
--- a/includes/clientside/static/misc.js	Sun Oct 07 21:41:42 2007 -0400
+++ b/includes/clientside/static/misc.js	Sun Oct 07 22:06:15 2007 -0400
@@ -337,8 +337,7 @@
       $attempts = parseInt($data['lockout_fails']);
       if ( $attempts > $data['lockout_threshold'])
         $attempts = $data['lockout_threshold'];
-      window.console.debug('server time ', $data.server_time, ', last time ', $data['lockout_last_time'], ', duration ', $data['lockout_duration']);
-      $time_rem = $data.lockout_duration - Math.round( ( $data.server_time - $data.lockout_last_time ) / 60 );
+      $time_rem = $data.time_rem;
       $s = ( $time_rem == 1 ) ? '' : 's';
       $errstring = "You have used up all "+$data['lockout_threshold']+" allowed login attempts. Please wait "+$time_rem+" minute"+$s+" before attempting to log in again";
       if ( $data['lockout_policy'] == 'captcha' )
--- a/includes/sessions.php	Sun Oct 07 21:41:42 2007 -0400
+++ b/includes/sessions.php	Sun Oct 07 22:06:15 2007 -0400
@@ -577,7 +577,7 @@
         $timestamp_cutoff = time() - $duration;
         $q = $this->sql('SELECT timestamp FROM '.table_prefix.'lockout WHERE timestamp > ' . $timestamp_cutoff . ' AND ipaddr = \'' . $ipaddr . '\' ORDER BY timestamp DESC;');
         $fails = $db->numrows();
-        if ( $fails > $threshold )
+        if ( $fails >= $threshold )
         {
           // ooh boy, somebody's in trouble ;-)
           $row = $db->fetchrow();
@@ -589,6 +589,7 @@
               'lockout_duration' => ( $duration / 60 ),
               'lockout_fails' => $fails,
               'lockout_policy' => $policy,
+              'time_rem' => ( $duration / 60 ) - round( ( time() - $row['timestamp'] ) / 60 ),
               'lockout_last_time' => $row['timestamp']
             );
         }
@@ -650,6 +651,7 @@
             'lockout_threshold' => $threshold,
             'lockout_duration' => ( $duration / 60 ),
             'lockout_fails' => $fails,
+            'time_rem' => ( $duration / 60 ),
             'lockout_policy' => $policy
           );
       }
@@ -761,6 +763,7 @@
             'lockout_threshold' => $threshold,
             'lockout_duration' => ( $duration / 60 ),
             'lockout_fails' => $fails,
+            'time_rem' => ( $duration / 60 ),
             'lockout_policy' => $policy
           );
       }
@@ -825,6 +828,7 @@
               'lockout_duration' => ( $duration / 60 ),
               'lockout_fails' => $fails,
               'lockout_policy' => $policy,
+              'time_rem' => $duration - round( ( time() - $row['timestamp'] ) / 60 ),
               'lockout_last_time' => $row['timestamp']
             );
         }
--- a/plugins/SpecialUserFuncs.php	Sun Oct 07 21:41:42 2007 -0400
+++ b/plugins/SpecialUserFuncs.php	Sun Oct 07 22:06:15 2007 -0400
@@ -128,7 +128,7 @@
           'lockout_fails' => $fails,
           'lockout_policy' => $policy,
           'lockout_last_time' => $row['timestamp'],
-          'server_time' => time(),
+          'time_rem' => ( $duration / 60 ) - round( ( time() - $row['timestamp'] ) / 60 ),
           'captcha' => ''
         );
       if ( $policy == 'captcha' )
@@ -214,8 +214,10 @@
         $attempts = intval($__login_status['lockout_fails']);
         if ( $attempts > $__login_status['lockout_threshold'])
           $attempts = $__login_status['lockout_threshold'];
-        $time_rem = ( $__login_status['lockout_last_time'] % ( $__login_status['lockout_duration'] * 60 ) );
-        $time_rem = $__login_status['lockout_duration'] - round($time_rem / 60);
+        
+        $server_time = time();
+        $time_rem = $__login_status['lockout_duration'] - round( ( $server_time - $__login_status['lockout_last_time'] ) / 60 );
+        
         $s = ( $time_rem == 1 ) ? '' : 's';
         $errstring = "You have used up all {$__login_status['lockout_threshold']} allowed login attempts. Please wait {$time_rem} minute$s before attempting to log in again";
         if ( $__login_status['lockout_policy'] == 'captcha' )