some little fixes with ddos_protection & reCAPTCHA

- fixed timestamp where in `reset_login_attempts()`, `get_login_attempts()` & `update_login_attempts()` - fixed `login()` removed cookie/session-userdata for reCAPTCHA (if reCAPTCHA needed) - fixed `login()` moved `update_login_attempts()` before test email/name & password - fixed `generate_recaptcha_field()` removed cookie/session check
emreakay · Jun 7, 2016 · 5701a7a · 5701a7a
1 parent 4636fd7
commit 5701a7a
Showing 1 changed file with 12 additions and 43 deletions.
diff --git a/application/libraries/Aauth.php b/application/libraries/Aauth.php
@@ -141,8 +141,11 @@ public function login($identifier, $pass, $remember = FALSE, $totp_code = NULL)
 			);
 			$this->CI->input->set_cookie($cookie);
 		}
+		if ($this->config_vars['ddos_protection'] && ! $this->update_login_attempts()) {
 
-
+			$this->error($this->CI->lang->line('aauth_error_login_attempts_exceeded'));
+			return FALSE;
+		}
  		if( $this->config_vars['login_with_name'] == TRUE){
 
 			if( !$identifier OR strlen($pass) < $this->config_vars['min'] OR strlen($pass) > $this->config_vars['max'] )
@@ -159,24 +162,6 @@ public function login($identifier, $pass, $remember = FALSE, $totp_code = NULL)
 			}
 			$db_identifier = 'email';
  		}
-		if ($this->config_vars['ddos_protection'] && ! $this->update_login_attempts()) {
-
-			$this->error($this->CI->lang->line('aauth_error_login_attempts_exceeded'));
-			return FALSE;
-		}
-		if($this->config_vars['ddos_protection'] && $this->config_vars['recaptcha_active'] && $this->get_login_attempts() >= $this->config_vars['recaptcha_login_attempts']){
-			if($this->config_vars['use_cookies'] == TRUE){
-				$reCAPTCHA_cookie = array(
-					'name'	 => 'reCAPTCHA',
-					'value'	 => 'true',
-					'expire' => 7200,
-					'path'	 => '/',
-				);
-				$this->CI->input->set_cookie($reCAPTCHA_cookie);
-			}else{
-				$this->CI->session->set_tempdata('reCAPTCHA', 'true', 7200);
-			}
-		}
 
 		// if user is not verified
 		$query = null;
@@ -201,7 +186,7 @@ public function login($identifier, $pass, $remember = FALSE, $totp_code = NULL)
 
 		$user_id = $query->row()->id;
 		if($this->config_vars['recaptcha_active']){
-			if( ($this->config_vars['use_cookies'] == TRUE && $this->CI->input->cookie('reCAPTCHA', TRUE) == 'true') || ($this->config_vars['use_cookies'] == FALSE && $this->CI->session->tempdata('reCAPTCHA') == 'true') ){
+			if($this->config_vars['ddos_protection'] && $this->config_vars['recaptcha_active'] && $this->get_login_attempts() > $this->config_vars['recaptcha_login_attempts']){
 				$reCaptcha = new ReCaptcha( $this->config_vars['recaptcha_secret']);
 				$resp = $reCaptcha->verifyResponse( $this->CI->input->server("REMOTE_ADDR"), $this->CI->input->post("g-recaptcha-response") );
 
@@ -313,20 +298,6 @@ public function login($identifier, $pass, $remember = FALSE, $totp_code = NULL)
 					$this->CI->session->set_userdata('remember', $row->id . "-" . $random_string);
 				}
 			}
-
-			if($this->config_vars['recaptcha_active']){
-				if($this->config_vars['use_cookies'] == TRUE){
-					$reCAPTCHA_cookie = array(
-						'name'	 => 'reCAPTCHA',
-						'value'	 => 'false',
-						'expire' => -3600,
-						'path'	 => '/',
-					);
-					$this->CI->input->set_cookie($reCAPTCHA_cookie);
-				}else{
-					$this->CI->session->unset_tempdata('reCAPTCHA');
-				}
-			}
 
 			// update last login
 			$this->update_last_login($row->id);
@@ -526,7 +497,7 @@ public function reset_login_attempts() {
 		$this->aauth_db->where(
 			array(
 				'ip_address'=>$ip_address,
-				'timestamp >='=>strtotime("-".$this->config_vars['max_login_attempt_time_period'])
+				'timestamp >='=>date("Y-m-d H:i:s", strtotime("-".$this->config_vars['max_login_attempt_time_period']))
 			)
 		);
 		return $this->aauth_db->delete($this->config_vars['login_attempts']);
@@ -637,7 +608,7 @@ public function update_login_attempts() {
 		$query = $this->aauth_db->where(
 			array(
 				'ip_address'=>$ip_address,
-				'timestamp >='=>strtotime("-".$this->config_vars['max_login_attempt_time_period'])
+				'timestamp >='=>date("Y-m-d H:i:s", strtotime("-".$this->config_vars['max_login_attempt_time_period']))
 			)
 		);
 		$query = $this->aauth_db->get( $this->config_vars['login_attempts'] );
@@ -675,7 +646,7 @@ public function get_login_attempts() {
 		$query = $this->aauth_db->where(
 			array(
 				'ip_address'=>$ip_address,
-				'timestamp >='=>strtotime("-".$this->config_vars['max_login_attempt_time_period'])
+				'timestamp >='=>date("Y-m-d H:i:s", strtotime("-".$this->config_vars['max_login_attempt_time_period']))
 			)
 		);
 		$query = $this->aauth_db->get( $this->config_vars['login_attempts'] );
@@ -2488,12 +2459,10 @@ public function list_user_var_keys($user_id = FALSE){
 
 	public function generate_recaptcha_field(){
 		$content = '';
-		if($this->config_vars['ddos_protection'] && $this->config_vars['recaptcha_active']){
-			if( ($this->config_vars['use_cookies'] == TRUE && $this->CI->input->cookie('reCAPTCHA', TRUE) == 'true') || ($this->config_vars['use_cookies'] == FALSE && $this->CI->session->tempdata('reCAPTCHA') == 'true') ){
-				$content .= "<script type='text/javascript' src='https://www.google.com/recaptcha/api.js'></script>";
-				$siteKey = $this->config_vars['recaptcha_siteKey'];
-				$content .= "<div class='g-recaptcha' data-sitekey='{$siteKey}'></div>";
-			}
+		if($this->config_vars['ddos_protection'] && $this->config_vars['recaptcha_active'] && $this->get_login_attempts() >= $this->config_vars['recaptcha_login_attempts']){
+			$content .= "<script type='text/javascript' src='https://www.google.com/recaptcha/api.js'></script>";
+			$siteKey = $this->config_vars['recaptcha_siteKey'];
+			$content .= "<div class='g-recaptcha' data-sitekey='{$siteKey}'></div>";
 		}
 		return $content;
 	}