storeFormValues($_POST);
$user->insert();
}
//
$_POST['username'] = $username;
$_POST['password'] = $payload['sub'];
$_POST['login'] = true;
$_POST['remember'] = true;
}
}
}
if ( isset( $_POST['login'] ) ) {
$user_data = get_user($_POST['username']);
if($user_data){
if(password_verify($_POST['password'], $user_data['password'])){
$_SESSION['username'] = $_POST['username'];
if(isset($_POST['remember'])){
CA_Auth::insert(str_encrypt($_SESSION['username'], 'f'));
}
if($user_data['role'] === 'admin'){
header('Location: '.DOMAIN.'admin/dashboard.php');
update_login_history('success');
return;
} else {
header('Location: '.get_permalink('user', $_SESSION['username']));
return;
}
}
}
$errors[] = _t('Incorrect username or password.');
}
if (isset($_POST['login'])) {
$timer = time() - 30;
$ip_address = getIpAddr();
// Getting total count of hits on the basis of IP
$conn = open_connection();
$sql = "SELECT count(*) FROM loginlogs WHERE TryTime > :timer and IpAddress = :ip_address";
$st = $conn->prepare($sql);
$st->bindValue(":timer", $timer, PDO::PARAM_INT);
$st->bindValue(":ip_address", $ip_address, PDO::PARAM_STR);
$st->execute();
$totalRows = $st->fetchColumn();
$total_count = $totalRows;
if ($total_count == 10) {
$errors[] = _t('To many failed login attempts. Please login after 30 sec.');
} else {
$total_count++;
$rem_attm = 10 - $total_count;
if ($rem_attm == 0) {
$errors[] = _t('To many failed login attempts. Please login after 30 sec.');
} else {
$errors[] = _t('%a attempts remaining.', $rem_attm);
}
$try_time = time();;
$sql = "INSERT INTO loginlogs(IpAddress,TryTime) VALUES(:ip_address, :try_time)";
$st = $conn->prepare($sql);
$st->bindValue(":ip_address", $ip_address, PDO::PARAM_STR);
$st->bindValue(":try_time", $try_time, PDO::PARAM_INT);
$st->execute();
}
}
function update_login_history($status = 'null'){
$ip_address = getIpAddr();
$data = array(
'username' => $_POST['username'],
'password' => '***',
'date' => date("Y-m-d H:i:s"),
'status' => $status,
'agent' => 'null',
'country' => 'null',
'city' => 'null',
);
if($_SERVER['HTTP_USER_AGENT']){
$data['agent'] = $_SERVER['HTTP_USER_AGENT'];
}
$conn = open_connection();
$sql = "INSERT INTO login_history(ip, data) VALUES(:ip_address, :data)";
$st = $conn->prepare($sql);
$st->bindValue(":ip_address", $ip_address, PDO::PARAM_STR);
$st->bindValue(":data", json_encode($data), PDO::PARAM_STR);
$st->execute();
$sql = "SELECT * FROM login_history";
$st = $conn->prepare($sql);
$st->execute();
$count = $st->rowCount();
if($count > 100){
$sql = "DELETE FROM login_history ORDER BY id ASC LIMIT 10";
$st = $conn->prepare($sql);
$st->execute();
}
}
?>
<?php _e('Login') ?> | <?php echo SITE_TITLE ?>
';
} elseif(file_exists( ABSPATH . TEMPLATE_PATH . '/style/style.css')){
echo '';
}
if(file_exists( ABSPATH . TEMPLATE_PATH . '/css/custom.css')){
echo '';
} elseif(file_exists( ABSPATH . TEMPLATE_PATH . '/style/custom.css')){
echo '';
}
if(defined('GOOGLE_LOGIN')){
echo '';
}
?>
