r263

Кол-во неверных попыток ввода пароля, перед выводом проверки капчи git-svn-id: https://torrentpier2.googlecode.com/svn/trunk@263 a8ac35ab-4ca4-ca47-4c2d-a49a94f06293

upload/config.php

@@ -57,7 +57,7 @@ $bb_cfg['css_ver'] = 1;
 
 // Increase number of revision after update
 $bb_cfg['tp_version'] = '2.1 Stable';
-$bb_cfg['tp_release_state'] = 'R262';
+$bb_cfg['tp_release_state'] = 'R263';
 $bb_cfg['tp_release_date'] = '29-08-2011';
 
 $bb_cfg['board_disabled_msg'] = 'форум временно отключен'; // 'forums temporarily disabled'; // show this msg if board has been disabled via ON/OFF trigger
@@ -277,6 +277,7 @@ $bb_cfg['max_last_visit_days']     = 14;           // days
 $bb_cfg['last_visit_update_intrv'] = 3600;         // sec
 
 // Registration
+$bb_cfg['invalid_logins']          = 5;            // Кол-во неверных попыток ввода пароля, перед выводом проверки капчи
 $bb_cfg['new_user_reg_disabled']   = false;        // Disable new user registrations
 $bb_cfg['unique_ip']               = false;        // Deny registration of several accounts by one ip
 $bb_cfg['new_user_reg_restricted'] = false;

upload/includes/ucp/usercp_viewprofile.php

@@ -166,11 +166,16 @@ if (IS_ADMIN)
 		'EMAIL_ADDRESS'    => htmlCHR($profiledata['user_email']),
 	));
 }
-else
-{
-	$user_restrictions = array();
 
-	$template->assign_var('USER_RESTRICTIONS', join('</li><li>', $user_restrictions));
-}
+$user_restrictions = array();
+
+if (bf($profiledata['user_opt'], 'user_opt', 'allow_avatar'))    $user_restrictions[] = $lang['HIDE_AVATARS'];
+if (bf($profiledata['user_opt'], 'user_opt', 'allow_passkey'))   $user_restrictions[] = $lang['DOWNLOAD_TORRENT'];
+if (bf($profiledata['user_opt'], 'user_opt', 'allow_pm'))        $user_restrictions[] = $lang['SEND_PM'];
+if (bf($profiledata['user_opt'], 'user_opt', 'allow_post'))      $user_restrictions[] = $lang['SEND_MESSAGE'];
+if (bf($profiledata['user_opt'], 'user_opt', 'allow_post_edit')) $user_restrictions[] = $lang['EDIT_POST'];
+if (bf($profiledata['user_opt'], 'user_opt', 'allow_topic'))     $user_restrictions[] = $lang['NEW_THREADS'];
+
+$template->assign_var('USER_RESTRICTIONS', join('</li><li>', $user_restrictions));
 
 print_page('usercp_viewprofile.tpl');

upload/language/lang_english/lang_main.php

@@ -1578,9 +1578,9 @@ $lang['INVALID_DATE'] = 'Error date ';
 $lang['PROFILE_USER'] = 'Viewing profile';
 $lang['GOOD_UPDATE'] = 'was successfully changed';
 $lang['FORBADE_VIEWING'] = 'forbade visitors viewing your profile';
-$lang['DENY_VISITORS'] = 'Deny visitors viewing your profile:';
-$lang['BAN_USER'] = 'To prevent a user:';
-$lang['USER_NOT_ALLOWED'] = 'Users are not permitted:';
+$lang['DENY_VISITORS'] = 'Deny visitors viewing your profile';
+$lang['BAN_USER'] = 'To prevent a user';
+$lang['USER_NOT_ALLOWED'] = 'Users are not permitted';
 $lang['HIDE_AVATARS'] = 'Show avatars';
 $lang['SHOW_CAPTION'] = 'Show your signature';
 $lang['DOWNLOAD_TORRENT'] = 'Download torrent';

upload/language/lang_russian/lang_main.php

@@ -1584,9 +1584,9 @@ $lang['INVALID_DATE'] = 'Ошибка даты ';
 $lang['PROFILE_USER'] = 'Профиль пользователя';
 $lang['GOOD_UPDATE'] = 'был успешно изменён';
 $lang['FORBADE_VIEWING'] = 'запретил гостям просмотр своего профиля';
-$lang['DENY_VISITORS'] = 'Запретить гостям просмотр вашего профиля:';
-$lang['BAN_USER'] = 'Запретить пользователю:';
-$lang['USER_NOT_ALLOWED'] = 'Пользователю запрещено:';
+$lang['DENY_VISITORS'] = 'Запретить гостям просмотр вашего профиля';
+$lang['BAN_USER'] = 'Запретить пользователю';
+$lang['USER_NOT_ALLOWED'] = 'Пользователю запрещено';
 $lang['HIDE_AVATARS'] = 'Показывать аватар';
 $lang['SHOW_CAPTION'] = 'Показывать подпись';
 $lang['DOWNLOAD_TORRENT'] = 'Скачивать торренты';

upload/login.php

@@ -60,8 +60,13 @@ $mod_admin_login = (IS_AM && !$user->data['session_admin']);
 $login_username = ($mod_admin_login) ? $userdata['username'] : (string) @$_POST['login_username'];
 $login_password = (string) @$_POST['login_password'];
 
-// Login
-$need_captcha = (!$mod_admin_login) ? CACHE('bb_login_err')->get('l_err_'. USER_IP) : false;
+// Ïðîâåðêà íà íåâåðíóþ êîìáèíàöèþ ëîãèí/ïàðîëü
+$need_captcha = false;
+if(!$mod_admin_login)
+{
+	$need_captcha = CACHE('bb_login_err')->get('l_err_'. USER_IP);
+	if($need_captcha < $bb_cfg['invalid_logins']) $need_captcha = false;
+}
 
 // login
 if (isset($_POST['login']))
@@ -89,12 +94,23 @@ if (isset($_POST['login']))
 		if ($user->login($_POST, $mod_admin_login))
 		{
 			$redirect_url = (defined('FIRST_LOGON')) ? $bb_cfg['first_logon_redirect_url'] : $redirect_url;
+			// Îáíóëåíèå ïðè ââåäåíèè ïðàâèëüíî êîìáèíàöèè ëîãèí/ïàðîëü
+			CACHE('bb_login_err')->set('l_err_'. USER_IP, 0, 3600);
+
 			redirect($redirect_url);
 		}
 
 		$login_errors[] = $lang['ERROR_LOGIN'];
 
-		$need_captcha = (!$mod_admin_login) ? CACHE('bb_login_err')->set('l_err_'. USER_IP, 1, 3600) : false;
+		if(!$mod_admin_login)
+		{
+			$login_err = CACHE('bb_login_err')->get('l_err_'. USER_IP);
+			if($login_err > $bb_cfg['invalid_logins']) $need_captcha = true;
+            if($login_err > 50) // çàáàíèòü èï :)
+
+			CACHE('bb_login_err')->set('l_err_'. USER_IP, ($login_err + 1), 3600);
+		}
+		else $need_captcha = false;
 	}
 }
 
@@ -104,7 +120,7 @@ if (IS_GUEST || $mod_admin_login)
 	$template->assign_vars(array(
 		'LOGIN_USERNAME'  => htmlCHR($login_username),
 		'LOGIN_PASSWORD'  => htmlCHR($login_password),
-		'LOGIN_ERR_MSG'   => join('<br />', $login_errors),
+		'ERROR_MESSAGE'   => join('<br />', $login_errors),
 		'ADMIN_LOGIN'     => $mod_admin_login,
 		'REDIRECT_URL'    => htmlCHR($redirect_url),
 		'CAPTCHA_HTML'    => ($need_captcha) ? CAPTCHA()->get_html() : '',

upload/templates/default/login.tpl

@@ -15,9 +15,7 @@
 <tr>
 	<td class="row1">
 
-	<!-- IF LOGIN_ERR_MSG -->
-	<h4 class="warnColor1 tCenter mrg_16">{LOGIN_ERR_MSG}</h4>
-	<!-- ELSEIF ADMIN_LOGIN -->
+	<!-- IF ADMIN_LOGIN -->
 	<h4 class="tCenter mrg_16">{L_ADMIN_REAUTHENTICATE}</h4>
 	<!-- ELSE -->
 	<h4 class="tCenter mrg_16">{L_ENTER_PASSWORD}</h4>

upload/templates/default/usercp_register.tpl

@@ -179,7 +179,7 @@ ajax.callback.posts = function(data){
 	</td>
 </tr>
 <tr>
-	<td>{L_DENY_VISITORS}</td>
+	<td>{L_DENY_VISITORS}:</td>
 	<td>
 		<label><input type="radio" name="view_profile" value="1" <!-- IF VIEW_PROFILE -->checked="checked"<!-- ENDIF --> />{L_YES}</label>&nbsp;&nbsp;
 		<label><input type="radio" name="view_profile" value="0" <!-- IF not VIEW_PROFILE -->checked="checked"<!-- ENDIF --> />{L_NO}</label>

upload/templates/default/usercp_viewprofile.tpl

@@ -67,7 +67,6 @@ $(document).ready(function(){
 		$('#user-opt-resp').html(' ');
 		ajax.change_user_opt();
 	});
-	$('#user-opt').show();
 });
 </script>
 
@@ -104,8 +103,26 @@ $(document).ready(function(){
 	<p class="floatL"><a href="{U_INDEX}">{T_INDEX}</a></p>
 	<!-- IF IS_ADMIN -->
 	<p class="floatR">
-	<a href="{U_MANAGE}">{L_PROFILE}</a> &middot; 
-	<a href="{U_PERMISSIONS}">{L_PERMISSIONS}</a>&nbsp;</p>
+	<a href="{U_MANAGE}">{L_PROFILE}</a> &middot;
+	<a href="{U_PERMISSIONS}">{L_PERMISSIONS}</a> &middot;
+	<a href="#user-opt" class="menu-root menu-alt1">{L_BAN_USER}</a></p>
+		<div class="menu-sub row1 border bw_TRBL" id="user-opt">
+			<fieldset class="mrg_6">
+			<div class="tLeft" style="padding: 2px 6px 6px; display: block;">
+				<label><input type="checkbox" name="allow_avatar"/>{L_HIDE_AVATARS}</label>
+				<label><input type="checkbox" name="allow_sig"/>{L_SHOW_CAPTION}</label>
+				<label><input type="checkbox" name="allow_passkey"/>{L_DOWNLOAD_TORRENT}</label>
+				<label><input type="checkbox" name="allow_pm"/>{L_SEND_PM}</label>
+				<label><input type="checkbox" name="allow_post"/>{L_SEND_MESSAGE}</label>
+				<label><input type="checkbox" name="allow_post_edit"/>{L_EDIT_POST}</label>
+				<label><input type="checkbox" name="allow_topic"/>{L_NEW_THREADS}</label>
+			</div>
+			</fieldset>
+			<div id="user-opt-save" class="hidden tCenter">
+				<p><input id="user-opt-save-btn" class="bold long" type="button" value="{L_SUBMIT}" /></p>
+				<p id="user-opt-resp" class="mrg_6"></p>
+			</div>
+		</div>
 	<!-- ENDIF -->
 	<div class="clear"></div>
 </div>
@@ -170,29 +187,9 @@ $(document).ready(function(){
 		<!-- ENDIF -->
 		</table><!--/user_contacts-->
 
-		<!-- IF IS_ADMIN -->
-		<div id="user-opt" style="display: none;">
-			<fieldset class="mrg_6">
-			<style type="text/css"> #user-opt label { display: block; } </style>
-			<legend>{L_BAN_USER}</legend>
-			<div class="tLeft" style="padding: 2px 6px 6px; display: block;">
-				<label><input type="checkbox" name="allow_avatar"/>{L_HIDE_AVATARS}</label>
-				<label><input type="checkbox" name="allow_sig"/>{L_SHOW_CAPTION}</label>
-				<label><input type="checkbox" name="allow_passkey"/>{L_DOWNLOAD_TORRENT}</label>
-				<label><input type="checkbox" name="allow_pm"/>{L_SEND_PM}</label>
-				<label><input type="checkbox" name="allow_post"/>{L_SEND_MESSAGE}</label>
-				<label><input type="checkbox" name="allow_post_edit"/>{L_EDIT_POST}</label>
-				<label><input type="checkbox" name="allow_topic"/>{L_NEW_THREADS}</label>
-			</div>
-			</fieldset>
-			<div id="user-opt-save" class="hidden">
-				<p><input id="user-opt-save-btn" class="bold long" type="button" value="{L_SUBMIT}" /></p>
-				<p id="user-opt-resp" class="mrg_6"></p>
-			</div>
-		</div>
-		<!-- ELSEIF USER_RESTRICTIONS -->
+		<!-- IF USER_RESTRICTIONS -->
 		<fieldset class="mrg_6">
-		<legend>{L_USER_NOT_ALLOWED}</legend>
+		<legend>{L_USER_NOT_ALLOWED}:</legend>
 			<div class="tLeft" style="padding: 4px 6px 8px 2px;">
 			<ul><li>{USER_RESTRICTIONS}</li></ul>
 			</div>
@@ -233,7 +230,7 @@ $(document).ready(function(){
 						[ <a href="{U_SEARCH_USER}" class="med">{L_SEARCH_USER_POSTS}</a> ]
 						[ <a href="{U_SEARCH_TOPICS}" class="med">{L_SEARCH_USER_TOPICS}</a> ]
 						[ <a class="med" href={U_SEARCH_RELEASES}>{L_SEARCH_RELEASES}</a> ]
-					</p>					
+					</p>
 				</td>
 			</tr>
 			<!-- IF LOCATION -->