--- a/plugins/SpecialAdmin.php Sun Oct 07 17:28:47 2007 -0400
+++ b/plugins/SpecialAdmin.php Sun Oct 07 21:28:36 2007 -0400
@@ -203,6 +203,16 @@
setConfig('pw_strength_minimum', $strength);
}
+ // Account lockout policy
+ if ( preg_match('/^[0-9]+$/', $_POST['lockout_threshold']) )
+ setConfig('lockout_threshold', $_POST['lockout_threshold']);
+
+ if ( preg_match('/^[0-9]+$/', $_POST['lockout_duration']) )
+ setConfig('lockout_duration', $_POST['lockout_duration']);
+
+ if ( in_array($_POST['lockout_policy'], array('disable', 'captcha', 'lockout')) )
+ setConfig('lockout_policy', $_POST['lockout_policy']);
+
echo '<div class="info-box">Your changes to the site configuration have been saved.</div><br />';
}
@@ -351,6 +361,43 @@
</td>
</tr>
+ <!-- Account lockout -->
+
+ <tr><th colspan="2">Account lockouts</th></tr>
+
+ <tr><td class="row3" colspan="2">Configure Enano to prevent or restrict logins for a specified period of time if a user enters an incorrect password a specific number of times.</td></tr>
+
+ <tr>
+ <td class="row2">Lockout threshold:<br />
+ <small>How many times can a user enter wrong credentials before a lockout goes into effect?</small>
+ </td>
+ <td class="row2">
+ <input type="text" name="lockout_threshold" value="<?php echo ( $_ = getConfig('lockout_threshold') ) ? $_ : '5' ?>" />
+ </td>
+ </tr>
+
+ <tr>
+ <td class="row1">Lockout duration:<br />
+ <small>This is how long an account lockout should last, in minutes.</small>
+ </td>
+ <td class="row1">
+ <input type="text" name="lockout_duration" value="<?php echo ( $_ = getConfig('lockout_duration') ) ? $_ : '15' ?>" />
+ </td>
+ </tr>
+
+ <tr>
+ <td class="row2">Lockout policy:<br />
+ <small>What should be done when a lockout goes into effect?</small>
+ </td>
+ <td class="row2">
+ <label><input type="radio" name="lockout_policy" value="disable" <?php if ( getConfig('lockout_policy') == 'disable' ) echo 'checked="checked"'; ?> /> Don't do anything</label><br />
+ <label><input type="radio" name="lockout_policy" value="captcha" <?php if ( getConfig('lockout_policy') == 'captcha' ) echo 'checked="checked"'; ?> /> Require visual confirmation</label><br />
+ <label><input type="radio" name="lockout_policy" value="lockout" <?php if ( getConfig('lockout_policy') == 'lockout' || !getConfig('lockout_policy') ) echo 'checked="checked"'; ?> /> Prevent all login attempts</label>
+ </td>
+ </tr>
+
+ <!-- Password strength -->
+
<tr><th colspan="2">Password strength</th></tr>
<tr>
@@ -2685,7 +2732,7 @@
}
else
{
- echo '<div class="wait-box">Please wait while the administration panel loads. You need to be using a recent browser with AJAX support in order to use Runt.</div>';
+ echo '<script type="text/javascript">document.write(\'<div class="wait-box">Please wait while the administration panel loads. You need to be using a recent browser with AJAX support in order to use Runt.</div>\');</script><noscript><div class="error-box">It looks like Javascript isn\'t enabled in your browser. Please enable Javascript or use a different browser to continue.</div></noscript>';
}
?>
</div>