equal
deleted
inserted
replaced
28 if ( empty($userdata['yubikey_otp']) && preg_match('/^[cbdefghijklnrtuv]{44}$/', $userdata['password'] ) ) |
28 if ( empty($userdata['yubikey_otp']) && preg_match('/^[cbdefghijklnrtuv]{44}$/', $userdata['password'] ) ) |
29 { |
29 { |
30 $userdata['yubikey_otp'] = $userdata['password']; |
30 $userdata['yubikey_otp'] = $userdata['password']; |
31 } |
31 } |
32 |
32 |
33 // Look for a lockout |
33 // Lockouts removed from here - they're done during preprocessing now. |
34 $lockout_info = $session->get_lockout_info($lockdata); |
|
35 if ( $lockout_info['locked_out'] ) |
|
36 { |
|
37 // pass on to normal auth so the lockout can be sent back properly |
|
38 return null; |
|
39 } |
|
40 |
34 |
41 if ( !empty($userdata['username']) ) |
35 if ( !empty($userdata['username']) ) |
42 { |
36 { |
43 // get flags |
37 // get flags |
44 $q = $db->sql_query('SELECT user_id, user_yubikey_flags FROM ' . table_prefix . "users WHERE " . ENANO_SQLFUNC_LOWERCASE . "(username) = '" . $db->escape(strtolower($userdata['username'])) . "';"); |
38 $q = $db->sql_query('SELECT user_id, user_yubikey_flags FROM ' . table_prefix . "users WHERE " . ENANO_SQLFUNC_LOWERCASE . "(username) = '" . $db->escape(strtolower($userdata['username'])) . "';"); |