function login_security_validate in Login Security 5
Same name and namespace in other branches
- 8 login_security.module \login_security_validate()
- 6 login_security.module \login_security_validate()
- 7 login_security.module \login_security_validate()
- 2.x login_security.module \login_security_validate()
Implementation of form validate. This functions does more than just validating, but it's main Intention is to break the login form flow.
Parameters
$form_item: The status of the name field in the form field after being submitted by the user.
File
- ./
login_security.module, line 263 - Login Security
Code
function login_security_validate($form_item) {
// Sanitize user input
$name = $form_item['#value'];
// Null username should not be tracked
if (!strlen($name)) {
return;
}
// Save entry in security log, Username and IP Address
login_security_save_pair($name, mip_address());
// Populate variables to be used in any module message or login operation
$variables = _login_security_get_variables_by_name($name);
// Check for host login attempts: Hard
if ($variables['%hard_block_attempts'] >= 1) {
if ($variables['%ip_current_count'] > $variables['%hard_block_attempts']) {
// block the host mip_address()
login_user_block_ip($variables);
}
}
// Check for user login attempts
if ($variables['%user_block_attempts'] >= 1) {
if ($variables['%user_current_count'] > $variables['%user_block_attempts']) {
// Block the account $name
login_user_block_user_name($variables);
}
}
// Should the user be advised about the remaining login attempts?
$notice_user = variable_get('login_security_notice_attempts_available', LOGIN_SECURITY_NOTICE_ATTEMPTS_AVAILABLE);
if ($notice_user == TRUE) {
drupal_set_message("<!-- login_security -->" . t(variable_get('login_security_notice_attempts_message', LOGIN_SECURITY_NOTICE_ATTEMPTS_MESSAGE), $variables));
}
}