function _tfa_hit_flood in Two-factor Authentication (TFA) 7.2
Check if flood has been hit.
Parameters
Return value
bool TRUE if the flood has been hit.
phpcs:disable Drupal.Commenting.FunctionComment.TypeHintMissing
2 calls to _tfa_hit_flood()
- tfa_form in ./
tfa.form.inc - Main TFA process form builder.
- tfa_form_validate in ./
tfa.form.inc - TFA form validation handler.
File
- ./
tfa.form.inc, line 179 - Form-related functions.
Code
function _tfa_hit_flood($tfa) {
if (variable_get('tfa_test_mode', 0)) {
return FALSE;
}
$window = variable_get('tfa_flood_window', 3600);
$user_window = variable_get('tfa_user_window', 900);
$context = $tfa
->getContext();
$identifier = variable_get('user_failed_login_identifier_uid_only', FALSE) ? $context['uid'] : $context['uid'] . '-' . ip_address();
// Check user specific flood.
if (!flood_is_allowed('tfa_user', variable_get('tfa_user_threshold', 6), $user_window, $identifier)) {
drupal_set_message(t('You have reached the threshold for incorrect code entry attempts. Please try again in !time minutes.', array(
'!time' => round($user_window / 60),
)), 'error');
return TRUE;
}
elseif (!flood_is_allowed('tfa_begin', variable_get('tfa_begin_threshold', 6), $window)) {
drupal_set_message(t('You have reached the threshold for TFA attempts. Please try again in !time minutes.', array(
'!time' => round($window / 60),
)), 'error');
return TRUE;
}
elseif (!$tfa
->floodIsAllowed($window)) {
foreach ($tfa
->getErrorMessages() as $message) {
drupal_set_message($message, 'error');
}
return TRUE;
}
return FALSE;
}