Welcome to Geeklog, Anonymous Monday, December 23 2024 @ 03:03 am EST

Geeklog Forums

New users can't log, number of allowed login attempts


Status: offline

::Ben

Forum User
Full Member
Registered: 01/14/05
Posts: 1569
Location:la rochelle, France
Bonjour,

I maked upgrade from GL1.3.10 to 1.3.11sr3. Everything seems to be ok except when a new user try to log on, the following message : "You have exceeded the number of allowed login attempts. Please try again later." is display.

I saw something new in config.php
Text Formatted Code
// Login Speedlimit.
// number of login attempts allowed before speedlimit kicks in
$_CONF['login_attempts']   = 3;

// wait (in seconds) after $_CONF['login_attempts'] failed logins
$_CONF['login_speedlimit'] = 300;





 


New user can't log even I put
Text Formatted Code
$_CONF['login_speedlimit'] =0





 


Question Where can I make modification to solve the problem?

May be in users.php

Text Formatted Code
 // prevent dictionary attacks on passwords
    if (!isset ($_CONF['login_speedlimit'])) {
        $_CONF['login_speedlimit'] = 300;
    }
    if (!isset ($_CONF['login_attempts'])) {
        $_CONF['login_attempts'] = 3;
    }
    COM_clearSpeedlimit ($_CONF['login_speedlimit'], 'login');
    if (COM_checkSpeedlimit ('login', $_CONF['login_attempts']) > 0) {
        if (empty ($LANG04[112])) {
            $LANG04[112] = 'You have exceeded the number of allowed login attempts. Please try again later.';
        }
        $retval .= COM_siteHeader ()
                . COM_startBlock ($LANG12[26], '',
                                  COM_getBlockTemplate ('_msg_block', 'header'))
                . $LANG04[112]
                . COM_endBlock (COM_getBlockTemplate ('_msg_block', 'footer'))
                . COM_siteFooter ();
        echo $retval;
        exit();
    }

    if (isset ($HTTP_POST_VARS['loginname'])) {
        $loginname = COM_applyFilter ($HTTP_POST_VARS['loginname']);
    } else {
        $loginname = COM_applyFilter ($HTTP_GET_VARS['loginname']);
    }
    if (isset ($HTTP_POST_VARS['passwd'])) {
        $passwd = COM_applyFilter ($HTTP_POST_VARS['passwd']);
    }
    if (!empty($loginname) && !empty($passwd)) {
        $mypasswd = COM_getPassword($loginname);
    } else {
        srand((double)microtime()*1000000);
        $mypasswd = rand();
    }
    if (!empty ($passwd) && !empty ($mypasswd) && ($mypasswd == md5($passwd))) {
        DB_change($_TABLES['users'],'pwrequestid',"NULL",'username',$loginname);
        $userdata = SESS_getUserData($loginname);
        $_USER=$userdata;
        $sessid = SESS_newSession($_USER['uid'], $HTTP_SERVER_VARS['REMOTE_ADDR'], $_CONF['session_cookie_timeout'], $_CONF['cookie_ip']);
        SESS_setSessionCookie($sessid, $_CONF['session_cookie_timeout'], $_CONF['cookie_session'], $_CONF['cookie_path'], $_CONF['cookiedomain'], $_CONF['cookiesecure']);
        PLG_loginUser ($_USER['uid']);



 

or
Text Formatted Code
case 'getpassword':
    $display .= COM_siteHeader ('menu');
    if ($_CONF['passwordspeedlimit'] == 0) {
        $_CONF['passwordspeedlimit'] = 300; // 5 minutes
    }
    COM_clearSpeedlimit ($_CONF['passwordspeedlimit'], 'password');
    $last = COM_checkSpeedlimit ('password');
    if ($last > 0) {
        $display .= COM_startBlock ($LANG12[26], '',
                            COM_getBlockTemplate ('_msg_block', 'header'))
                 . sprintf ($LANG04[93], $last, $_CONF['passwordspeedlimit'])
                 . COM_endBlock (COM_getBlockTemplate ('_msg_block', 'footer'));
    } else {
        $display .= getpasswordform ();
    }
    $display .= COM_siteFooter ();
    break;





 


Thanks for your help.
I'm available to customise your themes or plugins for your Geeklog CMS
 Quote

Status: offline

1000ideen

Forum User
Full Member
Registered: 08/04/03
Posts: 1298
Did you wait more than 5 minutes, tried to delete cokies? Usually it works quite well.
 Quote

Status: offline

::Ben

Forum User
Full Member
Registered: 01/14/05
Posts: 1569
Location:la rochelle, France
The mater is : new user since updates can not even log in once.

With good login and good password, the message is You have exceeded the number of allowed login attempts. Please try again later.

Old user or admin get no problem...
Very strange?

Another :
When you hit the sumit button without login and password, normally you get :

Try Logging in Again
You may have mistyped your login credentials. Please try logging in again below. Are you a new user?


Since the update I get :

You have exceeded the number of allowed login attempts. Please try again later.


If you have any idea Confused
I'm available to customise your themes or plugins for your Geeklog CMS
 Quote

Status: offline

redneck

Forum User
Junior
Registered: 04/11/05
Posts: 24
Did you ever fix this problem? I have it as well in the same version.

Redneck
 Quote

Redneck

Anonymous
OK guys I really need help here. I am running version 1.3.11sr3 and I keed getting the error

Speed Limit
You have exceeded the number of allowed login attempts. Please try again later.


What the heck. I have never had an issue until the upgrade.

Redneck
 Quote

Status: offline

::Ben

Forum User
Full Member
Registered: 01/14/05
Posts: 1569
Location:la rochelle, France
Sorry, the problem is still not fixe...


I'm available to customise your themes or plugins for your Geeklog CMS
 Quote

All times are EST. The time is now 03:03 am.

  • Normal Topic
  • Sticky Topic
  • Locked Topic
  • New Post
  • Sticky Topic W/ New Post
  • Locked Topic W/ New Post
  •  View Anonymous Posts
  •  Able to post
  •  Filtered HTML Allowed
  •  Censored Content