From 2efe535510d762fc2cdf1a055e5dcec2c0155d80 Mon Sep 17 00:00:00 2001 From: x2003bruneau Date: Mon, 22 Jan 2007 16:55:00 +0000 Subject: [PATCH] Add a test on registration to catch too hesitant usurpers git-svn-id: svn+ssh://murphy/home/svn/platal/trunk@1386 839d8a87-29fc-0310-9880-83ba4fa771e5 --- include/xorg.misc.inc.php | 2 +- modules/register.php | 12 ++++++++++++ 2 files changed, 13 insertions(+), 1 deletion(-) diff --git a/include/xorg.misc.inc.php b/include/xorg.misc.inc.php index f4077d2..5473e7e 100644 --- a/include/xorg.misc.inc.php +++ b/include/xorg.misc.inc.php @@ -144,7 +144,7 @@ function send_warning_mail($title) $mailer = new PlMailer(); $mailer->setFrom("webmaster@polytechnique.org"); $mailer->addTo("hotliners@staff.polytechnique.org"); - $mailer->setSubject($title); + $mailer->setSubject("[Plat/al Security Alert] $title"); $mailer->setTxtBody("Identifiants de session :\n" . var_export($_SESSION, true) . "\n\n" ."Identifiants de connexion :\n" . var_export($_SERVER, true)); $mailer->send(); diff --git a/modules/register.php b/modules/register.php index a309bb7..844b2b4 100644 --- a/modules/register.php +++ b/modules/register.php @@ -38,8 +38,17 @@ class RegisterModule extends PLModule if (!isset($sub_state['step'])) { $sub_state['step'] = 0; } + if (!isset($sub_state['backs'])) { + $sub_state['backs'] = array(); + } if (Get::has('back') && Get::i('back') < $sub_state['step']) { $sub_state['step'] = max(0,Get::i('back')); + $state = $sub_state; + unset($state['backs']); + $sub_state['backs'][] = $state; + if (count($sub_state['backs']) == 3) { + $alert .= "Tentative d'inscription tres hesitante - "; + } } // Compatibility with old sources, keep it atm @@ -179,6 +188,9 @@ class RegisterModule extends PLModule $alert .= "Tentative d'inscription depuis une IP surveillee"; } else { $sub_state['step'] = 4; + if ($sub_state['backs'] >= 3) { + $alert .= "Fin d'une inscription hésitante"; + } finish_ins($sub_state); } } -- 2.1.4