Changeset 550 for trunk/lib/Auth_SQL.inc.php
- Timestamp:
- Nov 24, 2015 5:38:54 PM (8 years ago)
- File:
-
- 1 edited
-
trunk/lib/Auth_SQL.inc.php (modified) (7 diffs)
Legend:
- Unmodified
- Added
- Removed
-
trunk/lib/Auth_SQL.inc.php
r541 r550 32 32 class Auth_SQL 33 33 { 34 35 34 // Available hash types for class Auth_SQL. 36 35 const ENCRYPT_PLAINTEXT = 1; … … 70 69 71 70 // The type of hash to use for passwords stored in the db_table. Use one of the Auth_SQL::ENCRYPT_* types specified above. 72 // Hardened password hashes rely on the same key/salt being used to compare hash s.71 // Hardened password hashes rely on the same key/salt being used to compare hashes. 73 72 // Be aware that when using one of the hardened types the App signing_key or $more_salt below cannot change! 74 73 'hash_type' => self::ENCRYPT_MD5, … … 176 175 } 177 176 178 // The minimal columns for a table compat able with the Auth_SQL class.177 // The minimal columns for a table compatible with the Auth_SQL class. 179 178 $db->query("CREATE TABLE IF NOT EXISTS " . $db->escapeString($this->getParam('db_table')) . " ( 180 179 " . $this->getParam('db_primary_key') . " MEDIUMINT UNSIGNED NOT NULL PRIMARY KEY AUTO_INCREMENT, … … 475 474 switch ($user_data['blocked_reason']) { 476 475 case 'account abuse' : 477 $app->raiseMsg(sprintf(_("This account has been blocked due to possible account abuse. Please contact usto reactivate."), null), MSG_WARNING, __FILE__, __LINE__);476 $app->raiseMsg(sprintf(_("This account has been blocked due to possible account abuse. Please contact an administrator to reactivate."), null), MSG_WARNING, __FILE__, __LINE__); 478 477 break; 479 478 default : … … 507 506 if ($this->get('abuse_warning_level') < $this->_params['login_abuse_warnings']) { 508 507 // Warn the user with a password reset. 509 $this->resetPassword(null, _("This is a security precaution. We have detected this account has been accessed from multiple computers simultaneously. It is against policy to share login informationwith others. If further account abuse is detected this account will be blocked."));508 $this->resetPassword(null, _("This is a security precaution. We have detected this account has been accessed from multiple computers simultaneously. It is against policy to share credentials with others. If further account abuse is detected this account will be blocked.")); 510 509 $app->raiseMsg(_("Your password has been reset as a security precaution. Please check your email for more information."), MSG_NOTICE, __FILE__, __LINE__); 511 510 $app->logMsg(sprintf('Account abuse detected for user_id %s (%s) from IP %s', $this->get('user_id'), $this->get('username'), $this->get('remote_ip')), LOG_WARNING, __FILE__, __LINE__); … … 652 651 if (strtotime($_SESSION['_auth_sql'][$this->_ns]['last_access_datetime']) > (time() - 43200)) { 653 652 // Only raise message if last session is less than 12 hours old. 654 $app->raiseMsg( _("Your session has expired. You need to log-in again."), MSG_NOTICE, __FILE__, __LINE__);653 $app->raiseMsg(sprintf(_("For your safety we logged you out after being idle for %s. Please log in again."), humanTime($this->_params['idle_timeout'], 'hour', '%01.0f')), MSG_NOTICE, __FILE__, __LINE__); 655 654 } 656 655 … … 1044 1043 $email = new Email(array( 1045 1044 'to' => $user_data['email'], 1046 'from' => sprintf(' %s <%s>', $app->getParam('site_name'), $app->getParam('site_email')),1045 'from' => sprintf('"%s" <%s>', addcslashes($app->getParam('site_name'), '"'), $app->getParam('site_email')), 1047 1046 'subject' => sprintf('%s password change', $app->getParam('site_name')) 1048 1047 ));
Note: See TracChangeset
for help on using the changeset viewer.
