diff options
author | Andrew Dolgov <[email protected]> | 2018-10-16 09:11:32 +0300 |
---|---|---|
committer | Andrew Dolgov <[email protected]> | 2018-10-16 09:11:32 +0300 |
commit | f730d7bb0ac691153eacd80844bb530dca04e3cc (patch) | |
tree | 541e93a874b0e62adffa68ad808714783c057293 /classes/handler/public.php | |
parent | 9dadbdbb218885f213f05915943ce3142b2cfcd8 (diff) |
another attempt to enforce session ID regeneration on login
Diffstat (limited to 'classes/handler/public.php')
-rwxr-xr-x | classes/handler/public.php | 4 |
1 files changed, 3 insertions, 1 deletions
diff --git a/classes/handler/public.php b/classes/handler/public.php index 7cce7d71b..de9c9684a 100755 --- a/classes/handler/public.php +++ b/classes/handler/public.php @@ -503,7 +503,9 @@ class Handler_Public extends Handler { // start an empty session to deliver login error message @session_start(); - $_SESSION["login_error_msg"] = __("Incorrect username or password"); + if (!isset($_SESSION["login_error_msg"])) + $_SESSION["login_error_msg"] = __("Incorrect username or password"); + user_error("Failed login attempt for $login from {$_SERVER['REMOTE_ADDR']}", E_USER_WARNING); } |