i used this mod on my not IM site and realy like to see this on IM also...
i like this mod verry mutch and thin much more will do te same also.
it hass a max login attempts function and a force password update function witch is pretty handy.
- Code: Select all
############################################################## ## MOD Title]http://mods.db9.dk#[/url]# MOD Description: This mod will prevent hacking on users## password, and give the admin the posibilty## to specify witch types of passwords are## accepted.## MOD Version: 1.2.9## MOD Compatibility: 2.0.6## ## Installation Level: Intermediate## Installation Time: 12 Minutes (1mn by EasyMOD of Nuttzy)## Files To Edit: 13## login.php## admin/admin_board.php## admin/admin_users.php## includes/functions_validate.php## includes/page_header.php## includes/usercp_activate.php## includes/usercp_register.php## language/lang_english/lang_admin.php ## language/lang_english/lang_main.php ## templates/subSilver/overall_header.tpl## templates/subSilver/simple_header.tpl## templates/subSilver/admin/board_config.tpl## templates/subSilver/admin/users_edit_body.tpl#### Included Files: 4## protect_user_account_db_update.php## root/change_password.php## root/language/lang_english/email/bad_login.tpl## root/templates/subSilver/change_password_popup.tpl################################################################ ## For Security Purposes, Please Check: [url=http://www.phpbb.com/mods/]http://www.phpbb.com/mods/[/url] for the ## latest version of this MOD. Downloading this MOD from other sites could cause malicious code ## to enter into your phpBB Forum. As such, phpBB will not offer support for MOD's not offered ## in our MOD-Database, located at: [url=http://www.phpbb.com/mods/]http://www.phpbb.com/mods/[/url] ############################################################## ## Author Notes: ## ## 1. Full MOD description## -----------## The mod works like this: when users register/change password,## the password is validated according to the rules set by admin.## You can in admin panel->board config->user password settings## specify what are valid.## When users then try to login, then the password is validated## and if a user submit a wrong password X times, on a users## account.## Then the specifyed username can not login for a specific## time (e.g. 30 min). This prevents that a fake user repeately## try to login on another users account.## Note: that the blocked time, should not be set to long,## so the "real" user can still log-in#### Features in admin interface## - set time user shal be blocked (board config)## - set minimum password length (board config)## - set if password must be complex (board config)## - set if password must be different from username (board config)## - block user (user managment)## - unblock user (user managment)## - force change of users password on next login (user managment)## - view number of wrong logins (user managment)## - view time user is unblocked (user managment)## - view ip witch have made the useraccount blocked (user managment)#### 2. EasyMOD## -----------## This MOD is compatible and can be installed by EasyMOD## of Nuttzy (but is not officially EasyMOD Compliant)!## [url=http://area51.phpbb.com/phpBB22/viewforum.php?sid=&f=15#]http://area51.phpbb.com/phpBB22/viewfor ... sid=&f=15#[/url]### However, on alpha releases of EM and meanwhile beta or ## final release some actions are NOT performed.## You'll have to do them manually !#### 2.1 SQL commands are not performed## -----------## This MOD need a database update.## Then, in any case if you install this MOD manually or using## an alpha release of EM, please copying the *_db_update.php## in your phpBB root directory, run it with your navigator,## and then delete it from the phpBB root directory.#### Please, do it NOW! Before editing phpBB files by EM or manually!!!## Otherwise, you may have an error message during your next## connection.#### 2.2 Translation are not managed## -----------## Moreover, EM can not already manage actions for any other## language than English (but language intructions are proceed## to all installed languages in order to prevent errors).## So the translations provided with this MOD must be installed## manually if you need them.#### 3. Official last version link## -----------## Meanwhile the phpBB group validation and as the MOD is not yet## in the phpBB MOD database, check this official link for updates...## [url=http://mods.db9.dk/viewtopic.php?t=555#]http://mods.db9.dk/viewtopic.php?t=555#[/url]############################################################### ## MOD History: ## ## 2003-12-18 - Version 1.2.9## - phpBB template & EasyMOD compliance enhancement## - French translation now provide with the MOD#### 2003-11-30 - Version 1.2.8## - corrected lang_main.php/lang_admin/email tempalte,## gramtically and spelling#### 2003-11-30 - Version 1.2.7## - fixed usercp_register.php and admin_users.php## problems if "account activation"=NONE#### 2003-11-18 - Version 1.2.6## - corrected lang_main.php, gramtically / spelling#### 2003-10-14 - Version 1.2.5## - changed login.php, preventing guest being password## checked#### 2003-09-16 - Version 1.2.4## - changed usercp_register.php fixed a isue when users## did register #### 2003-08-28 - Version 1.2.3## - changed admin_users.php admin/users_edit_body.tpl## to allow admin to "un-mark force passwd"#### 2003-08-25 - Version 1.2.2## - change into login.php#### 2003-08-25 - Version 1.2.1## - added change into usercp_activate.php## ## 2003-08-24 - Version 1.2.0## - Now support password expire date## ## 2003-08-23 - Version 1.1.9## - verifyed for 2.0.6., EM ready#### ????-??-?? - Version 1.1.8## - corrected a bug in login.php#### ????-??-?? - Version 1.1.7## - minor correction to admin_users.php #### ????-??-?? - Version 1.1.6## - corrected admin/admin_board_config_body.tpl#### ????-??-?? - Version 1.1.5## - timezone corrections#### ????-??-?? - Version 1.1.4## - type in the how-to, regarding $password_complex_xx#### ????-??-?? - Version 1.1.3## - changed a find tag in the login.php#### ????-??-?? - Version 1.1.2## - if user are blocked from admin panel, they are## blocked instant#### ????-??-?? - Version 1.1.1## - missed a part in the how-to login.php#### ????-??-?? - Version 1.1.0## - now email notifications are send out, if account## are blocked#### ????-??-?? - Version 1.0.5## - mised the user_block_by SQL#### ????-??-?? - Version 1.0.4## - there was missing a find tag for the admin_users.php## in the how-to#### ????-??-?? - Version 1.0.3## - updated the how-to for login.php#### ????-??-?? - Version 1.0.2## - added admin interface (users), IP are now logged#### ????-??-?? - Version 1.0.1## - corrected login.php#### ????-??-?? - Version 1.0.0## - going over to FINAL, working well#### ????-??-?? - Version 0.9.7## - missed a part in admin interface#### ????-??-?? - Version 0.9.6## - now includes admin interface (board config)#### ????-??-?? - Version 0.9.5## - corrected the english language#### ????-??-?? - Version 0.9.4## - fixed a "left over" in the admin_board.php#### ????-??-?? - Version 0.9.3## - now include complex password rules, admin interface## not yet completted#### ????-??-?? - Version 0.9.2## - now included a admin interface, so value are## configurable#### ????-??-?? - Version 0.9.1## - corrected some typo, i the initial 0.9.0 how-to#### ????-??-?? - Version 0.9.0## - initial BETA, basic fetures ################################################################ ## Before Adding This MOD To Your Forum, You Should Back Up All Files Related To This MOD ############################################################### #-----[ COPY ]------------------------------------------------ #copy protect_user_account_db_update.php to protect_user_account_db_update.phpcopy root/change_password.php to change_password.phpcopy root/language/lang_english/email/bad_login.tpl to language/lang_english/email/bad_login.tplcopy root/sounds/gun.mid to sounds/gun.midcopy root/templates/subSilver/change_password_popup.tpl to templates/subSilver/change_password_popup.tpl ## This MOD need a database update.# Then, as you must have now copied the protect_user_account_db_update.php file# in your phpBB root directory, run it with your navigator...# [url=http://www.yourWebSite.xxx/phpbbRootDir/protect_user_account_db_update.php#]http://www.yourWebSite.xxx/phpbbRootDir ... pdate.php#[/url]# ...and then delete it from the phpBB root directory!!!## Please, do it NOW! Before editing phpBB files by EM or manually!!!# Otherwise, you may have an error message during your next# connection.# # #-----[ OPEN ]------------------------------------------------ # login.php # #-----[ FIND ]------------------------------------------------ # $sql = "SELECTFROM " . USERS_TABLE . " # #-----[ IN-LINE FIND ]---------------------------------------- # , user_level # #-----[ IN-LINE AFTER, ADD ]---------------------------------- # , user_badlogin, user_blocktime, user_email, user_lang, user_timezone,user_passwd_change # #-----[ FIND ]------------------------------------------------ # if( md5($password) == $row['user_password'] && $row['user_active'] ) # #-----[ BEFORE, ADD ]----------------------------------------- # // Start add - Protect user account MODif ($row['user_blocktime']<time>sql_query($sql)) ){ message_die(GENERAL_ERROR, 'Error updating correct login data', '', __LINE__, __FILE__, $sql);}// End add - Protect user account MOD # #-----[ FIND ]------------------------------------------------ # redirect(appen # #-----[ BEFORE, ADD ]----------------------------------------- # // Start add - Protect user account MODif ($session_id['user_id']!=ANONYMOUS){include($phpbb_root_path . "includes/functions_validate.$phpEx");$pass_result = validate_complex_password ($username, $password);if ( $session_id['user_passwd_change']==0 || $pass_result['error']== true){ //force a change of password, do not allow a secound login $sql = "UPDATE " . USERS_TABLE . " SET user_passwd_change='-9999' WHERE user_id = '" . $session_id['user_id'] . "'"; if ( !($result = $db->sql_query($sql)) ) { message_die(GENERAL_ERROR, 'Error updating correct login data2', '', __LINE__, __FILE__, $sql); } $url .= ( ereg( "?" , $url) ) ? '&ch_passwd=1' : '?ch_passwd=1';} elseif ( intval((time()-$session_id['user_passwd_change']) / 86400) >= $board_config['max_password_age']){ session_end($session_id['session_id'], $session_id['user_id']); $message = $lang['Passwd_have_expired'] . '<br><br><a>'.$lang['Send_new_passwd'].'</a><br><br>' . sprintf($lang['Click_return_portal'], '<a>', '</a>'); message_die(GENERAL_MESSAGE, $message);} elseif ( intval((time()-$session_id['user_passwd_change']) / 86400)+(($board_config['max_password_age']<14>= $board_config['max_password_age'] ){ $url .= ( ereg( "?" , $url) ) ? '&ch_passwd=1' : '?ch_passwd=1';}}// End add - Protect user account MOD # #-----[ FIND ]------------------------------------------------ # $redirect = str_replace('?', '&', $redirect);$template->assign_vars(array('META' => ); # #-----[ AFTER, ADD ]------------------------------------------ # // Start add - Protect user account MODif ($row['user_active'] ){ //count bad login // block the user for X min if (($row['user_badlogin']+1) % $board_config['max_login_error']) { $sql = "UPDATE " . USERS_TABLE . " SET user_badlogin=user_badlogin+1 WHERE username = '" . str_replace("'", "''", $username) . "'"; if ( !($result = $db->sql_query($sql)) ) { message_die(GENERAL_ERROR, 'Error updating bad login data'.$user_ip, '', __LINE__, __FILE__, $sql); } } else { $blocktime = ", user_block_by='$user_ip', user_blocktime='" . (time()+($board_config['block_time']*60)) . "'"; $sql = "UPDATE " . USERS_TABLE . " SET user_badlogin=user_badlogin+1 $blocktime WHERE username = '" . str_replace("'", "''", $username) . "'"; if ( !($result = $db->sql_query($sql)) ) { message_die(GENERAL_ERROR, 'Error updating bad login data'.$user_ip, '', __LINE__, __FILE__, $sql); } if ($row['user_email'] && $row['user_blocktime']<40>email_address($row['user_email']); $email_headers = "To: "".$row['username']."" <row>use_template('bad_login', $row['user_lang']); $emailer->extra_headers($email_headers); $emailer->assign_vars(array( 'USER' => '"'.$row['username'].'"', 'BLOCK_TIME' => $board_config['block_time'], 'BAD_LOGINS' => $row['user_badlogin']+1, 'BLOCK_UNTIL' => create_date ($lang['Time_format'],time()+($board_config['block_time']*60),$row['user_timezone']), 'SITENAME' => $board_config['sitename'], 'BOARD_EMAIL' => $board_config['board_email'])); $emailer->send(); $emailer->reset(); } }}// End add - Protect user account MOD # #-----[ FIND ]------------------------------------------------ #}}else{$redirect = ($redirect = str_replace("?", "&", $redirect); # #-----[ BEFORE, ADD ]----------------------------------------- # // Start add - Protect user account MOD} else{ $message = (($lang['Error_login_tomutch'])?$lang['Error_login_tomutch']:$lang['Error_login']) . '<br><br>' . sprintf($lang['Click_return_login'], '<a>', '</a>') . '<br><br>' . sprintf($lang['Click_return_index'], '<a>', '</a>'); message_die(GENERAL_MESSAGE, $message);}// End add - Protect user account MOD # #-----[ FIND ]------------------------------------------------ #else{$url = # #-----[ AFTER, ADD ]------------------------------------------ # // Start add - Protect user account MODif ($session_id['user_id']!=ANONYMOUS){include($phpbb_root_path . "includes/functions_validate.$phpEx");$pass_result = validate_complex_password ($username, $password);if ( $session_id['user_passwd_change']==0 || $pass_result['error']== true){ //force a change of password, do not allow a secound login $sql = "UPDATE " . USERS_TABLE . " SET user_passwd_change='-9999' WHERE user_id = '" . $session_id['user_id'] . "'"; if ( !($result = $db->sql_query($sql)) ) { message_die(GENERAL_ERROR, 'Error updating correct login data2', '', __LINE__, __FILE__, $sql); } $url .= ( ereg( "?" , $url) ) ? '&ch_passwd=1' : '?ch_passwd=1';} elseif ( intval((time()-$session_id['user_passwd_change']) / 86400) >= $board_config['max_password_age']){ session_end($session_id['session_id'], $session_id['user_id']); $message = $lang['Passwd_have_expired'] . '<br><br><a>'.$lang['Send_new_passwd'].'</a><br><br>' . sprintf($lang['Click_return_portal'], '<a>', '</a>'); message_die(GENERAL_MESSAGE, $message);} elseif ( intval((time()-$session_id['user_passwd_change']) / 86400)+(($board_config['max_password_age']<14>= $board_config['max_password_age'] ){ $url .= ( ereg( "?" , $url) ) ? '&ch_passwd=1' : '?ch_passwd=1';}}// End add - Protect user account MOD # #-----[ OPEN ]------------------------------------------------ # admin/admin_board.php # #-----[ FIND ]------------------------------------------------ # $prune_no = ( !$new['prune_enable'] ) ? "checked="checked"" : ""; # #-----[ AFTER, ADD ]------------------------------------------ # // Start add - Protect user account MOD$password_not_login_yes = ( $new['password_not_login'] ) ? "checked="checked"" : "";$password_not_login_no = ( !$new['password_not_login'] ) ? "checked="checked"" : "";$password_complex_yes = ( $new['force_complex_password'] ) ? "checked="checked"" : ""; $password_complex_no = ( !$new['force_complex_password'] ) ? "checked="checked"" : ""; // End add - Protect user account MOD # #-----[ FIND ]------------------------------------------------ # "L_ENABLE_PRUNE" => $lang['Enable_prune'], # #-----[ AFTER, ADD ]------------------------------------------ # // Start add - Protect user account MOD'L_USER_PASSWORD_SETTINGS' => $lang['user_password_settings'],'L_PASSWORD_COMPLEX' => $lang['Password_complex'],'L_PASSWORD_COMPLEX_EXPLAIN' => $lang['Password_complex_explain'],'L_PASSWORD_NOT_LOGIN' => $lang['Password_not_login'],'L_PASSWORD_NOT_LOGIN_EXPLAIN' => $lang['Password_not_login_explain'],'L_PASSWORD_LEN' => $lang['Password_len'],'L_PASSWORD_LEN_EXPLAIN' => $lang['Password_len_explain'],'L_BLOCK_TIME' => $lang['Block_time'], 'L_BLOCK_TIME_EXPLAIN' => $lang['Block_time_explain'], 'L_MAX_LOGIN_ERROR' => $lang['Max_login_error'], 'L_MAX_LOGIN_ERROR_EXPLAIN' => $lang['Max_login_error_explain'], 'L_PASSWORD_INTERVALL' => $lang['Password_intervall'],// End add - Protect user account MOD # #-----[ FIND ]------------------------------------------------ # "PRUNE_NO" => $prune_no, # #-----[ AFTER, ADD ]------------------------------------------ # // Start add - Protect user account MOD'BLOCK_TIME' => $new['block_time'], 'MAX_LOGIN_ERROR' => $new['max_login_error'], 'MIN_PASSWORD_LEN' => $new['min_password_len'],'PASSWORD_INTERVALL' => $new['max_password_age'],'S_PASSWORD_COMPLEX_ENABLED' => $password_complex_yes,'S_PASSWORD_COMPLEX_DISABLED' => $password_complex_no,'S_PASSWORD_NOT_LOGIN_ENABLED' => $password_not_login_yes,'S_PASSWORD_NOT_LOGIN_DISABLED' => $password_not_login_no,// End add - Protect user account MOD # #-----[ OPEN ]------------------------------------------------ # admin/admin_users.php ##-----[ FIND ]------------------------------------------------ #$message = $lang['User_deleted']message_die(} # #-----[ AFTER, ADD ]------------------------------------------ # // Start add - Protect user account MODif( $HTTP_POST_VARS['block_account'] ){ $sql = "UPDATE ".USERS_TABLE." SET user_blocktime='".(time()+$board_config['block_time']*60)."', user_block_by='$user_ip' WHERE user_id = '$user_id'"; if( !($result = $db->sql_query($sql)) ) { message_die(GENERAL_ERROR, 'Could not block user', '', __LINE__, __FILE__, $sql); } $sql = 'UPDATE ' . SESSIONS_TABLE . ' SET session_logged_in="0" WHERE session_user_id="'.$user_id.'"'; if ( !$db->sql_query($sql) ) { message_die(GENERAL_ERROR, "Couldn't update blocked sessions from database", "", __LINE__, __FILE__, $sql); } } elseif( $HTTP_POST_VARS['unblock_account'] ){ $sql = "UPDATE ".USERS_TABLE." SET user_blocktime='0', user_badlogin='0' WHERE user_id = '$user_id'"; if( !($result = $db->sql_query($sql)) ) { message_die(GENERAL_ERROR, 'Could not unblock user', '', __LINE__, __FILE__, $sql); }}// End add - Protect user account MOD ##-----[ FIND ]------------------------------------------------ #$viewemail = ( isset( $HTTP # #-----[ AFTER, ADD ]------------------------------------------ # // Start add - Protect user account MOD//// If you wish to give the user the option of using the admin// made password for X days, substitude "0" value in the secound// line below with a value of secounds + current time the password// will be valid//$force_new_passwd = ( isset( $HTTP_POST_VARS['force_new_passwd']) ) ? ( ( $HTTP_POST_VARS['force_new_passwd'] ) ? TRUE : 0 ) : 0;$force_new_passwd_sql = ( $force_new_passwd ) ? ", user_passwd_change='0'" : (($this_userdata['user_passwd_change']) ? "" : ", user_passwd_change='".time()."'");// End add - Protect user account MOD # #-----[ FIND ]------------------------------------------------ # $sql = "UPDATE " . USERS_TABLE . "SET " . $username_sql . $passwd_sql . # #-----[ IN-LINE FIND ]---------------------------------------- # . $avatar_sql # #-----[ IN-LINE AFTER, ADD ]---------------------------------- # . $force_new_passwd_sql # #-----[ FIND ]------------------------------------------------ # //// Let's do an overall check for settings/versions which would prevent # #-----[ BEFORE, ADD ]----------------------------------------- # // Start add - Protect user account MODif ($this_userdata['user_blocktime']<time>assign_vars(array( 'BLOCK_BY' => ($this_userdata['user_block_by']) ? sprintf($lang['Last_block_by'],decode_ip($this_userdata['user_block_by'])).'<br>' : '', 'BLOCK' => '<br><input>'.sprintf ($lang['Block_user'],$board_config['block_time']) ));} else{ $template->assign_vars(array( 'BLOCK_UNTIL' => sprintf($lang['Block_until'], create_date($board_config['default_dateformat'], $this_userdata['user_blocktime'], $board_config['board_timezone']) ).'<br>', 'BLOCK_BY' => ($this_userdata['user_block_by']) ? sprintf($lang['Block_by'],decode_ip($this_userdata['user_block_by'])).'<br>' : '', 'BLOCK' => '<br><input>'.$lang['Unblock_user'] )).'<br>';}if ($this_userdata['user_passwd_change']>0){ $l_force_new_passwd_explain = sprintf ($lang['Password_expire'],create_date($board_config['default_dateformat'],$this_userdata['user_passwd_change']+($board_config['max_password_age']*86400),$board_config['board_timezone'])); $force_new_passwd_checked ='';} else{ $l_force_new_passwd_explain = ''; $force_new_passwd_checked = 'value="checked" checked="checked"';}// End add - Protect user account MOD # #-----[ FIND ]------------------------------------------------ # 'RANK_SELECT_BOX' => $rank_select_box, # #-----[ AFTER, ADD ]------------------------------------------ # // Start add - Protect user account MOD'BAD_LOGIN_COUNT' => $this_userdata['user_badlogin'],'FORCE_NEW_PASSWD_CHECKED' => $force_new_passwd_checked,// End add - Protect user account MOD # #-----[ FIND ]------------------------------------------------ # 'L_INTERESTS' => $lang['Interests'], # #-----[ AFTER, ADD ]------------------------------------------ # // Start add - Protect user account MOD'L_ACCOUNT_BLOCK' => $lang['Account_block'],'L_ACCOUNT_BLOCK_EXPLAIN' => $lang['Account_block_explain'],'L_UNBLOCK' => $lang['Unblock_user'],'L_BAD_LOGIN_COUNT' => $lang['Badlogin_count'],'L_FORCE_NEW_PASSWD' => $lang['Force_new_passwd'],'L_FORCE_NEW_PASSWD_EXPLAIN' => $l_force_new_passwd_explain,// End add - Protect user account MOD # #-----[ OPEN ]------------------------------------------------ # includes/functions_validate.php # #-----[ FIND ]------------------------------------------------ # ?> # #-----[ BEFORE, ADD ]----------------------------------------- # // Start add - Protect user account MODfunction validate_complex_password ($username, $password){ global $board_config, $lang; $ret = FALSE; //verify minimum length if ( strlen($password) <board_config> ($ret) ? TRUE : FALSE , 'error_msg' => $msg_explain);}// End add - Protect user account MOD # #-----[ OPEN ]------------------------------------------------ # includes/page_header.php # #-----[ FIND ]------------------------------------------------ #// Add no-cache control for cookies if they are set # #-----[ BEFORE, ADD ]----------------------------------------- # // Start add - Protect user account MOD// change password ?if ($HTTP_GET_VARS['ch_passwd']){ $template->assign_var("PASSWD_POPUP", "<script><window> </script>");}// End add - Protect user account MOD # #-----[ OPEN ]------------------------------------------------ # includes/usercp_activate.php # #-----[ FIND ]------------------------------------------------ # $sql_update_pass = ( $r # #-----[ IN-LINE FIND ]---------------------------------------- # user_newpasswd = '' # #-----[ IN-LINE AFTER, ADD ]---------------------------------- # , user_passwd_change='".(($row['user_newpasswd']==$row['user_password']) ? time() : '0')."' #-----[ OPEN ]------------------------------------------------ # includes/usercp_register.php # #-----[ FIND ]------------------------------------------------ # if ( !empty($new_password) && !empty($password_confirm) ){ # #-----[ AFTER, ADD ]------------------------------------------ # // Start add - Protect user account MOD// validate that the password is complex$result = validate_complex_password ($username, $new_password);if ( $result['error'] ){ $error = TRUE; $error_msg .= ( ( isset($error_msg) ) ? '<br>' : '' ) . $result['error_msg']; }// End add - Protect user account MOD # #-----[ FIND ]------------------------------------------------ # } $sql = "UPDATE " . USERS_TABLE . " # #-----[ BEFORE, ADD ]----------------------------------------- # // Start add - Protect user account MOD$passwd_sql .= (empty($passwd_sql)) ? "" : " user_passwd_change=".time().",";// End add - Protect user account MOD # #-----[ FIND ]------------------------------------------------ # $sql = "INSERT INTO " . USERS_TABLE . " # #-----[ IN-LINE FIND ]---------------------------------------- # , user_active # #-----[ IN-LINE BEFORE, ADD ]--------------------------------- # , user_passwd_change # #-----[ FIND ]------------------------------------------------ # VALUES ( # #-----[ IN-LINE FIND ]---------------------------------------- # ; # #-----[ IN-LINE BEFORE, ADD ]--------------------------------- # .time()."," # #-----[ OPEN ]------------------------------------------------ # language/lang_english/lang_admin.php # #-----[ FIND ]------------------------------------------------ # ?> # #-----[ BEFORE, ADD ]----------------------------------------- # // Start add - Protect user account MOD$lang['user_password_settings'] = 'User Password Settings'; $lang['Max_login_error'] = 'Number of attempts before blocking user'; $lang['Max_login_error_explain'] = 'If a user submit a wrong password, repeately, then the users account is blocked for a while, specify here how meny times vrong passwords are discarded before the users account is blocked'; $lang['Block_time'] = 'Block account time'; $lang['Block_time_explain'] = 'Number of minutes the user account is blocked, if a wrong password is submitted repeately more than specifyed in "Block user on wrong login"'; $lang['Password_complex'] = 'Complex Password'; $lang['Password_complex_explain'] = 'Users password must consist of both alpha and numeric characters'; $lang['Password_len'] = 'Minimum password length'; $lang['Password_len_explain'] = 'Valid range is [ 1 - 32 ]'; $lang['Password_not_login'] = 'Password different from Username'; $lang['Password_not_login_explain'] = 'Password must be different than the Username'; $lang['Account_block'] = 'Account blocked'; $lang['Account_block_explain'] = 'Here you can view/set or reset users block information'; $lang['Block_until'] ='Blocked until: %s';// %s is substituded with the date/time $lang['Block_by'] = 'Blocked by IP: %s';// %s is substituded with the ip addr. $lang['Last_block_by'] = 'Last blocked by IP: %s';// %s is substituded with the ip addr. $lang['Unblock_user'] ='Unblock user account'; $lang['Block_user'] ='Block user account for %s min';// %s is substituded with the date/time $lang['Badlogin_count'] = 'Number of bad login'; $lang['Force_new_passwd'] = 'Force user to change password on next logon'; $lang['Password_intervall'] = 'Days between users are forced to change password'; $lang['Password_expire'] = 'This users password will expire on: %s';// End add - Protect user account MOD # #-----[ OPEN ]------------------------------------------------ # language/lang_english/lang_main.php # #-----[ FIND ]------------------------------------------------ # ?> # #-----[ BEFORE, ADD ]----------------------------------------- # // Start add - Protect user account MOD$lang['Error_login_tomutch']='You have specified a locked username, please try again later'; $lang['Password_not_complex'] ='The specified password, does not comply with the complexity rules, you should verify that: the password '; $lang['Password_to_short'] = 'is at least %d characters long'; $lang['Password_mixed'] = 'has both numbers and letters'; $lang['Password_not_same'] = 'is not the same as your username'; $lang['Time_format'] = 'D d. M, Y H:i:s';// how time should be shown in email notification $lang['Passwd_have_expired'] = 'Your password has expired, you may request a new one'; $lang['Passwd_expired'] = 'Your password has expired and is no longer valid. However, you still have the opportunity to choose a new one now. If, for some reason, you cannot change it now, do not panic. You may request a new random password, using the appropriate link at your next logon.'; $lang['Passwd_soon_expired'] = 'Your password will expire in %d days. We recommend that you change it before it actually expires. Should you let your password expire, you may request a new one using the appropriate link at your next logon.'; $lang['Send_new_passwd'] = 'Send me a new password'; $lang['Passwd_updated'] = 'Thank you <br>Your new password is now stored'; $Lang['Passwd_title'] = 'Please change your password';// End add - Protect user account MOD # #-----[ OPEN ]------------------------------------------------ # # Make sure to edit this file for every theme your admin uses.#templates/subSilver/overall_header.tpl # #-----[ FIND ]------------------------------------------------ # </head> # #-----[ BEFORE, ADD ]----------------------------------------- # <Start>{PASSWD_POPUP}<End> # #-----[ OPEN ]------------------------------------------------ # # Make sure to edit this file for every theme your admin uses.#templates/subSilver/simple_header.tpl # #-----[ FIND ]------------------------------------------------ # <body> # #-----[ IN-LINE BEFORE, ADD ]--------------------------------- # {CLOSE_POPUP} # #-----[ OPEN ]------------------------------------------------ # # Make sure to edit this file for every theme your admin uses.#templates/subSilver/admin/board_config_body.tpl # #-----[ FIND ]------------------------------------------------ # value="{SAVEBOX_LIMIT}" /></td></tr> # #-----[ AFTER, ADD ]------------------------------------------ # <Start><tr> <th>{L_USER_PASSWORD_SETTINGS}</th></tr><tr> <td>{L_PASSWORD_INTERVALL}<br><span>{L_PASSWORD_INTERVALL_EXPLAIN}</span></td> <td><input></td> </tr> <tr> <td>{L_MAX_LOGIN_ERROR}<br><span>{L_MAX_LOGIN_ERROR_EXPLAIN}</span></td> <td><input></td> </tr> <tr> <td>{L_BLOCK_TIME}<br><span>{L_BLOCK_TIME_EXPLAIN}</span></td> <td><input></td> </tr><tr> <td>{L_PASSWORD_COMPLEX}<br><span>{L_PASSWORD_COMPLEX_EXPLAIN}</span></td> <td><input>{L_ENABLED} <input>{L_DISABLED}</td></tr><tr> <td>{L_PASSWORD_NOT_LOGIN}<br><span>{L_PASSWORD_NOT_LOGIN_EXPLAIN}</span></td> <td><input>{L_ENABLED} <input>{L_DISABLED}</td></tr><tr> <td>{L_PASSWORD_LEN}<br><span>{L_PASSWORD_LEN_EXPLAIN}</span></td> <td><input></td> </tr><End> # #-----[ OPEN ]------------------------------------------------ # # Make sure to edit this file for every theme your admin uses.#templates/subSilver/admin/user_edit_body.tpl # #-----[ FIND ]------------------------------------------------ # {L_DELETE_USER_EXPLAIN}</td></tr> # #-----[ AFTER, ADD ]------------------------------------------ # <Start><tr> <td><span>{L_FORCE_NEW_PASSWD} ?</span><br><span>{L_FORCE_NEW_PASSWD_EXPLAIN}</span></td> <td> <input> </td></tr><tr> <td><span>{L_ACCOUNT_BLOCK}:</span><br><span>{L_ACCOUNT_BLOCK_EXPLAIN}<br></td> <td> {L_BAD_LOGIN_COUNT}: {BAD_LOGIN_COUNT}<br> {BLOCK_UNTIL}{BLOCK_BY} {BLOCK}</td> </tr><End> # #-----[ SAVE/CLOSE ALL FILES ]-------------------------------- # # EoM