discuz!x2.5登录管理面板
登录管理中心时四次书错密码会看见这个
访问管理中心
“您的管理面板已经锁定!
请在 1797 秒以后重新访问管理中心”
在哪里控制这呢?
追踪x2.5
./admin.php $admincp = new discuz_admincp(); $admincp->core = & $discuz; $admincp->init();
./source/class/discuz/discuz_admincp.php
class discuz_admincp
属性: var $sessionlife = 1800; //session的存活期,控制多少时间内可以不用重新登录,控制多久不可重新访问控制面板(单位s)
var $panel = 1; //控制面板,管理中心是1,define('ADMINCP_PANEL', 1); define('MODCP_PANEL', 2); define('PORTALCP_PANEL', 3); 登录有效性分不同的控制面板
/** * $this->cpaccess = 0; 没有用户登录,登录管理中心需要输入用户名和密码 * $this->cpaccess = 1; 用户已经登录,重新登录管理面板 * $this->cpaccess = 2; 用户(提交)登录管理面板错误次数没有超过3次 * $this->cpaccess = 3; 用户无需登录,可直接访问管理面板 * $this->cpaccess = -1 管理面板锁定 */ function check_cpaccess() { global $_G; $session = array(); //没有用户登录 if(!$this->adminuser['uid']) { $this->cpaccess = 0; } else { //非创始人 if(!$this->isfounder) { $session = C::t('common_admincp_member')->fetch($this->adminuser['uid']);//取出管理员相关信息:所属团队职务组ID,管理团队权限(一般无) if($session) { $session = array_merge($session, C::t('common_admincp_session')->fetch($this->adminuser['uid'], $this->panel));//取出登录管理面板记录信息 } } else { $session = C::t('common_admincp_session')->fetch($this->adminuser['uid'], $this->panel); } if(empty($session)) { $this->cpaccess = $this->isfounder ? 1 : -2; } elseif($_G['setting']['adminipaccess'] && !ipaccess($_G['clientip'], $_G['setting']['adminipaccess'])) { //设置了允许访问管理中心的 IP 列表,当前ip没有在列表内 $this->do_user_login(); } elseif ($session && empty($session['uid'])) { //session中没有uid $this->cpaccess = 1; } elseif ($session['dateline'] < $this->sessionlimit) { // session过期了 $this->cpaccess = 1; } elseif ($this->cpsetting['checkip'] && ($session['ip'] != $this->core->var['clientip'])) { //配置文件中检查session中的ip,是否和当前用户ip一致 $this->cpaccess = 1; } elseif ($session['errorcount'] >= 0 && $session['errorcount'] <= 3) { //登录错误次数0~3次 $this->cpaccess = 2; } elseif ($session['errorcount'] == -1) { //正常登录中... $this->cpaccess = 3; } else { $this->cpaccess = -1; } } if($this->cpaccess == 2 || $this->cpaccess == 3) { if(!empty($session['customperm'])) { $session['customperm'] = dunserialize($session['customperm']); } } $this->adminsession = $session; if($_SERVER['REQUEST_METHOD'] == 'POST' && isset($_POST['admin_password'])) { if($this->cpaccess == 2) { $this->check_admin_login(); } elseif($this->cpaccess == 0) { $this->check_user_login(); } } if($this->cpaccess == 1) { //更新session表,重新登录 C::t('common_admincp_session')->delete($this->adminuser['uid'], $this->panel, $this->sessionlife); C::t('common_admincp_session')->insert(array( 'uid' => $this->adminuser['uid'], 'adminid' => $this->adminuser['adminid'], 'panel' => $this->panel, 'ip' => $this->core->var['clientip'], 'dateline' => TIMESTAMP, 'errorcount' => 0, )); } elseif ($this->cpaccess == 3) { //更新管理员最后登录时间 $this->load_admin_perms(); C::t('common_admincp_session')->update($this->adminuser['uid'], $this->panel, array('dateline' => TIMESTAMP, 'ip' => $this->core->var['clientip'], 'errorcount' => -1)); } if($this->cpaccess != 3) { $this->do_user_login(); } }
访问门户管理
“抱歉,由于密码尝试次数过多,管理面板已锁定
管理版面将于 2013-2-26 18:23 解除锁定”
控制处
./source/class/discuz/discuz_pannel.php
属性值:
var $ttl = 3600;//持续多久不需重新输入密码(单位s)
var $lockttl = 900; 锁定门户面板的时间(单位s)
