summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorBenny Baumann <BenBE@geshi.org>2015-03-11 23:31:09 +0100
committerBenny Baumann <BenBE@geshi.org>2015-03-11 23:31:09 +0100
commit345eb2e771f6475e243f406fe37c41933a520c11 (patch)
tree119a6cdc24cbd390063ef80aa164c3906488f6ae
parent4818f12e8c7e6627b09e3cdadb96ef327ad6f9c4 (diff)
parent0e14ede2f690be0df938ef2e98b974f60882612f (diff)
downloadcacert-devel-345eb2e771f6475e243f406fe37c41933a520c11.tar.gz
cacert-devel-345eb2e771f6475e243f406fe37c41933a520c11.tar.xz
cacert-devel-345eb2e771f6475e243f406fe37c41933a520c11.zip
Merge branch 'bug-1341' into release
-rw-r--r--www/index.php6
1 files changed, 2 insertions, 4 deletions
diff --git a/www/index.php b/www/index.php
index 2247b68..8c5560c 100644
--- a/www/index.php
+++ b/www/index.php
@@ -241,10 +241,8 @@ require_once('../includes/notary.inc.php');
$query = "select * from `users` where `email`='$email' and (`password`=old_password('$pword') or `password`=sha1('$pword') or
`password`=password('$pword')) and `verified`=0 and `deleted`=0";
$res = mysql_query($query);
- if(!$rateLimit) {
- $_SESSION['_config']['errmsg'] = _("You hit the login rate limit of 1 login per 5 seconds.");
- } else if(mysql_num_rows($res) <= 0) {
- $_SESSION['_config']['errmsg'] = _("Incorrect email address and/or Pass Phrase.");
+ if(!$rateLimit || mysql_num_rows($res) <= 0) {
+ $_SESSION['_config']['errmsg'] = _("Login failed due to incorrect email address, wrong passphrase or because the rate limit of one login per 5 seconds was hit.");
} else {
$_SESSION['_config']['errmsg'] = _("Your account has not been verified yet, please check your email account for the signup messages.");
}