Disable user account after three unsuccessful login attempts

[enrikm]

Good afternoon all, I am looking for a way to disable a user account after he or she has attempted three unsuccessful login attempts. Is there an easier way to do this other than changing the code? If not then what part of the code should I look at? Thanks for your time.

[pblag]

Hi enrikm!

you have to update the file

modules/Users/Authenticate.php

Also you have to add new custom field to the user module and save there value of how many times user was no logged in.

Hope it will help you!

// example of code


$authController->login($_REQUEST['user_name'], $_REQUEST['user_password']);
if(isset($_SESSION['authenticated_user_id'])) {



$module = !empty($_REQUEST['login_module']) ? '?module='.$_REQUEST['login_module'] : '?module=Home';
$action = !empty($_REQUEST['login_action']) ? '&action='.$_REQUEST['login_action'] : '&action=index';
$record = !empty($_REQUEST['login_record']) ? '&record='.$_REQUEST['login_record'] : '';

global $current_user;
//C.L. Added $hasHistory check to respect the login_XXX settings if they are set
$hasHistory = (!empty($_REQUEST['login_module']) || !empty($_REQUEST['login_action']) || !empty($_REQUEST['login_record']));
if(isset($current_user) && !$hasHistory){
$modListHeader = query_module_access_list($current_user);
//try to get the user's tabs
$tempList = $modListHeader;
$idx = array_shift($tempList);
if(!empty($modListHeader[$idx])){
$module = '?module='.$modListHeader[$idx];
$action = '&action=index';
$record = '';
}
}
} else {

//New code

//End of new Code


$module ="";
$action="";
$record="";
}
sugar_cleanup();
header('Location: index.php'.$module.$action.$record);?>

[enrikm]

Thanks for the reply! Will try to do some coding and hopefully it works.