diff --git a/htdocs/core/login/functions_dolibarr.php b/htdocs/core/login/functions_dolibarr.php index 5550584a3e7..e8c3ab38e46 100644 --- a/htdocs/core/login/functions_dolibarr.php +++ b/htdocs/core/login/functions_dolibarr.php @@ -124,8 +124,8 @@ function check_user_password_dolibarr($usertotest, $passwordtotest, $entitytotes if ($passok) { $login = $obj->login; } else { - sleep(1); // Anti brut force protection dol_syslog("functions_dolibarr::check_user_password_dolibarr Authentication KO bad password for '".$usertotest."', cryptType=".$cryptType, LOG_NOTICE); + sleep(1); // Anti brut force protection. Must be same delay when login is not valid // Load translation files required by the page $langs->loadLangs(array('main', 'errors')); @@ -153,7 +153,7 @@ function check_user_password_dolibarr($usertotest, $passwordtotest, $entitytotes } } else { dol_syslog("functions_dolibarr::check_user_password_dolibarr Authentication KO user not found for '".$usertotest."'", LOG_NOTICE); - sleep(1); + sleep(1); // Anti brut force protection. Must be same delay when password is not valid // Load translation files required by the page $langs->loadLangs(array('main', 'errors')); diff --git a/htdocs/core/login/functions_ldap.php b/htdocs/core/login/functions_ldap.php index a9e41b5a1ae..cd4ed16eae6 100644 --- a/htdocs/core/login/functions_ldap.php +++ b/htdocs/core/login/functions_ldap.php @@ -122,7 +122,7 @@ function check_user_password_ldap($usertotest, $passwordtotest, $entitytotest) print "DEBUG: User ".$usertotest." must change password
\n"; } $ldap->unbind(); - sleep(1); + sleep(1); // Anti brut force protection. Must be same delay when user and password are not valid. $langs->load('ldap'); $_SESSION["dol_loginmesg"] = $langs->transnoentitiesnoconv("YouMustChangePassNextLogon", $usertotest, $ldap->domainFQDN); return ''; @@ -245,7 +245,7 @@ function check_user_password_ldap($usertotest, $passwordtotest, $entitytotest) } if ($result == 1) { dol_syslog("functions_ldap::check_user_password_ldap Authentication KO bad user/password for '".$usertotest."'", LOG_NOTICE); - sleep(1); + sleep(1); // Anti brut force protection. Must be same delay when user and password are not valid. // Load translation files required by the page $langs->loadLangs(array('main', 'other')); @@ -267,7 +267,7 @@ function check_user_password_ldap($usertotest, $passwordtotest, $entitytotest) $ldap->ldapErrorText = ldap_error($ldap->connection); dol_syslog("functions_ldap::check_user_password_ldap ".$ldap->ldapErrorCode." ".$ldap->ldapErrorText); } - sleep(1); // Anti brut force protection + sleep(1); // Anti brut force protection. Must be same delay when user and password are not valid. // Load translation files required by the page $langs->loadLangs(array('main', 'other', 'errors'));