Hi,
I have updated version of SC ( 9.7.018) and created security module with LDAP authentication and everything looks fine until I try to logon. It gives me the following error:
Fatal error : Uncaught Error: Call to undefined function sc_logged_is_blocked() in /opt/NetMake/v9-php73/wwwroot/scriptcase/app …
Can anybody help?
Thanks.
In you login app, tick in the Internal Libraries the sc_logged.php file which has this function, like this:
Sorry, the image is in Portuguese, but I hope you can understand and it can help you.
Thanks! Don’t worry aboy portuguese, I speak Spanish and have many portuguese workmates.
Anyway, I haven’t got this sc_logged.php library…
Look at mines:
It’s an internal library which is created when you use the Security from Scriptcase…
<?php
function sc_logged($user, $ip = '')
{
$str_sql = "SELECT date_login, ip FROM sec_logged WHERE login = ". sc_sql_injection($user) ." AND sc_session <> ".sc_sql_injection('_SC_FAIL_SC_');
sc_select(data, $str_sql);
if({data} === FALSE || !isset($data->fields[0]))
{
$ip = ($ip == '') ? $_SERVER['REMOTE_ADDR'] : $ip;
sc_logged_in($user, $ip);
return true;
}
else
{
sc_reset_apl_conf("ap_logged");
sc_apl_status("ap_logged", 'on');
sc_redir("ap_logged", user=$user, 'modal');
return false;
}
}
function sc_verify_logged()
{
$str_sql = "SELECT count(*) FROM sec_logged WHERE login = ". sc_sql_injection([logged_user]) . " AND date_login = ". sc_sql_injection([logged_date_login]) ." AND sc_session <> ".sc_sql_injection('_SC_FAIL_SC_');
sc_lookup(rs_logged, $str_sql);
if({rs_logged[0][0]} != 1)
{
sc_redir("ap_Login","","_parent");
}
}
function sc_logged_in($user, $ip = '')
{
$ip = ($ip == '') ? $_SERVER['REMOTE_ADDR'] : $ip;
[logged_user] = $user;
[logged_date_login] = microtime(true);
$str_sql = "DELETE FROM sec_logged WHERE login = ". sc_sql_injection($user) . " AND sc_session = ".sc_sql_injection('_SC_FAIL_SC_')." AND ip = ".sc_sql_injection($ip);
sc_exec_sql($str_sql);
$str_sql = "INSERT INTO sec_logged(login, date_login, sc_session, ip) VALUES (". sc_sql_injection($user) .", ". sc_sql_injection([logged_date_login]) .", ". sc_sql_injection(session_id()) .", ". sc_sql_injection($ip) .")";
sc_exec_sql($str_sql);
}
function sc_logged_in_fail($user, $ip = '')
{
$ip = ($ip == '') ? $_SERVER['REMOTE_ADDR'] : $ip;
$user = sc_sql_injection($user);
$str_sql = "INSERT INTO sec_logged(login, date_login, sc_session, ip) VALUES (" . sc_sql_injection($user) . ", " . sc_sql_injection(microtime(true)) . ", ". sc_sql_injection('_SC_FAIL_SC_').", " . sc_sql_injection($ip) . ")";
sc_exec_sql($str_sql);
return true;
}
function sc_logged_is_blocked($ip = '')
{
$ip = ($ip == '') ? $_SERVER['REMOTE_ADDR'] : $ip;
$minutes_ago = strtotime("-". [sett_brute_force_time_block] ." minutes");
$str_select = "SELECT count(*) FROM sec_logged WHERE sc_session = ".sc_sql_injection('_SC_BLOCKED_SC_')." AND ip = ".sc_sql_injection($ip)." AND date_login > ". sc_sql_injection($minutes_ago);
sc_lookup(rs_logged, $str_select);
if({rs_logged} !== FALSE && {rs_logged[0][0]} == 1)
{
$message = {lang_user_blocked};
$message = sprintf($message, 10);
sc_error_message($message);
return true;
}
$str_select = "SELECT count(*) FROM sec_logged WHERE sc_session = ".sc_sql_injection('_SC_FAIL_SC_')." AND ip = ".sc_sql_injection($ip)." AND date_login > ". sc_sql_injection($minutes_ago);
sc_lookup(rs_logged, $str_select);
if({rs_logged} !== FALSE && {rs_logged[0][0]} == [sett_brute_force_attempts] )
{
$str_sql = "INSERT INTO sec_logged(login, date_login, sc_session, ip) VALUES (".sc_sql_injection('blocked').", ". sc_sql_injection(microtime(true)) .", ".sc_sql_injection('_SC_BLOCKED_SC_'). ", ". sc_sql_injection($ip) .")";
sc_exec_sql($str_sql);
$message = {lang_user_blocked};
$message = sprintf($message, [sett_brute_force_time_block]);
sc_error_message($message);
return true;
}
return false;
}
function sc_logged_out($user, $date_login = '')
{
$date_login = ($date_login == '' ? "" : " AND date_login = ". sc_sql_injection($date_login) ."");
$str_sql = "SELECT sc_session FROM sec_logged WHERE login = ". sc_sql_injection($user) ." ". $date_login . " AND sc_session <> ".sc_sql_injection('_SC_FAIL_SC_');
sc_lookup(data, $str_sql);
if(isset({data[0][0]}) && !empty({data[0][0]}))
{
$session_bkp = $_SESSION;
$sessionid = session_id();
session_write_close();
session_id({data[0][0]});
session_start();
$_SESSION['logged_user'] = 'logout';
session_write_close();
session_id($sessionid);
session_start();
$_SESSION = $session_bkp;
}
$str_sql = "DELETE FROM sec_logged WHERE login = ". sc_sql_injection($user) . " " . $date_login;
sc_exec_sql($str_sql);
sc_reset_global([logged_date_login], [logged_user]);
}
function sc_looged_check_logout()
{
if(isset([logged_user]) && ([logged_user] == 'logout' || empty([logged_user])))
{
sc_reset_global ([usr_login], [logged_user], [logged_date_login], [usr_email]);
}
}
?>
1 Like