4 * login_counter_ip_tracker.php
7 * @link https://www.open-emr.org
8 * @author Brady Miller <brady.g.miller@gmail.com>
9 * @copyright Copyright (c) 2023 Brady Miller <brady.g.miller@gmail.com>
10 * @license https://github.com/openemr/openemr/blob/master/LICENSE GNU General Public License 3
13 use OpenEMR\Common\Acl\AclMain
;
14 use OpenEMR\Common\Auth\AuthUtils
;
15 use OpenEMR\Common\Csrf\CsrfUtils
;
17 require_once(__DIR__
. "/../../interface/globals.php");
19 if (!CsrfUtils
::verifyCsrfToken($_POST["csrf_token_form"], 'counter')) {
20 CsrfUtils
::csrfNotVerified(false);
23 if (empty($_POST['function'])) {
27 if ($_POST['function'] == 'resetUsernameCounter') {
28 if (!AclMain
::aclCheckCore('admin', 'users')) {
29 error_log("Failed ACL access to login_counter_ip_tracker.php script for resetUsernameCounter function");
33 if (empty($_POST['username'])) {
36 AuthUtils
::resetLoginFailedCounter($_POST['username']);
41 // all function below require admin super access
42 if (!AclMain
::aclCheckCore('admin', 'super')) {
43 error_log("Failed ACL access to login_counter_ip_tracker.php script for " . errorLogEscape($_POST['function']) . " function");
47 if ($_POST['function'] == 'disableIp') {
48 if (empty((int)$_POST['ipId'])) {
51 AuthUtils
::disableIp((int)$_POST['ipId']);
55 if ($_POST['function'] == 'enableIp') {
56 if (empty((int)$_POST['ipId'])) {
59 AuthUtils
::enableIp((int)$_POST['ipId']);
63 if ($_POST['function'] == 'skipTiming') {
64 if (empty((int)$_POST['ipId'])) {
67 AuthUtils
::skipTimingIp((int)$_POST['ipId']);
71 if ($_POST['function'] == 'noSkipTiming') {
72 if (empty((int)$_POST['ipId'])) {
75 AuthUtils
::noSkipTimingIp((int)$_POST['ipId']);
79 if ($_POST['function'] == 'resetIpCounter') {
80 if (empty((int)$_POST['ipId'])) {
83 AuthUtils
::resetIpCounter((int)$_POST['ipId']);