diff options
| author | Andreas Baumann <mail@andreasbaumann.cc> | 2015-05-03 15:39:25 +0200 |
|---|---|---|
| committer | Andreas Baumann <mail@andreasbaumann.cc> | 2015-05-03 15:39:25 +0200 |
| commit | 549dffeef49ae25c89d4d1cc6c71c715edfb753f (patch) | |
| tree | 68bfe132e957afb064df50dc4a856aaf0537a0d9 | |
| parent | 9b58f57b0cd9893a44c9d4381de4c82626242e94 (diff) | |
| download | aCms-549dffeef49ae25c89d4d1cc6c71c715edfb753f.tar.gz aCms-549dffeef49ae25c89d4d1cc6c71c715edfb753f.tar.bz2 | |
some better sleeping on security critical errors
| -rw-r--r-- | src/user.cpp | 11 | ||||
| -rw-r--r-- | templates/not_found_404.tmpl | 2 |
2 files changed, 7 insertions, 6 deletions
diff --git a/src/user.cpp b/src/user.cpp index 6180c9d..942684f 100644 --- a/src/user.cpp +++ b/src/user.cpp @@ -52,6 +52,8 @@ void user::login( ) session( )["username"] = c.login.username.value( ); session( ).expose( "username" ); response( ).set_redirect_header( cms.root( ) ); + } else { + booster::ptime::sleep( booster::ptime( 5, 0 ) ); } } @@ -94,6 +96,8 @@ void user::register_user( ) } else { response( ).set_redirect_header( cms.root( ) + "/confirm_register" ); } + } else { + booster::ptime::sleep( booster::ptime( 5, 0 ) ); } } @@ -113,6 +117,8 @@ void user::confirm_register( ) booster::ptime::sleep( booster::ptime( 5, 0 ) ); c.confirm_register.code.valid( false ); } + } else { + booster::ptime::sleep( booster::ptime( 5, 0 ) ); } } @@ -301,7 +307,6 @@ login_form::login_form( apps::strusCms &cms ) bool login_form::validate( ) { if( !form::validate( ) ) { - booster::ptime::sleep( booster::ptime( 5, 0 ) ); return false; } @@ -309,7 +314,6 @@ bool login_form::validate( ) username.valid( false ); password.valid( false ); password.clear( ); - booster::ptime::sleep( booster::ptime( 5, 0 ) ); return false; } @@ -358,7 +362,6 @@ bool register_user_form::validate( ) username.valid( false ); password.valid( false ); username.error_message( "Username is taken" ); - booster::ptime::sleep( booster::ptime( 5, 0 ) ); return false; } @@ -366,14 +369,12 @@ bool register_user_form::validate( ) password.valid( false ); password2.valid( false ); password2.error_message( "Passwords didn't match" ); - booster::ptime::sleep( booster::ptime( 5, 0 ) ); return false; } if( captcha.value( ).compare( cms.user.last_captcha ) != 0 ) { captcha.valid( false ); captcha.clear( ); - booster::ptime::sleep( booster::ptime( 5, 0 ) ); return false; } diff --git a/templates/not_found_404.tmpl b/templates/not_found_404.tmpl index 4d7f4e0..01699d3 100644 --- a/templates/not_found_404.tmpl +++ b/templates/not_found_404.tmpl @@ -9,7 +9,7 @@ <% template page_content() %> <div> We are sorry to inform you that somebody run away with - your page at URL <%= url %>. + your page at URL '<%= url %>'. </div> <% end template %> |