'; } else { // We have a winner! $_SESSION[OCC_SESSION_VAR_NAME]['chairlast'] = time(); $_SESSION[OCC_SESSION_VAR_NAME]['chairtoken'] = generateID(); // Store latest software version number for update notification if (isset($v) && preg_match("/^\d+\.[\d\.]+$/", $v) && ($v != $OC_configAR['OC_versionLatest'])) { updateConfigSetting('OC_versionLatest', $v); } // re-route user session_write_close(); header('Location: index.php?' . strip_tags(SID)); exit; } // Weak attempt at catching multiple failed logins if ($_POST['validform'] == $vformar[1]) { $vform = $vformar[2]; } else { $vform = $vformar[3]; if ($_POST['validform'] == $vformar[3]) { $errmsg .= ' Hummm... 3 failed attempts. Let me guess - too many passwords to remember? If this were a real secure system, we would lock your account out now; instead, we will be monitoring your activities closely.

'; } } } else { $vform = $vformar[1]; } printHeader("Sign In",3); if (!empty($errmsg)) { print $errmsg; } elseif (isset($_GET['e']) && ($_GET['e'] == "exp")) { print 'Your session has timed out or you did not sign in properly. Please sign in again.

'; } print '

'; if ($OC_configAR['OC_ChairTimeout'] > 0) { print '

Note: Session times out after ' . $OC_configAR['OC_ChairTimeout'] . ' minutes of inactivity