Hi all:
I'm trying to modify UserLogin.php so it sends an email to the system admin when an user gets blocked due to too many failed attempts. It is simply done by this code after line 112
Code:
if ($SysAdminEmail != ''){
$EmailText = _('User ID') . ' ' . $Name . ' ' . _('has been blocked access at') . ' ' . Date('Y-m-d H:i:s') . ' ' . _('due to too many failed attempts.');
$EmailSubject = _('User access blocked'). ' ' . $Name ;
mail($SysAdminEmail,$EmailSubject,$EmailText);
}
problem comes at $SysAdminEmail. At this stage I think we haven't read yet the config table into _SESSION (so we can't store the email address there) so, I think to store it in config.php but I can't access the variable from UserLogin.php
How should be done without compromising security?
many thanks.