From 910b45f82f0bb5b1f32e429d9f36a26a27660d92 Mon Sep 17 00:00:00 2001 From: piaip Date: Tue, 26 Feb 2008 15:41:20 +0000 Subject: - give_money: reduce the chance to require password authentication git-svn-id: http://opensvn.csie.org/pttbbs/trunk/pttbbs@3952 63ad8ddf-47c3-0310-b6dd-a9e9d9715204 --- mbbsd/cal.c | 23 +++++++++++++++++++---- 1 file changed, 19 insertions(+), 4 deletions(-) diff --git a/mbbsd/cal.c b/mbbsd/cal.c index 74dcaf4d..1f6f9d9d 100644 --- a/mbbsd/cal.c +++ b/mbbsd/cal.c @@ -423,7 +423,8 @@ give_money_ui(const char *userid) int uid; char id[IDLEN + 1], money_buf[20]; char passbuf[PASSLEN]; - int m = 0, tries = 3; + int m = 0, tries = 3, skipauth = 0; + static time4_t lastauth = 0; // TODO prevent macros, we should check something here, // like user pw/id/... @@ -456,15 +457,29 @@ give_money_ui(const char *userid) prints("交易內容: %s 將給予 %s : %d 元 (要再扣稅金 %d 元)\n", cuser.userid, id, m, give_tax(m)); - outs(ANSI_COLOR(1;31) "為了避免誤按或是惡意詐騙," - "在完成交易前要重新確認您的身份。" ANSI_RESET); - while (tries-- > 0) + if (now - lastauth >= 15*60) // valid through 15 minutes + { + outs(ANSI_COLOR(1;31) "為了避免誤按或是惡意詐騙," + "在完成交易前要重新確認您的身份。" ANSI_RESET); + } else { + outs("你的認證尚未過期,可暫時跳過密碼認證程序。\n"); + // auth is valid. + if (getans("確定進行交易嗎? (y/N): ") == 'y') + skipauth = 1; + else + tries = -1; + } + + while (!skipauth && tries-- > 0) { getdata(6, 0, MSG_PASSWD, passbuf, sizeof(passbuf), NOECHO); passbuf[8] = '\0'; if (checkpasswd(cuser.passwd, passbuf)) + { + lastauth = now; break; + } if (tries > 0) vmsgf("密碼錯誤,還有 %d 次機會。", tries); } -- cgit v1.2.3