mediarom db - Имя бд binakon_Oc логин binakon пароль k0*%khSv^rqMXpEu mediarom admin - binakon BK/h/Dv^5rabTMPUU)v(DQZD8aN 1. system/storage/vendor/twig/twig/src/Loader/FilesystemLoader.php replace $checkPath = $this->isAbsolutePath($path) ? $path : $this->rootPath.$path; with $checkPath = $this->rootPath.$path; ---------------------------------------------------------------------------- 2. https://forum.opencart.com/viewtopic.php?t=218405 It is under system->settings->option-Max Login Attempts But it seems to only be for customers, not users. If you want it to also apply to admin users you will have to do the following: add a table (watch the prefix) CREATE TABLE IF NOT EXISTS `oc_user_login` ( `user_login_id` int(11) NOT NULL AUTO_INCREMENT, `username` varchar(96) NOT NULL, `ip` varchar(40) NOT NULL, `total` int(4) NOT NULL, `date_added` datetime NOT NULL, `date_modified` datetime NOT NULL, PRIMARY KEY (`user_login_id`) ) ENGINE=InnoDB AUTO_INCREMENT=2 DEFAULT CHARSET=utf8; in admin/model/user/user.php add these functions public function addLoginAttempt($username) { $query = $this->db->query("SELECT * FROM " . DB_PREFIX . "user_login WHERE username = '" . $this->db->escape(utf8_strtolower((string)$username)) . "' AND ip = '" . $this->db->escape($this->request->server['REMOTE_ADDR']) . "'"); if (!$query->num_rows) { $this->db->query("INSERT INTO " . DB_PREFIX . "user_login SET username = '" . $this->db->escape(utf8_strtolower((string)$username)) . "', ip = '" . $this->db->escape($this->request->server['REMOTE_ADDR']) . "', total = 1, date_added = '" . $this->db->escape(date('Y-m-d H:i:s')) . "', date_modified = '" . $this->db->escape(date('Y-m-d H:i:s')) . "'"); } else { $this->db->query("UPDATE " . DB_PREFIX . "user_login SET total = (total + 1), date_modified = '" . $this->db->escape(date('Y-m-d H:i:s')) . "' WHERE user_login_id = '" . (int)$query->row['user_login_id'] . "'"); } } public function getLoginAttempts($username) { $query = $this->db->query("SELECT * FROM `" . DB_PREFIX . "user_login` WHERE username = '" . $this->db->escape(utf8_strtolower($username)) . "'"); return $query->row; } public function deleteLoginAttempts($username) { $this->db->query("DELETE FROM `" . DB_PREFIX . "user_login` WHERE username = '" . $this->db->escape(utf8_strtolower($username)) . "'"); } in admin/controller/common/login.php after: $this->document->setTitle($this->language->get('heading_title')); add $this->load->model('user/user'); replace function validate with: protected function validate() { // Check how many login attempts have been made. $login_info = $this->model_user_user->getLoginAttempts($this->request->post['username']); if ($login_info && ($login_info['total'] >= $this->config->get('config_login_attempts')) && strtotime('-1 hour') < strtotime($login_info['date_modified'])) { $this->error['warning'] = $this->language->get('error_attempts'); } if (!$this->error) { if (!isset($this->request->post['username']) || !isset($this->request->post['password']) || !$this->user->login($this->request->post['username'], html_entity_decode($this->request->post['password'], ENT_QUOTES, 'UTF-8'))) { $this->error['warning'] = $this->language->get('error_login'); $this->model_user_user->addLoginAttempt($this->request->post['username']); } else { $this->model_user_user->deleteLoginAttempts($this->request->post['username']); } } return !$this->error; } in admin/language/[LANGUAGE]/common/login.php add: $_['error_attempts'] = 'Your account has exceeded allowed number of Sign in attempts. Please try again in 1 hour.'; that is it. ----------------------------------------------------------------------------