Beispiel #1
0
function BotCheck($returnReason = false)
{
    if (PHP_SAPI == 'cli' || !isset($_SERVER['REMOTE_ADDR'])) {
        return false;
    }
    $checked = $_SERVER['REMOTE_ADDR'];
    $reason = '';
    $banned = IPIsBanned($checked, $reason);
    if (isset($_SERVER['HTTP_X_FORWARDED_FOR'])) {
        $filterOpts = array('default' => false, 'flags' => FILTER_FLAG_NO_PRIV_RANGE | FILTER_FLAG_NO_RES_RANGE);
        $otherIPs = explode(',', $_SERVER['HTTP_X_FORWARDED_FOR'], 6);
        if (count($otherIPs) == 6) {
            array_pop($otherIPs);
        }
        while (count($otherIPs) && !$banned) {
            if ($otherIP = filter_var(trim(array_shift($otherIPs)), FILTER_VALIDATE_IP, $filterOpts)) {
                $banned |= IPIsBanned($checked = $otherIP, $reason);
            }
        }
    }
    if ($returnReason) {
        return ['isbanned' => $banned, 'ip' => $banned ? $checked : '', 'reason' => $banned ? $reason : ''];
    }
    if ($banned) {
        header('HTTP/1.1 403 Forbidden');
        exit;
    }
    $c = UserThrottleCount();
    if ($c > THROTTLE_MAXHITS * 2) {
        BanIP();
    } else {
        if ($c > THROTTLE_MAXHITS) {
            header('Expires: 0');
            json_return(array('captcha' => CaptchaDetails()));
        }
    }
}
Beispiel #2
0
<?php

require_once '../../incl/incl.php';
require_once '../../incl/memcache.incl.php';
require_once '../../incl/api.incl.php';
if (isset($_GET['throttletest'])) {
    $k = 'throttle_%s_' . $_SERVER['REMOTE_ADDR'];
    $kTime = sprintf($k, 'time');
    $kCount = sprintf($k, 'count');
    $memcache->set($kTime, time(), false, THROTTLE_PERIOD);
    $memcache->set($kCount, THROTTLE_MAXHITS + 1, false, THROTTLE_PERIOD * 2);
}
if (!isset($_GET['answer'])) {
    json_return(false);
}
$cacheKey = 'captcha_' . $_SERVER['REMOTE_ADDR'];
if (($details = MCGet($cacheKey)) === false) {
    json_return(array());
}
$memcache->delete($cacheKey);
if ($_GET['answer'] == $details['answer']) {
    UserThrottleCount(true);
    json_return(array());
}
BotCheck();
json_return(array());