/** * Increase failed logins counter for specified IP address and ban it if maximum allowed login attempt limit exceeds. * This method must be called on every failed login attempt. * @param string $ip IP address * @param string $ban_reason Reason for ban, if issued */ function increaseCounter($ip, $ban_reason = '') { $ip = trim($ip); if (!empty($ip)) { if ($this->_db_query($this->_db_makeQuery(2090, $ip))) { if (!empty($this->_conf_all['ip_failed_login_limit']) && $this->_db_getList('count', 'ip =# ' . $ip, 1)) { if ($this->_db_list[0]['count'] > $this->_conf_all['ip_failed_login_limit']) { _pcpin_loadClass('ipfilter'); $ban = new PCPIN_IPFilter($this); $ban->addAddress($ip, date('Y-m-d H:i:s', time() + 3600 * $this->_conf_all['ip_failed_login_ban']), $ban_reason, 'd'); $this->clearCounter($ip); } } } } }
* * "PCPIN Chat 6" is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program. If not, see <http://www.gnu.org/licenses/>. */ /** * Get addresses listed in IP filter table * @param int $sort_by Sort by (0: Address, 1: Action type, 2: Expiration date, 3: Description, 4: "Added on" date) * @param int $sort_dir Sort direction (0: Ascending, 1: Descending) */ _pcpin_loadClass('ipfilter'); $ipfilter = new PCPIN_IPFilter($session); $ip_addresses = array(); if (!isset($sort_by)) { $sort_by = 0; } if (!isset($sort_dir)) { $sort_dir = 0; } // Get client session if (is_object($session) && !empty($current_user->id) && $current_user->is_admin === 'y') { $xmlwriter->setHeaderMessage('OK'); $xmlwriter->setHeaderStatus(0); $addresses = $ipfilter->readAddresses($sort_by, $sort_dir); foreach ($addresses as $address_data) { $ip_addresses[] = array('id' => $address_data['id'], 'type' => $address_data['type'], 'mask' => $address_data['address'], 'added_on' => $current_user->makeDate(PCPIN_Common::datetimeToTimestamp($address_data['added_on'])), 'expires' => $address_data['expires'] > '0000-00-00 00:00:00' ? $current_user->makeDate(PCPIN_Common::datetimeToTimestamp($address_data['expires'])) : $l->g('never'), 'action' => $address_data['action'], 'description' => $address_data['description']); }
* (at your option) any later version. * * "PCPIN Chat 6" is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program. If not, see <http://www.gnu.org/licenses/>. */ /** * Delete address(es) from IP filter table * @param array $ids IDs of addresses */ _pcpin_loadClass('ipfilter'); $ipfilter = new PCPIN_IPFilter($session); if (!isset($ids) || !is_array($ids)) { $ids = array(); } $errortext = array(); if (is_object($session) && !empty($current_user->id) && $current_user->is_admin === 'y') { if (!empty($ids)) { $xmlwriter->setHeaderMessage($l->g('selected_addresses_were_deleted')); $xmlwriter->setHeaderStatus(0); foreach ($ids as $id) { if ($ipfilter->_db_getList('address', 'id = ' . $id, 1)) { // Check wether IP address can be deleted from filter without blocking current user if ($ipfilter->isBlocked(PCPIN_CLIENT_IP, $id)) { // Not good $errortext[] = str_replace('[ADDRESS]', $ipfilter->_db_list[0]['address'], $l->g('own_ip_cant_be_deleted')); } else {
*/ /** * Add new address to the IP filter table * @param string $mask IP address mask * @param int $expires_year Expiration date: year * @param int $expires_month Expiration date: month * @param int $expires_day Expiration date: day * @param int $expires_hour Expiration date: hour * @param int $expires_minute Expiration date: minute * @param int $expires_never If not empty, then IP address will never expire * @param string $description Additional information * @param string $action Filter action ("a": allow or "d": deny) * @param string $type IP address type (IPv4 or IPv6) */ _pcpin_loadClass('ipfilter'); $ipfilter = new PCPIN_IPFilter($session); if (!isset($mask)) { $mask = ''; } if (!isset($expires)) { $expires = ''; } if (!isset($description)) { $description = ''; } if (!isset($action)) { $action = 'd'; } $errortext = array(); if (is_object($session) && !empty($current_user->id) && $current_user->is_admin === 'y') { $xmlwriter->setHeaderMessage('OK');
if ($session->_db_getList('_s_id,_s_room_id,_s_ip', '_s_user_id = ' . $target_user_id, 1)) { // User is online $tgt_session_id = $session->_db_list[0]['_s_id']; $tgt_session_ip = $session->_db_list[0]['_s_ip']; if (!empty($ip_ban) && $tgt_session_ip == PCPIN_CLIENT_IP) { // Own IP address cannot be banned unset($ip_ban); } // Add new message if (empty($ip_ban)) { $msg->addMessage(10105, 'n', $current_user->id, $current_nickname, $session->_db_list[0]['_s_room_id'], 0, $target_user_id . '/' . $current_user->id . '/' . $duration . '/' . $reason, date('Y-m-d H:i:s'), 0, ''); } else { $msg->addMessage(10106, 'n', $current_user->id, $current_nickname, $session->_db_list[0]['_s_room_id'], 0, $target_user_id . '/' . $current_user->id . '/' . $duration . '/' . $reason, date('Y-m-d H:i:s'), 0, ''); } // Kick user if (!empty($tgt_session_id)) { $session->_s_updateSession($tgt_session_id, false, true, null, null, null, null, null, null, null, null, 'y'); $session->_s_cleanUp(); } if (!empty($ip_ban)) { // IP ban _pcpin_loadClass('ipfilter'); $ipfilter = new PCPIN_IPFilter($session); $ipfilter->addAddress(false === strpos($tgt_session_ip, ':') ? 'IPv4' : 'IPv6', $tgt_session_ip, !empty($duration) ? date('Y-m-d H:i:s', time() + $duration * 60) : '', $reason, 'd'); } } // Ban user $current_user->banUnban($target_user_id, 1, $duration, $reason, $current_user->id, $current_nickname); } } }
* it under the terms of the GNU General Public License as published by * the Free Software Foundation; either version 3 of the License, or * (at your option) any later version. * * "PCPIN Chat 6" is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program. If not, see <http://www.gnu.org/licenses/>. */ _pcpin_loadClass('message'); $msg = new PCPIN_Message($session); _pcpin_loadClass('ipfilter'); $ipfilter = new PCPIN_IPFilter($session); _pcpin_loadClass('failed_login'); $failed_login_class = new PCPIN_Failed_Login($session); if (!isset($login) || !is_scalar($login)) { $login = ''; } if (!isset($password) || !is_scalar($password)) { $password = ''; } if (!isset($time_zone_offset) || !is_scalar($time_zone_offset)) { $time_zone_offset = date('Z'); } if (!isset($language_id) || !is_scalar($language_id)) { $language_id = 0; } $password_ok = false;