/**
* Increase failed logins counter for specified IP address and ban it if maximum allowed login attempt limit exceeds.
* This method must be called on every failed login attempt.
* @param string $ip IP address
* @param string $ban_reason Reason for ban, if issued
*/
function increaseCounter($ip, $ban_reason = '')
{
$ip = trim($ip);
if (!empty($ip)) {
if ($this->_db_query($this->_db_makeQuery(2090, $ip))) {
if (!empty($this->_conf_all['ip_failed_login_limit']) && $this->_db_getList('count', 'ip =# ' . $ip, 1)) {
if ($this->_db_list[0]['count'] > $this->_conf_all['ip_failed_login_limit']) {
_pcpin_loadClass('ipfilter');
$ban = new PCPIN_IPFilter($this);
$ban->addAddress($ip, date('Y-m-d H:i:s', time() + 3600 * $this->_conf_all['ip_failed_login_ban']), $ban_reason, 'd');
$this->clearCounter($ip);
}
}
}
}
}
$xmlwriter->setHeaderStatus(0);
$mask = trim($mask);
$description = trim($description);
$action = trim($action);
// Validate expiration date
if (empty($expires_never) && (!@checkdate($expires_month, $expires_day, $expires_year) || !pcpin_ctype_digit($expires_hour) || $expires_hour > 60 || $expires_hour < 0 || !pcpin_ctype_digit($expires_minute) || $expires_minute > 60 || $expires_minute < 0)) {
$errortext[] = $l->g('expiration_date_invalid');
}
// Check mask
if ($type !== 'IPv4' && $type !== 'IPv6') {
$errortext[] = $l->g('ip_address_type_invalid');
} elseif (!$ipfilter->checkIPMask($type, $mask)) {
$errortext[] = $l->g('ip_mask_invalid');
}
if (empty($errortext)) {
if ($ipfilter->addAddress($type, $mask, empty($expires_never) ? "{$expires_year}-{$expires_month}-{$expires_day} {$expires_hour}:{$expires_minute}:00" : '', $description, $action)) {
$xmlwriter->setHeaderMessage($l->g('ip_address_added'));
// Ensure, that current user can access the software with new record
if ($ipfilter->isBlocked(PCPIN_CLIENT_IP)) {
// Not good
$ipfilter->deleteAddress($ipfilter->id);
$errortext[] = str_replace('[ADDRESS]', $mask, $l->g('own_ip_cant_be_banned'));
}
} else {
$errortext[] = $l->g('error');
}
}
}
if (!empty($errortext)) {
$xmlwriter->setHeaderStatus(1);
$xmlwriter->setHeaderMessage(implode("\n", $errortext));
if ($session->_db_getList('_s_id,_s_room_id,_s_ip', '_s_user_id = ' . $target_user_id, 1)) {
// User is online
$tgt_session_id = $session->_db_list[0]['_s_id'];
$tgt_session_ip = $session->_db_list[0]['_s_ip'];
if (!empty($ip_ban) && $tgt_session_ip == PCPIN_CLIENT_IP) {
// Own IP address cannot be banned
unset($ip_ban);
}
// Add new message
if (empty($ip_ban)) {
$msg->addMessage(10105, 'n', $current_user->id, $current_nickname, $session->_db_list[0]['_s_room_id'], 0, $target_user_id . '/' . $current_user->id . '/' . $duration . '/' . $reason, date('Y-m-d H:i:s'), 0, '');
} else {
$msg->addMessage(10106, 'n', $current_user->id, $current_nickname, $session->_db_list[0]['_s_room_id'], 0, $target_user_id . '/' . $current_user->id . '/' . $duration . '/' . $reason, date('Y-m-d H:i:s'), 0, '');
}
// Kick user
if (!empty($tgt_session_id)) {
$session->_s_updateSession($tgt_session_id, false, true, null, null, null, null, null, null, null, null, 'y');
$session->_s_cleanUp();
}
if (!empty($ip_ban)) {
// IP ban
_pcpin_loadClass('ipfilter');
$ipfilter = new PCPIN_IPFilter($session);
$ipfilter->addAddress(false === strpos($tgt_session_ip, ':') ? 'IPv4' : 'IPv6', $tgt_session_ip, !empty($duration) ? date('Y-m-d H:i:s', time() + $duration * 60) : '', $reason, 'd');
}
}
// Ban user
$current_user->banUnban($target_user_id, 1, $duration, $reason, $current_user->id, $current_nickname);
}
}
}
