public function checkBan() { // Max tries of 0 before ban means no ban check at all if ($this->tries == 0) { return false; } // TTL of zero for log entries means not ban check too if ($this->ttl_banlog_entry == 0) { return false; } // Without TTL for bans no bancheck needed if ($this->ttl_ban == 0) { return false; } // Further checks do need a set IP address if (empty($this->ip)) { $this->ip = $_SERVER['REMOTE_ADDR']; } // No ban if count current tries lies below set max treis if ($this->countBanLogEntries() < $this->tries) { return false; } // Do we have an active ban with TTL? if ($this->getBanActiveTimestamp() + $this->ttl_ban > time()) { if (isset($this->logger)) { $this->logger->notice('Access of a banned IP [' . $this->ip . ']'); } return true; } // Falling through here means to ban the current ip $banlog = new BanLogEntry($this->db); $banlog->setText('User got banned because of too many tries.'); $banlog->setCode(0); if (isset($this->logger)) { $banlog->setLogger($this->logger); } $banlog->add(); return true; }
/** * Logs login process * * @param boolean $error_username * Flag to signal that there was a problem with the username * @param boolean $error_password * Flag to signal that there was a problem with the password * @param boolean $ban * Flag to signal that this is a banable action */ private function logLogin(bool $error_username = false, bool $error_password = false, bool $ban = true) { $text = sprintf('Login for user "%s"', $this->username); $state = 0; if ($error_username || $error_password) { $text .= ' failed because of wrong '; if ($error_username) { $state += 1; $text .= 'username'; } if ($error_password) { $state += 2; $text .= 'password'; } // Start ban process only when requested and only when state indicates a login error from user credentials if ($this->ban && $ban) { $banlog = new BanLogEntry($this->db); $banlog->setText($text); $banlog->setCode($state); $banlog->add(); } if (isset($this->logger)) { $this->logger->warning($text, [$state]); } return; } // Still here? Log success! if (isset($this->logger)) { $this->logger->info($text . ' success'); } }