예제 #1
0
    public function EventLoginFailure($username)
    {
        list($y, $m, $d) = explode('-', date('Y-m-d'));
        $tt1 = new WSAL_DB_Occurrence();
        $tt2 = new WSAL_DB_Meta();
        $occ = WSAL_DB_Occurrence::LoadMultiQuery('
			SELECT * FROM `' . $tt1->GetTable() . '`
			WHERE alert_id = %d AND site_id = %d
				AND (created_on BETWEEN %d AND %d)
				AND id IN (
					SELECT occurrence_id as id
					FROM `' . $tt2->GetTable() . '`
					WHERE (name = "ClientIP" AND value = %s)
					   OR (name = "Username" AND value = %s)
					GROUP BY occurrence_id
					HAVING COUNT(*) = 2
				)
		', array(1002, function_exists('get_current_blog_id') ? get_current_blog_id() : 0, mktime(0, 0, 0, $m, $d, $y), mktime(0, 0, 0, $m, $d + 1, $y) - 1, json_encode(isset($_SERVER['REMOTE_ADDR']) ? $_SERVER['REMOTE_ADDR'] : ''), json_encode($username)));
        $occ = count($occ) ? $occ[0] : null;
        if ($occ && $occ->IsLoaded()) {
            // update existing record
            $occ->SetMetaValue('Attempts', $occ->GetMetaValue('Attempts', 0) + 1);
            $occ->created_on = current_time('timestamp');
            $occ->Save();
        } else {
            // create a new record
            $this->plugin->alerts->Trigger(1002, array('Username' => $username, 'Attempts' => 1));
        }
    }
 public function Delete()
 {
     global $wpdb;
     // get relevant occurrence ids
     $occids = $wpdb->get_col($this->GetSql('select'));
     if (count($occids)) {
         // delete meta data: back up columns, remove them for DELETE and generate sql
         $cols = $this->columns;
         $this->columns = array('occurrence_id');
         $tmp = new WSAL_DB_Meta();
         $sql = 'DELETE FROM ' . $tmp->GetTable() . ' WHERE occurrence_id IN (' . implode(',', $occids) . ')';
         // restore columns
         $this->columns = $cols;
         // execute query
         call_user_func(array($this->ar_cls, 'DeleteQuery'), $sql, $this->GetArgs());
     }
     // delete occurrences
     parent::Delete();
 }
예제 #3
0
    public function EventLoginFailure($username)
    {
        list($y, $m, $d) = explode('-', date('Y-m-d'));
        $ip = $this->plugin->settings->GetMainClientIP();
        $tt1 = new WSAL_DB_Occurrence();
        $tt2 = new WSAL_DB_Meta();
        $username = $_POST["log"];
        $newAlertCode = 1003;
        $user = get_user_by('login', $username);
        $site_id = function_exists('get_current_blog_id') ? get_current_blog_id() : 0;
        if ($user) {
            $newAlertCode = 1002;
            $userRoles = $this->plugin->settings->GetCurrentUserRoles($user->roles);
        }
        if ($this->IsPastLoginFailureLimit($ip, $site_id, $user)) {
            return;
        }
        if ($newAlertCode == 1002) {
            if (!$this->plugin->alerts->CheckEnableUserRoles($username, $userRoles)) {
                return;
            }
            $occ = WSAL_DB_Occurrence::LoadMultiQuery('
				SELECT occurrence.* FROM `' . $tt1->GetTable() . '` occurrence 
				INNER JOIN `' . $tt2->GetTable() . '` ipMeta on ipMeta.occurrence_id = occurrence.id
				and ipMeta.name = "ClientIP"
				and ipMeta.value = %s
				INNER JOIN `' . $tt2->GetTable() . '` usernameMeta on usernameMeta.occurrence_id = occurrence.id
				and usernameMeta.name = "Username"
				and usernameMeta.value = %s
				WHERE occurrence.alert_id = %d AND occurrence.site_id = %d
				AND (created_on BETWEEN %d AND %d)
				GROUP BY occurrence.id', array(json_encode($ip), json_encode($username), 1002, $site_id, mktime(0, 0, 0, $m, $d, $y), mktime(0, 0, 0, $m, $d + 1, $y) - 1));
            $occ = count($occ) ? $occ[0] : null;
            if ($occ && $occ->IsLoaded()) {
                // update existing record exists user
                $this->IncrementLoginFailure($ip, $site_id, $user);
                $new = $occ->GetMetaValue('Attempts', 0) + 1;
                if ($new > $this->GetLoginFailureLogLimit()) {
                    $new = $this->GetLoginFailureLogLimit() . '+';
                }
                $occ->SetMetaValue('Attempts', $new);
                $occ->SetMetaValue('Username', $username);
                //$occ->SetMetaValue('CurrentUserRoles', $userRoles);
                $occ->created_on = null;
                $occ->Save();
            } else {
                // create a new record exists user
                $this->plugin->alerts->Trigger($newAlertCode, array('Attempts' => 1, 'Username' => $username, 'CurrentUserRoles' => $userRoles));
            }
        } else {
            $occUnknown = WSAL_DB_Occurrence::LoadMultiQuery('
				SELECT occurrence.* FROM `' . $tt1->GetTable() . '` occurrence 
				INNER JOIN `' . $tt2->GetTable() . '` ipMeta on ipMeta.occurrence_id = occurrence.id 
				and ipMeta.name = "ClientIP" and ipMeta.value = %s 
				WHERE occurrence.alert_id = %d AND occurrence.site_id = %d
				AND (created_on BETWEEN %d AND %d)
				GROUP BY occurrence.id', array(json_encode($ip), 1003, $site_id, mktime(0, 0, 0, $m, $d, $y), mktime(0, 0, 0, $m, $d + 1, $y) - 1));
            $occUnknown = count($occUnknown) ? $occUnknown[0] : null;
            if ($occUnknown && $occUnknown->IsLoaded()) {
                // update existing record not exists user
                $this->IncrementLoginFailure($ip, $site_id, false);
                $new = $occUnknown->GetMetaValue('Attempts', 0) + 1;
                if ($new > $this->GetLoginFailureLogLimit()) {
                    $new = $this->GetLoginFailureLogLimit() . '+';
                }
                $occUnknown->SetMetaValue('Attempts', $new);
                $occUnknown->created_on = null;
                $occUnknown->Save();
            } else {
                // create a new record not exists user
                $this->plugin->alerts->Trigger($newAlertCode, array('Attempts' => 1));
            }
        }
    }