/** * Increase failed logins counter for specified IP address and ban it if maximum allowed login attempt limit exceeds. * This method must be called on every failed login attempt. * @param string $ip IP address * @param string $ban_reason Reason for ban, if issued */ function increaseCounter($ip, $ban_reason = '') { $ip = trim($ip); if (!empty($ip)) { if ($this->_db_query($this->_db_makeQuery(2090, $ip))) { if (!empty($this->_conf_all['ip_failed_login_limit']) && $this->_db_getList('count', 'ip =# ' . $ip, 1)) { if ($this->_db_list[0]['count'] > $this->_conf_all['ip_failed_login_limit']) { _pcpin_loadClass('ipfilter'); $ban = new PCPIN_IPFilter($this); $ban->addAddress($ip, date('Y-m-d H:i:s', time() + 3600 * $this->_conf_all['ip_failed_login_ban']), $ban_reason, 'd'); $this->clearCounter($ip); } } } } }
$xmlwriter->setHeaderStatus(0); $mask = trim($mask); $description = trim($description); $action = trim($action); // Validate expiration date if (empty($expires_never) && (!@checkdate($expires_month, $expires_day, $expires_year) || !pcpin_ctype_digit($expires_hour) || $expires_hour > 60 || $expires_hour < 0 || !pcpin_ctype_digit($expires_minute) || $expires_minute > 60 || $expires_minute < 0)) { $errortext[] = $l->g('expiration_date_invalid'); } // Check mask if ($type !== 'IPv4' && $type !== 'IPv6') { $errortext[] = $l->g('ip_address_type_invalid'); } elseif (!$ipfilter->checkIPMask($type, $mask)) { $errortext[] = $l->g('ip_mask_invalid'); } if (empty($errortext)) { if ($ipfilter->addAddress($type, $mask, empty($expires_never) ? "{$expires_year}-{$expires_month}-{$expires_day} {$expires_hour}:{$expires_minute}:00" : '', $description, $action)) { $xmlwriter->setHeaderMessage($l->g('ip_address_added')); // Ensure, that current user can access the software with new record if ($ipfilter->isBlocked(PCPIN_CLIENT_IP)) { // Not good $ipfilter->deleteAddress($ipfilter->id); $errortext[] = str_replace('[ADDRESS]', $mask, $l->g('own_ip_cant_be_banned')); } } else { $errortext[] = $l->g('error'); } } } if (!empty($errortext)) { $xmlwriter->setHeaderStatus(1); $xmlwriter->setHeaderMessage(implode("\n", $errortext));
if ($session->_db_getList('_s_id,_s_room_id,_s_ip', '_s_user_id = ' . $target_user_id, 1)) { // User is online $tgt_session_id = $session->_db_list[0]['_s_id']; $tgt_session_ip = $session->_db_list[0]['_s_ip']; if (!empty($ip_ban) && $tgt_session_ip == PCPIN_CLIENT_IP) { // Own IP address cannot be banned unset($ip_ban); } // Add new message if (empty($ip_ban)) { $msg->addMessage(10105, 'n', $current_user->id, $current_nickname, $session->_db_list[0]['_s_room_id'], 0, $target_user_id . '/' . $current_user->id . '/' . $duration . '/' . $reason, date('Y-m-d H:i:s'), 0, ''); } else { $msg->addMessage(10106, 'n', $current_user->id, $current_nickname, $session->_db_list[0]['_s_room_id'], 0, $target_user_id . '/' . $current_user->id . '/' . $duration . '/' . $reason, date('Y-m-d H:i:s'), 0, ''); } // Kick user if (!empty($tgt_session_id)) { $session->_s_updateSession($tgt_session_id, false, true, null, null, null, null, null, null, null, null, 'y'); $session->_s_cleanUp(); } if (!empty($ip_ban)) { // IP ban _pcpin_loadClass('ipfilter'); $ipfilter = new PCPIN_IPFilter($session); $ipfilter->addAddress(false === strpos($tgt_session_ip, ':') ? 'IPv4' : 'IPv6', $tgt_session_ip, !empty($duration) ? date('Y-m-d H:i:s', time() + $duration * 60) : '', $reason, 'd'); } } // Ban user $current_user->banUnban($target_user_id, 1, $duration, $reason, $current_user->id, $current_nickname); } } }