function add_invalid_login() { global $adminer; $filename = get_adminer_temp_dir() . "/adminer.invalid"; $fp = @fopen($filename, "r+"); // @ - may not exist if (!$fp) { // c+ is available since PHP 5.2.6 $fp = @fopen($filename, "w"); // @ - may not be writable if (!$fp) { return; } } flock($fp, LOCK_EX); $invalids = unserialize(stream_get_contents($fp)); $time = time(); if ($invalids) { foreach ($invalids as $ip => $val) { if ($val[0] < $time) { unset($invalids[$ip]); } } } $invalid =& $invalids[$adminer->bruteForceKey()]; if (!$invalid) { $invalid = array($time + 30 * 60, 0); // active for 30 minutes } $invalid[1]++; $serialized = serialize($invalids); rewind($fp); fwrite($fp, $serialized); ftruncate($fp, strlen($serialized)); flock($fp, LOCK_UN); fclose($fp); }
/** Read password from file adminer.key in temporary directory or create one * @param bool * @return string or false if the file can not be created */ function password_file($create) { $filename = get_adminer_temp_dir() . "/adminer.key"; $return = @file_get_contents($filename); // @ - may not exist if ($return || !$create) { return $return; } $fp = @fopen($filename, "w"); // @ - can have insufficient rights //! is not atomic if ($fp) { $return = rand_string(); fwrite($fp, $return); fclose($fp); } return $return; }