function add_invalid_login()
{
global $adminer;
$filename = get_adminer_temp_dir() . "/adminer.invalid";
$fp = @fopen($filename, "r+");
// @ - may not exist
if (!$fp) {
// c+ is available since PHP 5.2.6
$fp = @fopen($filename, "w");
// @ - may not be writable
if (!$fp) {
return;
}
}
flock($fp, LOCK_EX);
$invalids = unserialize(stream_get_contents($fp));
$time = time();
if ($invalids) {
foreach ($invalids as $ip => $val) {
if ($val[0] < $time) {
unset($invalids[$ip]);
}
}
}
$invalid =& $invalids[$adminer->bruteForceKey()];
if (!$invalid) {
$invalid = array($time + 30 * 60, 0);
// active for 30 minutes
}
$invalid[1]++;
$serialized = serialize($invalids);
rewind($fp);
fwrite($fp, $serialized);
ftruncate($fp, strlen($serialized));
flock($fp, LOCK_UN);
fclose($fp);
}
/** Read password from file adminer.key in temporary directory or create one
* @param bool
* @return string or false if the file can not be created
*/
function password_file($create)
{
$filename = get_adminer_temp_dir() . "/adminer.key";
$return = @file_get_contents($filename);
// @ - may not exist
if ($return || !$create) {
return $return;
}
$fp = @fopen($filename, "w");
// @ - can have insufficient rights //! is not atomic
if ($fp) {
$return = rand_string();
fwrite($fp, $return);
fclose($fp);
}
return $return;
}
