public function EventLoginFailure($username)
{
list($y, $m, $d) = explode('-', date('Y-m-d'));
$tt1 = new WSAL_DB_Occurrence();
$tt2 = new WSAL_DB_Meta();
$occ = WSAL_DB_Occurrence::LoadMultiQuery('
SELECT * FROM `' . $tt1->GetTable() . '`
WHERE alert_id = %d AND site_id = %d
AND (created_on BETWEEN %d AND %d)
AND id IN (
SELECT occurrence_id as id
FROM `' . $tt2->GetTable() . '`
WHERE (name = "ClientIP" AND value = %s)
OR (name = "Username" AND value = %s)
GROUP BY occurrence_id
HAVING COUNT(*) = 2
)
', array(1002, function_exists('get_current_blog_id') ? get_current_blog_id() : 0, mktime(0, 0, 0, $m, $d, $y), mktime(0, 0, 0, $m, $d + 1, $y) - 1, json_encode(isset($_SERVER['REMOTE_ADDR']) ? $_SERVER['REMOTE_ADDR'] : ''), json_encode($username)));
$occ = count($occ) ? $occ[0] : null;
if ($occ && $occ->IsLoaded()) {
// update existing record
$occ->SetMetaValue('Attempts', $occ->GetMetaValue('Attempts', 0) + 1);
$occ->created_on = current_time('timestamp');
$occ->Save();
} else {
// create a new record
$this->plugin->alerts->Trigger(1002, array('Username' => $username, 'Attempts' => 1));
}
}
public function EventLoginFailure($username)
{
list($y, $m, $d) = explode('-', date('Y-m-d'));
$ip = $this->plugin->settings->GetMainClientIP();
$tt1 = new WSAL_DB_Occurrence();
$tt2 = new WSAL_DB_Meta();
$username = $_POST["log"];
$newAlertCode = 1003;
$user = get_user_by('login', $username);
$site_id = function_exists('get_current_blog_id') ? get_current_blog_id() : 0;
if ($user) {
$newAlertCode = 1002;
$userRoles = $this->plugin->settings->GetCurrentUserRoles($user->roles);
}
if ($this->IsPastLoginFailureLimit($ip, $site_id, $user)) {
return;
}
if ($newAlertCode == 1002) {
if (!$this->plugin->alerts->CheckEnableUserRoles($username, $userRoles)) {
return;
}
$occ = WSAL_DB_Occurrence::LoadMultiQuery('
SELECT occurrence.* FROM `' . $tt1->GetTable() . '` occurrence
INNER JOIN `' . $tt2->GetTable() . '` ipMeta on ipMeta.occurrence_id = occurrence.id
and ipMeta.name = "ClientIP"
and ipMeta.value = %s
INNER JOIN `' . $tt2->GetTable() . '` usernameMeta on usernameMeta.occurrence_id = occurrence.id
and usernameMeta.name = "Username"
and usernameMeta.value = %s
WHERE occurrence.alert_id = %d AND occurrence.site_id = %d
AND (created_on BETWEEN %d AND %d)
GROUP BY occurrence.id', array(json_encode($ip), json_encode($username), 1002, $site_id, mktime(0, 0, 0, $m, $d, $y), mktime(0, 0, 0, $m, $d + 1, $y) - 1));
$occ = count($occ) ? $occ[0] : null;
if ($occ && $occ->IsLoaded()) {
// update existing record exists user
$this->IncrementLoginFailure($ip, $site_id, $user);
$new = $occ->GetMetaValue('Attempts', 0) + 1;
if ($new > $this->GetLoginFailureLogLimit()) {
$new = $this->GetLoginFailureLogLimit() . '+';
}
$occ->SetMetaValue('Attempts', $new);
$occ->SetMetaValue('Username', $username);
//$occ->SetMetaValue('CurrentUserRoles', $userRoles);
$occ->created_on = null;
$occ->Save();
} else {
// create a new record exists user
$this->plugin->alerts->Trigger($newAlertCode, array('Attempts' => 1, 'Username' => $username, 'CurrentUserRoles' => $userRoles));
}
} else {
$occUnknown = WSAL_DB_Occurrence::LoadMultiQuery('
SELECT occurrence.* FROM `' . $tt1->GetTable() . '` occurrence
INNER JOIN `' . $tt2->GetTable() . '` ipMeta on ipMeta.occurrence_id = occurrence.id
and ipMeta.name = "ClientIP" and ipMeta.value = %s
WHERE occurrence.alert_id = %d AND occurrence.site_id = %d
AND (created_on BETWEEN %d AND %d)
GROUP BY occurrence.id', array(json_encode($ip), 1003, $site_id, mktime(0, 0, 0, $m, $d, $y), mktime(0, 0, 0, $m, $d + 1, $y) - 1));
$occUnknown = count($occUnknown) ? $occUnknown[0] : null;
if ($occUnknown && $occUnknown->IsLoaded()) {
// update existing record not exists user
$this->IncrementLoginFailure($ip, $site_id, false);
$new = $occUnknown->GetMetaValue('Attempts', 0) + 1;
if ($new > $this->GetLoginFailureLogLimit()) {
$new = $this->GetLoginFailureLogLimit() . '+';
}
$occUnknown->SetMetaValue('Attempts', $new);
$occUnknown->created_on = null;
$occUnknown->Save();
} else {
// create a new record not exists user
$this->plugin->alerts->Trigger($newAlertCode, array('Attempts' => 1));
}
}
}