示例#1
0
文件: logs.inc.php 项目: babae/etano
function rate_limiter(&$log)
{
    $myreturn = false;
    global $dbtable_prefix;
    $where = '';
    if (!empty($log['user_id'])) {
        $where = " AND `fk_user_id`='" . $log['user_id'] . "'";
    } else {
        $where = " AND `ip`='" . $log['ip'] . "' AND `sess`='" . $log['sess'] . "'";
    }
    $query = "SELECT `limit`,`interval`,`punishment`,`fk_lk_id_error_message` FROM `{$dbtable_prefix}rate_limiter` WHERE `level_code`='" . $log['level'] . "' AND `m_value`='" . $log['membership'] . "'";
    if (!($res = @mysql_query($query))) {
        trigger_error(mysql_error(), E_USER_ERROR);
    }
    $punish = array();
    while ($rsrow = mysql_fetch_assoc($res)) {
        $query = "SELECT count(*) FROM `{$dbtable_prefix}site_log` WHERE `level_code`='" . $log['level'] . "' AND `time`>=DATE_SUB('" . gmdate('YmdHis') . "',INTERVAL " . $rsrow['interval'] . " MINUTE) {$where}";
        if (!($res2 = @mysql_query($query))) {
            trigger_error(mysql_error(), E_USER_ERROR);
        }
        if (mysql_result($res2, 0, 0) >= $rsrow['limit']) {
            $punish[$rsrow['punishment']] = $rsrow['fk_lk_id_error_message'];
        }
    }
    if (isset($punish[_PUNISH_BANIP_])) {
        $query = "INSERT IGNORE INTO `{$dbtable_prefix}site_bans` SET `ban_type`=" . _PUNISH_BANIP_ . ",`what`='" . $log['ip'] . "',`reason`='" . $punish[_PUNISH_BANIP_] . "'";
        if (!($res = @mysql_query($query))) {
            trigger_error(mysql_error(), E_USER_ERROR);
        }
        regenerate_ban_array();
    }
    if (isset($punish[_PUNISH_BANUSER_])) {
        $query = "INSERT IGNORE INTO `{$dbtable_prefix}site_bans` SET `ban_type`=" . _PUNISH_BANUSER_ . ",`what`='" . $log['user'] . "',`reason`='" . $punish[_PUNISH_BANUSER_] . "'";
        if (!($res = @mysql_query($query))) {
            trigger_error(mysql_error(), E_USER_ERROR);
        }
        regenerate_ban_array();
    }
    if (isset($punish[_PUNISH_BANEMAIL_])) {
        $query = "INSERT IGNORE INTO `{$dbtable_prefix}site_bans` SET `ban_type`=" . _PUNISH_BANEMAIL_ . ",`what`='" . $log['email'] . "',`reason`='" . $punish[_PUNISH_BANEMAIL_] . "'";
        if (!($res = @mysql_query($query))) {
            trigger_error(mysql_error(), E_USER_ERROR);
        }
        regenerate_ban_array();
    }
    if (isset($punish[_PUNISH_ERROR_])) {
        $topass['message']['type'] = MESSAGE_ERROR;
        $topass['message']['text'] = isset($GLOBALS['_lang'][$punish[_PUNISH_ERROR_]]) ? $GLOBALS['_lang'][$punish[_PUNISH_ERROR_]] : '';
        redirect2page('info.php', $topass);
    } elseif (isset($punish[_PUNISH_UPGRADE_])) {
        $topass['message']['type'] = MESSAGE_ERROR;
        $topass['message']['text'] = isset($GLOBALS['_lang'][$punish[_PUNISH_UPGRADE_]]) ? $GLOBALS['_lang'][$punish[_PUNISH_UPGRADE_]] : '';
        redirect2page(_BASEURL_ . '/info.php?type=access', $topass, '', true);
    }
    return $myreturn;
}
示例#2
0
            }
            $input['fk_lk_id_reason'] = mysql_insert_id();
            $query = "INSERT INTO `{$dbtable_prefix}lang_strings` (`lang_value`,`fk_lk_id`,`skin`) VALUES ('" . $input['reason'] . "','" . $input['fk_lk_id_reason'] . "','{$default_skin_code}')";
            if (!($res = @mysql_query($query))) {
                trigger_error(mysql_error(), E_USER_ERROR);
            }
            $query = "INSERT INTO `{$dbtable_prefix}site_bans` SET ";
            foreach ($site_bans_default['defaults'] as $k => $v) {
                if (isset($input[$k])) {
                    $query .= "`{$k}`='" . $input[$k] . "',";
                }
            }
            $query = substr($query, 0, -1);
            if (!($res = @mysql_query($query))) {
                trigger_error(mysql_error(), E_USER_ERROR);
            }
            $topass['message']['type'] = MESSAGE_INFO;
            $topass['message']['text'] = 'Ban added.';
        }
        regenerate_langstrings_array();
        regenerate_ban_array();
    } else {
        $nextpage = 'site_bans_addedit.php';
        // 		you must re-read all textareas from $_POST like this:
        //		$input['x']=addslashes_mq($_POST['x']);
        $input = sanitize_and_format($input, TYPE_STRING, FORMAT_HTML2TEXT_FULL | FORMAT_STRIPSLASH);
        $topass['input'] = $input;
    }
}
$nextpage = _BASEURL_ . '/admin/' . $nextpage;
redirect2page($nextpage, $topass, '', true);