function shDoAntiFloodCheck($ip)
{
$sefConfig = Sh404sefFactory::getConfig();
if (!$sefConfig->shSecActivateAntiFlood || empty($sefConfig->shSecAntiFloodPeriod) || $sefConfig->shSecAntiFloodOnlyOnPOST && empty($_POST) || empty($sefConfig->shSecAntiFloodCount) || empty($ip)) {
return;
}
// disable for requests coming from same site, including ajax calls
// coming from jomsocial
// activate if using JomSocial on your site, removing the /* and */ marks surrounding the next few lines
/*
$referrer = empty($_SERVER['HTTP_REFERER']) ? '' : $_SERVER['HTTP_REFERER'];
if (!empty($referrer) && strpos( $referrer, Sh404sefFactory::getPageInfo()->getDefaultLiveSite()) === 0) {
if (!empty($_POST['option']) && $_POST['option'] == 'community'
&& !empty( $_POST['task']) && $_POST['task'] == 'azrul_ajax') {
return;
}
}
*/
// end of Jomsocial specific code
$nextId = 1;
$cTime = time();
$count = 0;
$floodData = shReadFile(sh404SEF_ADMIN_ABS_PATH . 'security/sh404SEF_AntiFlood_Data.dat');
if (!empty($floodData)) {
// find next id
$lastRec = $floodData[count($floodData) - 1];
$lastRecId = explode(',', $lastRec);
if (!empty($lastRecId)) {
$nextId = intval($lastRecId[0]) + 1;
}
// trim flood data : remove lines older than set time limit
foreach ($floodData as $data) {
$rec = explode(', ', $data);
if (empty($rec[2]) || $cTime - intVal($rec[2]) > $sefConfig->shSecAntiFloodPeriod) {
unset($floodData[$count]);
}
$count++;
}
$floodData = array_filter($floodData);
}
// we have only requests made in the last $sefConfig->shSecAntiFloodPeriod seconds left in $floodArray
$count = 0;
if (!empty($floodData)) {
foreach ($floodData as $data) {
$rec = explode(',', $data);
if (!empty($rec[1]) && JString::trim($rec[1]) == $ip) {
$count++;
}
}
}
// log current request
$floodData[] = $nextId . ', ' . $ip . ', ' . $cTime;
// write to file;
$saveData = implode("\n", $floodData);
shSaveFile(sh404SEF_ADMIN_ABS_PATH . 'security/sh404SEF_AntiFlood_Data.dat', $saveData);
if ($count >= $sefConfig->shSecAntiFloodCount) {
shDoRestrictedAccess('Flooding', $count . ' requests in less than ' . $sefConfig->shSecAntiFloodPeriod . ' seconds (max = ' . $sefConfig->shSecAntiFloodCount . ')');
}
}
function shDoAntiFloodCheck($ip)
{
$sefConfig = shRouter::shGetConfig();
if (!$sefConfig->shSecActivateAntiFlood || empty($sefConfig->shSecAntiFloodPeriod) || $sefConfig->shSecAntiFloodOnlyOnPOST && empty($_POST) || empty($sefConfig->shSecAntiFloodCount) || empty($ip)) {
return;
}
$nextId = 1;
$cTime = time();
$count = 0;
$floodData = shReadFile(sh404SEF_ADMIN_ABS_PATH . 'security/sh404SEF_AntiFlood_Data.dat');
if (!empty($floodData)) {
// find next id
$lastRec = $floodData[count($floodData) - 1];
$lastRecId = explode(',', $lastRec);
if (!empty($lastRecId)) {
$nextId = intval($lastRecId[0]) + 1;
}
// trim flood data : remove lines older than set time limit
foreach ($floodData as $data) {
$rec = explode(', ', $data);
if (empty($rec[2]) || $cTime - intVal($rec[2]) > $sefConfig->shSecAntiFloodPeriod) {
unset($floodData[$count]);
}
$count++;
}
$floodData = array_filter($floodData);
}
// we have only requests made in the last $sefConfig->shSecAntiFloodPeriod seconds left in $floodArray
$count = 0;
if (!empty($floodData)) {
foreach ($floodData as $data) {
$rec = explode(',', $data);
if (!empty($rec[1]) && JString::trim($rec[1]) == $ip) {
$count++;
}
}
}
// log current request
$floodData[] = $nextId . ', ' . $ip . ', ' . $cTime;
// write to file;
$saveData = implode("\n", $floodData);
shSaveFile(sh404SEF_ADMIN_ABS_PATH . 'security/sh404SEF_AntiFlood_Data.dat', $saveData);
if ($count >= $sefConfig->shSecAntiFloodCount) {
shDoRestrictedAccess('Flooding', $count . ' requests in less than ' . $sefConfig->shSecAntiFloodPeriod . ' seconds (max = ' . $sefConfig->shSecAntiFloodCount . ')');
}
}
