public function EventLoginFailure($username)
{
list($y, $m, $d) = explode('-', date('Y-m-d'));
$tt1 = new WSAL_DB_Occurrence();
$tt2 = new WSAL_DB_Meta();
$occ = WSAL_DB_Occurrence::LoadMultiQuery('
SELECT * FROM `' . $tt1->GetTable() . '`
WHERE alert_id = %d AND site_id = %d
AND (created_on BETWEEN %d AND %d)
AND id IN (
SELECT occurrence_id as id
FROM `' . $tt2->GetTable() . '`
WHERE (name = "ClientIP" AND value = %s)
OR (name = "Username" AND value = %s)
GROUP BY occurrence_id
HAVING COUNT(*) = 2
)
', array(1002, function_exists('get_current_blog_id') ? get_current_blog_id() : 0, mktime(0, 0, 0, $m, $d, $y), mktime(0, 0, 0, $m, $d + 1, $y) - 1, json_encode(isset($_SERVER['REMOTE_ADDR']) ? $_SERVER['REMOTE_ADDR'] : ''), json_encode($username)));
$occ = count($occ) ? $occ[0] : null;
if ($occ && $occ->IsLoaded()) {
// update existing record
$occ->SetMetaValue('Attempts', $occ->GetMetaValue('Attempts', 0) + 1);
$occ->created_on = current_time('timestamp');
$occ->Save();
} else {
// create a new record
$this->plugin->alerts->Trigger(1002, array('Username' => $username, 'Attempts' => 1));
}
}
/**
* Returns the first meta value from a given set of names. Useful when you have a mix of items that could provide a particular detail.
* @param array $names List of meta names.
* @return WSAL_DB_Meta The first meta item that exists.
*/
public function GetFirstNamedMeta($names)
{
$meta = new WSAL_DB_Meta();
$query = '(' . str_repeat('name = %s OR ', count($names)) . '0)';
$query = 'occurrence_id = %d AND ' . $query . ' ORDER BY name DESC LIMIT 1';
array_unshift($names, $this->id);
// prepend args with occurrence id
$meta->Load($query, $names);
return $meta->IsLoaded() ? $meta : null;
}
public function Delete()
{
global $wpdb;
// get relevant occurrence ids
$occids = $wpdb->get_col($this->GetSql('select'));
if (count($occids)) {
// delete meta data: back up columns, remove them for DELETE and generate sql
$cols = $this->columns;
$this->columns = array('occurrence_id');
$tmp = new WSAL_DB_Meta();
$sql = 'DELETE FROM ' . $tmp->GetTable() . ' WHERE occurrence_id IN (' . implode(',', $occids) . ')';
// restore columns
$this->columns = $cols;
// execute query
call_user_func(array($this->ar_cls, 'DeleteQuery'), $sql, $this->GetArgs());
}
// delete occurrences
parent::Delete();
}
public function EventLoginFailure($username)
{
list($y, $m, $d) = explode('-', date('Y-m-d'));
$ip = $this->plugin->settings->GetMainClientIP();
$tt1 = new WSAL_DB_Occurrence();
$tt2 = new WSAL_DB_Meta();
$username = $_POST["log"];
$newAlertCode = 1003;
$user = get_user_by('login', $username);
$site_id = function_exists('get_current_blog_id') ? get_current_blog_id() : 0;
if ($user) {
$newAlertCode = 1002;
$userRoles = $this->plugin->settings->GetCurrentUserRoles($user->roles);
}
if ($this->IsPastLoginFailureLimit($ip, $site_id, $user)) {
return;
}
if ($newAlertCode == 1002) {
if (!$this->plugin->alerts->CheckEnableUserRoles($username, $userRoles)) {
return;
}
$occ = WSAL_DB_Occurrence::LoadMultiQuery('
SELECT occurrence.* FROM `' . $tt1->GetTable() . '` occurrence
INNER JOIN `' . $tt2->GetTable() . '` ipMeta on ipMeta.occurrence_id = occurrence.id
and ipMeta.name = "ClientIP"
and ipMeta.value = %s
INNER JOIN `' . $tt2->GetTable() . '` usernameMeta on usernameMeta.occurrence_id = occurrence.id
and usernameMeta.name = "Username"
and usernameMeta.value = %s
WHERE occurrence.alert_id = %d AND occurrence.site_id = %d
AND (created_on BETWEEN %d AND %d)
GROUP BY occurrence.id', array(json_encode($ip), json_encode($username), 1002, $site_id, mktime(0, 0, 0, $m, $d, $y), mktime(0, 0, 0, $m, $d + 1, $y) - 1));
$occ = count($occ) ? $occ[0] : null;
if ($occ && $occ->IsLoaded()) {
// update existing record exists user
$this->IncrementLoginFailure($ip, $site_id, $user);
$new = $occ->GetMetaValue('Attempts', 0) + 1;
if ($new > $this->GetLoginFailureLogLimit()) {
$new = $this->GetLoginFailureLogLimit() . '+';
}
$occ->SetMetaValue('Attempts', $new);
$occ->SetMetaValue('Username', $username);
//$occ->SetMetaValue('CurrentUserRoles', $userRoles);
$occ->created_on = null;
$occ->Save();
} else {
// create a new record exists user
$this->plugin->alerts->Trigger($newAlertCode, array('Attempts' => 1, 'Username' => $username, 'CurrentUserRoles' => $userRoles));
}
} else {
$occUnknown = WSAL_DB_Occurrence::LoadMultiQuery('
SELECT occurrence.* FROM `' . $tt1->GetTable() . '` occurrence
INNER JOIN `' . $tt2->GetTable() . '` ipMeta on ipMeta.occurrence_id = occurrence.id
and ipMeta.name = "ClientIP" and ipMeta.value = %s
WHERE occurrence.alert_id = %d AND occurrence.site_id = %d
AND (created_on BETWEEN %d AND %d)
GROUP BY occurrence.id', array(json_encode($ip), 1003, $site_id, mktime(0, 0, 0, $m, $d, $y), mktime(0, 0, 0, $m, $d + 1, $y) - 1));
$occUnknown = count($occUnknown) ? $occUnknown[0] : null;
if ($occUnknown && $occUnknown->IsLoaded()) {
// update existing record not exists user
$this->IncrementLoginFailure($ip, $site_id, false);
$new = $occUnknown->GetMetaValue('Attempts', 0) + 1;
if ($new > $this->GetLoginFailureLogLimit()) {
$new = $this->GetLoginFailureLogLimit() . '+';
}
$occUnknown->SetMetaValue('Attempts', $new);
$occUnknown->created_on = null;
$occUnknown->Save();
} else {
// create a new record not exists user
$this->plugin->alerts->Trigger($newAlertCode, array('Attempts' => 1));
}
}
}
