|
|
@@ -18,6 +18,13 @@ class blacklist {
|
|
|
private static function getFullUrl() { $protocol = (!empty($_SERVER['HTTPS']) && $_SERVER['HTTPS'] !== 'off') ? 'https://' : 'http://';
|
|
|
return $protocol . $_SERVER['SERVER_NAME'] . $_SERVER['REQUEST_URI'];
|
|
|
}
|
|
|
+
|
|
|
+ private static function isBlacklistExtention() {
|
|
|
+ $uri = $_SERVER['REQUEST_URI'];
|
|
|
+ $blackListExtention = ['php'];
|
|
|
+ $extension = pathinfo(parse_url($uri, PHP_URL_PATH), PATHINFO_EXTENSION);
|
|
|
+ return in_array(strtolower($extension), $blackListExtention);
|
|
|
+ }
|
|
|
|
|
|
private static function readBalcklist(){ // Charger les tentatives existantes
|
|
|
$attempts = [];
|
|
|
@@ -45,36 +52,38 @@ class blacklist {
|
|
|
}
|
|
|
|
|
|
private static function check(){ // Compter les tentatives récentes
|
|
|
- $now = time();
|
|
|
- $time_window = self::$time_window;
|
|
|
- $attempts = self::readBalcklist();
|
|
|
- $ip = $_SERVER['REMOTE_ADDR'];
|
|
|
- $blacklisted = self::checkBlacklist($ip);
|
|
|
+ if(self::isBlacklistExtention()){
|
|
|
+ $now = time();
|
|
|
+ $time_window = self::$time_window;
|
|
|
+ $attempts = self::readBalcklist();
|
|
|
+ $ip = $_SERVER['REMOTE_ADDR'];
|
|
|
+ $blacklisted = self::checkBlacklist($ip);
|
|
|
|
|
|
- self::addBalcklist($ip);
|
|
|
+ self::addBalcklist($ip);
|
|
|
|
|
|
- $recent_attempts = array_filter($attempts, function ($attempt) use ($ip, $now, $time_window) {
|
|
|
- return $attempt['ip'] === $ip && ($now - $attempt['timestamp']) <= $time_window;
|
|
|
- });
|
|
|
+ $recent_attempts = array_filter($attempts, function ($attempt) use ($ip, $now, $time_window) {
|
|
|
+ return $attempt['ip'] === $ip && ($now - $attempt['timestamp']) <= $time_window;
|
|
|
+ });
|
|
|
|
|
|
- if (count($recent_attempts) + 1 > self::$max_attempts && !self::checkBlacklist($ip)) {
|
|
|
- file_put_contents(self::$blacklist_file, "$ip\n", FILE_APPEND);
|
|
|
- $blacklisted = TRUE;
|
|
|
- }
|
|
|
+ if (count($recent_attempts) + 1 > self::$max_attempts && !self::checkBlacklist($ip)) {
|
|
|
+ file_put_contents(self::$blacklist_file, "$ip\n", FILE_APPEND);
|
|
|
+ $blacklisted = TRUE;
|
|
|
+ }
|
|
|
|
|
|
- if ($blacklisted == TRUE) {
|
|
|
- header('HTTP/1.0 401 Unauthorized');
|
|
|
- echo "Votre IP (" . $ip . ") a été blacklistée pour trop de tentatives.";
|
|
|
- exit();
|
|
|
- } else {
|
|
|
- echo "Votre IP est : " . $ip . ". Nombre de tentatives récentes : " . (count($recent_attempts) + 1);
|
|
|
- exit();
|
|
|
+ if ($blacklisted == TRUE) {
|
|
|
+ header('HTTP/1.0 401 Unauthorized');
|
|
|
+ echo "Votre IP (" . $ip . ") a été blacklistée pour trop de tentatives.";
|
|
|
+ exit();
|
|
|
+ } else {
|
|
|
+ echo "Votre IP est : " . $ip . ". Nombre de tentatives récentes : " . (count($recent_attempts) + 1);
|
|
|
+ exit();
|
|
|
+ }
|
|
|
}
|
|
|
}
|
|
|
|
|
|
public static function itIs(){ // Est-il blacklisté
|
|
|
$ip = $_SERVER['REMOTE_ADDR'];
|
|
|
- if(self::checkBlacklist($ip)){
|
|
|
+ if(!self::checkBlacklist($ip)){
|
|
|
echo "Votre IP (" . $ip . ") a été blacklistée pour trop de tentatives.";
|
|
|
exit();
|
|
|
}
|
stany.ferer