Etusivu Tutki Apua
Kirjaudu sisään
CSE-Invent
/
CMS-CSE
peilaus alkaen https://git.cse-invent.com/product/cms.events.git
2
0
Fork 0
Tiedostot Ongelmat 0 Wiki
Puu: 210fe711c7
Haarat Tagit
CMS-CSE
/
core
/
class
/
blacklist.class.php

blacklist.class.php 3.8 KB
Historia Raaka

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100 
  1. <?php
    2. 

  2. 

  3. class blacklist {
    4. 

  4. 

  5.     private static $log_file = '../blacklist/ip_attempts.log';
    6. 

  6.     private static $blacklist_file = '../blacklist/ip.txt';
    7. 

  7.     private static $max_attempts = 5;
    8. 

  8.     private static $time_window = 10 * 60; // 10 minutes en secondes
    9. 

  9. 

  10.     public static function execute() {
    11. 

  11.         return self::check();
    12. 

  12.     }
    13. 

  13. 

  14.     public static function isValidIPv4() {
    15. 

  15.         $isDev = (strpos($_SERVER['HTTP_HOST'], 'local.') === 0); // Vérifie c'est une URL local de développement
    16. 

  16.         return $isDev ? TRUE : filter_var($_SERVER['REMOTE_ADDR'], FILTER_VALIDATE_IP, FILTER_FLAG_IPV4) !== FALSE;
    17. 

  17.     }
    18. 

  18. 

  19.     private static function getFullUrl() { $protocol = (!empty($_SERVER['HTTPS']) && $_SERVER['HTTPS'] !== 'off') ? 'https://' : 'http://';
    20. 

  20.         return $protocol . $_SERVER['SERVER_NAME'] . $_SERVER['REQUEST_URI'];
    21. 

  21.     }
    22. 

  22.     
    23. 

  23.     private static function isBlacklistExtention() {
    24. 

  24.         $uri = $_SERVER['REQUEST_URI'];
    25. 

  25.         $blackListExtention = ['php'];
    26. 

  26.         $extension = pathinfo(parse_url($uri, PHP_URL_PATH), PATHINFO_EXTENSION);
    27. 

  27.         return in_array(strtolower($extension), $blackListExtention);
    28. 

  28.     }
    29. 

  29. 

  30.     private static function readBlacklist(){ // Charger les tentatives existantes
    31. 

  31.         $attempts = [];
    32. 

  32.         if (file_exists(self::$log_file)) {
    33. 

  33.             $lines = file(self::$log_file, FILE_IGNORE_NEW_LINES);
    34. 

  34.             foreach ($lines as $line) {
    35. 

  35.                 list($ip, $timestamp) = explode(',', $line);
    36. 

  36.                 $attempts[] = ['ip' => $ip, 'timestamp' => strtotime($timestamp)];
    37. 

  37.             }
    38. 

  38.         }
    39. 

  39.         return $attempts;
    40. 

  40.     }
    41. 

  41. 

  42.     private static function checkBlacklist(string $_ip){ // Vérifier si l'IP est déjà blacklistée
    43. 

  43.         $blacklisted = FALSE;
    44. 

  44.         if (file_exists(self::$blacklist_file)) {
    45. 

  45.             $blacklisted_ips = file(self::$blacklist_file, FILE_IGNORE_NEW_LINES);
    46. 

  46.             $blacklisted = in_array($_ip, $blacklisted_ips);
    47. 

  47.         }
    48. 

  48.         return $blacklisted;
    49. 

  49.     }
    50. 

  50. 

  51.     private static function addBlacklist(string $_ip){ // Ajouter une nouvelle tentative
    52. 

  52.         file_put_contents(self::$log_file, "$_ip," . date('Y-m-d H:i:s') . ", " . $_SERVER["REQUEST_METHOD"] . "," . self::getFullUrl() . "\n", FILE_APPEND);
    53. 

  53.     }
    54. 

  54.     
    55. 

  55.     private static function check() {
    56. 

  56.         if (self::isBlacklistExtention()) {
    57. 

  57.             $now = time();
    58. 

  58.             $time_window = self::$time_window;
    59. 

  59.             $attempts = self::readBlacklist();
    60. 

  60.             $ip = $_SERVER['REMOTE_ADDR'];
    61. 

  61. 

  62.             // Vérifie si l'IP est déjà blacklistée
    63. 

  63.             $blacklisted = self::checkBlacklist($ip);
    64. 

  64. 

  65.             // Ajoute une tentative
    66. 

  66.             self::addBlacklist($ip);
    67. 

  67. 

  68.             // Filtre les tentatives récentes
    69. 

  69.             $recent_attempts = array_filter($attempts, function ($attempt) use ($ip, $now, $time_window) {
    70. 

  70.                 return $attempt['ip'] === $ip && ($now - $attempt['timestamp']) <= $time_window;
    71. 

  71.             });
    72. 

  72. 

  73.             // Si trop de tentatives, ajoute l'IP à la blacklist
    74. 

  74.             if (count($recent_attempts) + 1 > self::$max_attempts && !$blacklisted) {
    75. 

  75.                 file_put_contents(self::$blacklist_file, "$ip\n", FILE_APPEND);
    76. 

  76.                 $blacklisted = true;
    77. 

  77.             }
    78. 

  78. 

  79.             // Redirection si blacklisté
    80. 

  80.             if ($blacklisted) {
    81. 

  81.                 header("HTTP/1.1 403 Forbidden");
    82. 

  82.                 header("Location: /noAccess.php");
    83. 

  83.                 exit();
    84. 

  84.             } else {
    85. 

  85.                 return ["error" => 404, "text" => "La page que vous cherchez n'existe pas."];
    86. 

  86.             }
    87. 

  87.         } else {
    88. 

  88.             return ["error" => 404, "text" => "La page que vous cherchez n'existe pas."];
    89. 

  89.         }
    90. 

  90.     }
    91. 

  91. 

  92.     public static function itIs(){ // Est-il blacklisté
    93. 

  93.         if(self::checkBlacklist($_SERVER['REMOTE_ADDR'])){
    94. 

  94.             header("Location: /noAccess.php");
    95. 

  95.             exit();
    96. 

  96.         }
    97. 

  97.         return NULL;
    98. 

  98.     }
    99. 

  99. 

  100. }
    101.