Acasă Explorează Ajutor
Autentificare
CSE-Invent
/
CMS-CSE
oglindă de https://git.cse-invent.com/product/cms.events.git
2
0
Bifurcare 0
Fisiere Probleme 0 Wiki
Arbore: 84927c36d9
Ramuri Etichete
CMS-CSE
/
core
/
class
/
blacklist.class.php

blacklist.class.php 3.6 KB
Istoric Crud

1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465666768697071727374757677787980818283848586878889909192939495 
  1. <?php
    2. 

  2. 

  3. class blacklist {
    4. 

  4. 

  5.     private static $log_file = '../blacklist/ip_attempts.log';
    6. 

  6.     private static $blacklist_file = '../blacklist/ip.txt';
    7. 

  7.     private static $max_attempts = 5;
    8. 

  8.     private static $time_window = 10 * 60; // 10 minutes en secondes
    9. 

  9. 

  10.     public static function execute(?string $_from = NULL) {
    11. 

  11.         self::check($_from);
    12. 

  12.     }
    13. 

  13. 

  14.     public static function isValidIPv4() {
    15. 

  15.         return filter_var($_SERVER['REMOTE_ADDR'], FILTER_VALIDATE_IP, FILTER_FLAG_IPV4) !== false;
    16. 

  16.     }
    17. 

  17. 

  18.     private static function getFullUrl() { $protocol = (!empty($_SERVER['HTTPS']) && $_SERVER['HTTPS'] !== 'off') ? 'https://' : 'http://';
    19. 

  19.         return $protocol . $_SERVER['SERVER_NAME'] . $_SERVER['REQUEST_URI'];
    20. 

  20.     }
    21. 

  21.     
    22. 

  22.     private static function isBlacklistExtention() {
    23. 

  23.         $uri = $_SERVER['REQUEST_URI'];
    24. 

  24.         $blackListExtention = ['php'];
    25. 

  25.         $extension = pathinfo(parse_url($uri, PHP_URL_PATH), PATHINFO_EXTENSION);
    26. 

  26.         return in_array(strtolower($extension), $blackListExtention);
    27. 

  27.     }
    28. 

  28. 

  29.     private static function readBalcklist(){ // Charger les tentatives existantes
    30. 

  30.         $attempts = [];
    31. 

  31.         if (file_exists(self::$log_file)) {
    32. 

  32.             $lines = file(self::$log_file, FILE_IGNORE_NEW_LINES);
    33. 

  33.             foreach ($lines as $line) {
    34. 

  34.                 list($ip, $timestamp) = explode(',', $line);
    35. 

  35.                 $attempts[] = ['ip' => $ip, 'timestamp' => strtotime($timestamp)];
    36. 

  36.             }
    37. 

  37.         }
    38. 

  38.         return $attempts;
    39. 

  39.     }
    40. 

  40. 

  41.     private static function checkBlacklist(string $_ip){ // Vérifier si l'IP est déjà blacklistée
    42. 

  42.         $blacklisted = FALSE;
    43. 

  43.         if (file_exists(self::$blacklist_file)) {
    44. 

  44.             $blacklisted_ips = file(self::$blacklist_file, FILE_IGNORE_NEW_LINES);
    45. 

  45.             $blacklisted = in_array($_ip, $blacklisted_ips);
    46. 

  46.         }
    47. 

  47.         return $blacklisted;
    48. 

  48.     }
    49. 

  49. 

  50.     private static function addBalcklist(string $_ip){ // Ajouter une nouvelle tentative
    51. 

  51.         file_put_contents(self::$log_file, "$_ip," . date('Y-m-d H:i:s') . ", " . $_SERVER["REQUEST_METHOD"] . "," . self::getFullUrl() . "\n", FILE_APPEND);
    52. 

  52.     }
    53. 

  53.     
    54. 

  54.     private static function check(){ // Compter les tentatives récentes
    55. 

  55.         if(self::isBlacklistExtention()){
    56. 

  56.             $now = time();
    57. 

  57.             $time_window = self::$time_window;
    58. 

  58.             $attempts = self::readBalcklist();
    59. 

  59.             $ip = $_SERVER['REMOTE_ADDR'];
    60. 

  60.             $blacklisted = self::checkBlacklist($ip);
    61. 

  61. 

  62.             self::addBalcklist($ip);
    63. 

  63. 

  64.             $recent_attempts = array_filter($attempts, function ($attempt) use ($ip, $now, $time_window) {
    65. 

  65.                 return $attempt['ip'] === $ip && ($now - $attempt['timestamp']) <= $time_window;
    66. 

  66.             });
    67. 

  67. 

  68.             if (count($recent_attempts) + 1 > self::$max_attempts && !self::checkBlacklist($ip)) {
    69. 

  69.                 file_put_contents(self::$blacklist_file, "$ip\n", FILE_APPEND);
    70. 

  70.                 $blacklisted = TRUE;
    71. 

  71.             }
    72. 

  72. 

  73.             if ($blacklisted == TRUE) {
    74. 

  74.                 header('HTTP/1.0 401 Unauthorized');
    75. 

  75.                 echo "Votre IP (" . $ip . ") a été blacklistée pour trop de tentatives.";
    76. 

  76.                 exit();
    77. 

  77.             } else {
    78. 

  78.                 echo "Votre IP est : " . $ip . ". Nombre de tentatives récentes : " . (count($recent_attempts) + 1);
    79. 

  79.                 exit();
    80. 

  80.             }
    81. 

  81.         } else {
    82. 

  82.             echo json_encode(["Error 404"]);
    83. 

  83.             exit();
    84. 

  84.         }
    85. 

  85.     }
    86. 

  86. 

  87.     public static function itIs(){ // Est-il blacklisté
    88. 

  88.         $ip = $_SERVER['REMOTE_ADDR'];
    89. 

  89.         if(self::checkBlacklist($ip)){
    90. 

  90.             echo "Votre IP (" . $ip . ") a été blacklistée pour trop de tentatives.";
    91. 

  91.             exit();
    92. 

  92.         }
    93. 

  93.     }
    94. 

  94. 

  95. }
    96.