Эхлэл Бүгдийг харах Тусламж
Нэвтрэх
CSE-Invent
/
CMS-CSE
-ын хуулбар https://git.cse-invent.com/product/cms.events.git
2
0
Салаа 0
Файлууд Асуудлууд 0 Мэдлэгийн сан
Мод: ff2071f092
Салаанууд Тагууд
CMS-CSE
/
core
/
class
/
blacklist.class.php

blacklist.class.php 3.7 KB
Түүх Анхны өгөгдөл

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899 
  1. <?php
    2. 

  2. 

  3. class blacklist {
    4. 

  4. 

  5.     private static $log_file = '../blacklist/ip_attempts.log';
    6. 

  6.     private static $blacklist_file = '../blacklist/ip.txt';
    7. 

  7.     private static $max_attempts = 5;
    8. 

  8.     private static $time_window = 10 * 60; // 10 minutes en secondes
    9. 

  9. 

  10.     public static function execute() {
    11. 

  11.         return self::check();
    12. 

  12.     }
    13. 

  13. 

  14.     public static function isValidIPv4() {
    15. 

  15.         return (ENVIRONNEMENT == "DEV") ? TRUE : filter_var($_SERVER['REMOTE_ADDR'], FILTER_VALIDATE_IP, FILTER_FLAG_IPV4) !== FALSE;
    16. 

  16.     }
    17. 

  17. 

  18.     private static function getFullUrl() { $protocol = (!empty($_SERVER['HTTPS']) && $_SERVER['HTTPS'] !== 'off') ? 'https://' : 'http://';
    19. 

  19.         return $protocol . $_SERVER['SERVER_NAME'] . $_SERVER['REQUEST_URI'];
    20. 

  20.     }
    21. 

  21.     
    22. 

  22.     private static function isBlacklistExtention() {
    23. 

  23.         $uri = $_SERVER['REQUEST_URI'];
    24. 

  24.         $blackListExtention = ['php'];
    25. 

  25.         $extension = pathinfo(parse_url($uri, PHP_URL_PATH), PATHINFO_EXTENSION);
    26. 

  26.         return in_array(strtolower($extension), $blackListExtention);
    27. 

  27.     }
    28. 

  28. 

  29.     private static function readBlacklist(){ // Charger les tentatives existantes
    30. 

  30.         $attempts = [];
    31. 

  31.         if (file_exists(self::$log_file)) {
    32. 

  32.             $lines = file(self::$log_file, FILE_IGNORE_NEW_LINES);
    33. 

  33.             foreach ($lines as $line) {
    34. 

  34.                 list($ip, $timestamp) = explode(',', $line);
    35. 

  35.                 $attempts[] = ['ip' => $ip, 'timestamp' => strtotime($timestamp)];
    36. 

  36.             }
    37. 

  37.         }
    38. 

  38.         return $attempts;
    39. 

  39.     }
    40. 

  40. 

  41.     private static function checkBlacklist(string $_ip){ // Vérifier si l'IP est déjà blacklistée
    42. 

  42.         $blacklisted = FALSE;
    43. 

  43.         if (file_exists(self::$blacklist_file)) {
    44. 

  44.             $blacklisted_ips = file(self::$blacklist_file, FILE_IGNORE_NEW_LINES);
    45. 

  45.             $blacklisted = in_array($_ip, $blacklisted_ips);
    46. 

  46.         }
    47. 

  47.         return $blacklisted;
    48. 

  48.     }
    49. 

  49. 

  50.     private static function addBlacklist(string $_ip){ // Ajouter une nouvelle tentative
    51. 

  51.         file_put_contents(self::$log_file, "$_ip," . date('Y-m-d H:i:s') . ", " . $_SERVER["REQUEST_METHOD"] . "," . self::getFullUrl() . "\n", FILE_APPEND);
    52. 

  52.     }
    53. 

  53.     
    54. 

  54.     private static function check() {
    55. 

  55.         if (self::isBlacklistExtention()) {
    56. 

  56.             $now = time();
    57. 

  57.             $time_window = self::$time_window;
    58. 

  58.             $attempts = self::readBlacklist();
    59. 

  59.             $ip = $_SERVER['REMOTE_ADDR'];
    60. 

  60. 

  61.             // Vérifie si l'IP est déjà blacklistée
    62. 

  62.             $blacklisted = self::checkBlacklist($ip);
    63. 

  63. 

  64.             // Ajoute une tentative
    65. 

  65.             self::addBlacklist($ip);
    66. 

  66. 

  67.             // Filtre les tentatives récentes
    68. 

  68.             $recent_attempts = array_filter($attempts, function ($attempt) use ($ip, $now, $time_window) {
    69. 

  69.                 return $attempt['ip'] === $ip && ($now - $attempt['timestamp']) <= $time_window;
    70. 

  70.             });
    71. 

  71. 

  72.             // Si trop de tentatives, ajoute l'IP à la blacklist
    73. 

  73.             if (count($recent_attempts) + 1 > self::$max_attempts && !$blacklisted) {
    74. 

  74.                 file_put_contents(self::$blacklist_file, "$ip\n", FILE_APPEND);
    75. 

  75.                 $blacklisted = true;
    76. 

  76.             }
    77. 

  77. 

  78.             // Redirection si blacklisté
    79. 

  79.             if ($blacklisted) {
    80. 

  80.                 header("HTTP/1.1 403 Forbidden");
    81. 

  81.                 header("Location: /noAccess.php");
    82. 

  82.                 exit();
    83. 

  83.             } else {
    84. 

  84.                 return ["error" => 404, "text" => "La page que vous cherchez n'existe pas."];
    85. 

  85.             }
    86. 

  86.         } else {
    87. 

  87.             return ["error" => 404, "text" => "La page que vous cherchez n'existe pas."];
    88. 

  88.         }
    89. 

  89.     }
    90. 

  90. 

  91.     public static function itIs(){ // Est-il blacklisté
    92. 

  92.         if(self::checkBlacklist($_SERVER['REMOTE_ADDR'])){
    93. 

  93.             header("Location: /noAccess.php");
    94. 

  94.             exit();
    95. 

  95.         }
    96. 

  96.         return NULL;
    97. 

  97.     }
    98. 

  98. 

  99. }
    100.