Location: PHPKode > scripts > Log Limiter > log-limiter/loglimiter.class.php
<?php
/* This file is really *free* software, not like FSF ones.
*  Do what you want with this piece of code, I just enjoyed coding, don't care.
*/

/**
* Provides a simple way to implement a limitator for login attempts, including a logger.
* @author Francesco Ciracì <hide@address.com>
* @link http://sydarex.org
* @version 0.2
* @copyright Copyleft (c) 2009/2010 Francesco Ciracì
*/

/**
* LogLimiter class.
*
* Provides a simple way to implement a limitator for login attempts, including a logger.
* @author Francesco Ciracì <hide@address.com>
* @copyright Copyleft (c) 2009, Francesco Ciracì
*/
class LogLimiter {

	/**
	 * Max attempts concessed before blocking.
	 *
	 * @access private
	 * @var integer
	 */
	private $attempts = 0;

	/**
	 * Time of blocking (minutes).
	 *
	 * @access private
	 * @var integer
	 */
	private $delay = 0;

	/**
	 * Validity attempts in attempts counting (minutes)
	 *
	 * @access private
	 * @var integer
	 */
	private $validity = 0;

	/**
	 * MySQL connection handler.
	 *
	 * @access private
	 * @var resource
	 */
	private $db = null;

	/**
	 * Client IP.
	 *
	 * @access private
	 * @var string
	 */
	private $ip = null;

	/**
	 * Class constructor. Sets class vars and deletes expired attempts.
	 *
	 * @param resource $dbc database connection.
	 * @param integer $attempts max attempts concessed before blocking.
	 * @param integer $delay time of blocking (minutes).
	 * @param integer $validity validity attempts in attempts counting (minutes).
	 */
	function __construct($dbc, $attempts, $delay, $validity) {
		$this->db = $dbc;
		$this->ip = $_SERVER['REMOTE_ADDR'];
		$this->attempts = $attempts;
		$this->delay = $delay;
		$this->validity = $validity;
		$this->delExpired();
	}

	/**
	 * Deletes expired blocks and attempts from database.
	 * 
	 * @access private
	 */
	private function delExpired() {
		@mysql_query("DELETE FROM spack_ll_blocks WHERE expire<=".time(),$this->db);
		$t = time()-($this->elapse*60);
		@mysql_query("DELETE FROM spack_ll_attempt WHERE date<=".$t,$this->db);
	}

	/**
	 * Generates the cookie block.
	 */
	function ckGen() {
		$expire = ($this->delay*60)+time();
		setcookie("ll_block",md5(rand()), $expire);
	}

	/**
	 * Checks if there is a cookie block.
	 * 
	 * @return bool
	 */
	function ckBlock() {
		if (isset($_COOKIE['ll_block'])) return true;
		return false;
	}

	/**
	 * Generates the database block.
	 */
	function dbGen() {
		$expire = ($this->delay*60)+time();
		$q = @mysql_query("INSERT INTO spack_ll_blocks (ip, expire) VALUES ('".$this->ip."', ".$expire.")",$this->db);
	}

	/**
	 * Checks if there is a database block.
	 * 
	 * @return bool
	 */
	function dbBlock() {
		$q = @mysql_query("SELECT * FROM spack_ll_blocks WHERE ip='".$this->ip."'",$this->db);
		$rows = @mysql_num_rows($q);
		if ($rows>0) return true;
		return false;
	}

	/**
	 * Logs a possible cracking attempt.
	 */
	function logCrack() {
		@mysql_query("INSERT INTO spack_ll_log (ip, date) VALUES ('".$this->ip."', ".time().")",$this->db);
	}

	/**
	* Logs a failed login attempt.
	*/
	function logAttempt() {
		@mysql_query("INSERT INTO spack_ll_attempts (ip, date) VALUES ('".$this->ip."', ".time().")",$this->db);
	}

	/**
	* Counts how many attempts from this IP.
	*/
	function countAttempt() {
		$res = @mysql_query("SELECT * FROM spack_ll_attempts WHERE ip='".$this->ip."'",$this->db);
		return @mysql_num_rows($res);
	}

	/**
	* Call this method when a login fails. Logs the attempt and checks if a block is needed. If is, does it.
	*/
	function fail() {
		$this->logAttempt();
		if ($this->countAttempt() >= $this->attempts) {
			$this->logCrack();
			$this->dbGen();
			$this->ckGen();
		}
	}

	/**
	* Call this method when a login goes right. Deletes the attempts from this IP.
	*/
	function login() {
		@mysql_query("DELETE FROM spack_ll_attempt WHERE ip='".$this->ip."'",$this->db);
	}
 }
 ?>
Return current item: Log Limiter