Implemented Spam protection via IP block

This commit is contained in:
Raphael Zimmermann 2015-03-16 16:28:20 +01:00
parent f9c8b6f016
commit 67c80893f5
6 changed files with 103 additions and 35 deletions

1
.gitignore vendored
View file

@ -1,3 +1,4 @@
/cache/
/vendor/
/cache/
/blacklist/

View file

@ -4,16 +4,23 @@ namespace raphiz\passwordcards;
require_once 'vendor/autoload.php';
use \Rain\Tpl;
Tpl::configure(
array(
"tpl_dir" => __DIR__ . "/resources/",
)
);
if (!RequestUtils::isPost()) {
// Render template
Tpl::configure(
array(
"tpl_dir" => __DIR__ . "/resources/",
)
);
$tpl = new Tpl;
$tpl->draw('index');
} else {
$spamPrevention = RequestUtils::preventSpam();
if ($spamPrevention !== true) {
$tpl = new Tpl;
$tpl->assign('seconds', $spamPrevention);
$tpl->draw('spam');
exit;
}
// Parse request
$pattern = RequestUtils::parsePattern();
$keyboardLayout = RequestUtils::parseKeyboardLayout();
@ -50,4 +57,5 @@ if (!RequestUtils::isPost()) {
// Cleanup temporary SVG images
unlink($back);
unlink($front);
}

View file

@ -0,0 +1,29 @@
<head>
<!-- Basic Page Needs
-->
<meta charset="utf-8">
<title>Password Card Generator</title>
<meta name="description" content="Password Card Generator">
<meta name="author" content="Raphael Zimmermann">
<!-- Mobile Specific Metas
-->
<meta name="viewport" content="width=device-width, initial-scale=1">
<!-- FONT
-->
<link href="//fonts.googleapis.com/css?family=Raleway:400,300,600" rel="stylesheet" type="text/css">
<!-- CSS
-->
<link rel="stylesheet" href="resources/css/normalize.css">
<link rel="stylesheet" href="resources/css/skeleton.css">
<link rel="stylesheet" href="resources/css/tinycolorpicker.css">
<link rel="stylesheet" href="resources/css/main.css">
<!-- Favicon
-->
<link rel="icon" type="image/png" href="resources/favicon.png">
</head>

View file

@ -1,34 +1,6 @@
<!DOCTYPE html>
<html lang="en">
<head>
<!-- Basic Page Needs
-->
<meta charset="utf-8">
<title>Password Card Generator</title>
<meta name="description" content="Password Card Generator">
<meta name="author" content="Raphael Zimmermann">
<!-- Mobile Specific Metas
-->
<meta name="viewport" content="width=device-width, initial-scale=1">
<!-- FONT
-->
<link href="//fonts.googleapis.com/css?family=Raleway:400,300,600" rel="stylesheet" type="text/css">
<!-- CSS
-->
<link rel="stylesheet" href="resources/css/normalize.css">
<link rel="stylesheet" href="resources/css/skeleton.css">
<link rel="stylesheet" href="resources/css/tinycolorpicker.css">
<link rel="stylesheet" href="resources/css/main.css">
<!-- Favicon
-->
<link rel="icon" type="image/png" href="resources/favicon.png">
</head>
{include="includes/header"}
<body>
<!-- Primary Page Layout

19
resources/spam.html Normal file
View file

@ -0,0 +1,19 @@
<!DOCTYPE html>
<html lang="en">
{include="includes/header"}
<body>
<!-- Primary Page Layout
-->
<div class="container">
<div class="header">
<h1>Awww...</h1>
<p>To prevent spam you can only create 5 cards every 5 minutes...</p>
<p>While you wait ({$seconds} seconds are left) - you can watch this video of cute cats!</p>
<iframe width="560" height="315" src="https://www.youtube.com/embed/nOBX7ffZFCU" frameborder="0" allowfullscreen></iframe>
<br>
<a href="/" class="button">Go Back</a>
</div>
</div>
</body>
</html>

View file

@ -8,6 +8,45 @@ class RequestUtils
return $_SERVER['REQUEST_METHOD'] == "POST";
}
public static function preventSpam()
{
$ip = $_SERVER['REMOTE_ADDR'];
$blacklistfile = __DIR__ . '/../blacklist/' . $ip;
$count = 0;
$creationDate = 0;
if (file_exists($blacklistfile)) {
$contents = (int)file_get_contents($blacklistfile);
// If the stored value is big, it's the unix timestamp.
// Otherwise it's the amount of created cards.
if ($contents > 5) {
$creationDate = $contents;
} else {
$count = $contents;
}
}
if ($creationDate > 0) {
// If blocked time is over, release lock
if ($creationDate - time() < 0) {
file_put_contents($blacklistfile, 0);
} else {
return $creationDate - time();
}
}
if ($count === 5) {
// Write unix timestamp into the blacklist file. The
// ip is blocked till then.
file_put_contents($blacklistfile, time() + 5*60);
} else {
// increment count...
file_put_contents($blacklistfile, ($count+1));
}
return true;
}
public static function parseSeed()
{
if (