Implemented Spam protection via IP block
This commit is contained in:
parent
f9c8b6f016
commit
67c80893f5
6 changed files with 103 additions and 35 deletions
1
.gitignore
vendored
1
.gitignore
vendored
|
@ -1,3 +1,4 @@
|
||||||
/cache/
|
/cache/
|
||||||
/vendor/
|
/vendor/
|
||||||
/cache/
|
/cache/
|
||||||
|
/blacklist/
|
||||||
|
|
12
index.php
12
index.php
|
@ -4,16 +4,23 @@ namespace raphiz\passwordcards;
|
||||||
require_once 'vendor/autoload.php';
|
require_once 'vendor/autoload.php';
|
||||||
use \Rain\Tpl;
|
use \Rain\Tpl;
|
||||||
|
|
||||||
if (!RequestUtils::isPost()) {
|
|
||||||
// Render template
|
|
||||||
Tpl::configure(
|
Tpl::configure(
|
||||||
array(
|
array(
|
||||||
"tpl_dir" => __DIR__ . "/resources/",
|
"tpl_dir" => __DIR__ . "/resources/",
|
||||||
)
|
)
|
||||||
);
|
);
|
||||||
|
|
||||||
|
if (!RequestUtils::isPost()) {
|
||||||
$tpl = new Tpl;
|
$tpl = new Tpl;
|
||||||
$tpl->draw('index');
|
$tpl->draw('index');
|
||||||
} else {
|
} else {
|
||||||
|
$spamPrevention = RequestUtils::preventSpam();
|
||||||
|
if ($spamPrevention !== true) {
|
||||||
|
$tpl = new Tpl;
|
||||||
|
$tpl->assign('seconds', $spamPrevention);
|
||||||
|
$tpl->draw('spam');
|
||||||
|
exit;
|
||||||
|
}
|
||||||
// Parse request
|
// Parse request
|
||||||
$pattern = RequestUtils::parsePattern();
|
$pattern = RequestUtils::parsePattern();
|
||||||
$keyboardLayout = RequestUtils::parseKeyboardLayout();
|
$keyboardLayout = RequestUtils::parseKeyboardLayout();
|
||||||
|
@ -50,4 +57,5 @@ if (!RequestUtils::isPost()) {
|
||||||
// Cleanup temporary SVG images
|
// Cleanup temporary SVG images
|
||||||
unlink($back);
|
unlink($back);
|
||||||
unlink($front);
|
unlink($front);
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
29
resources/includes/header.html
Normal file
29
resources/includes/header.html
Normal file
|
@ -0,0 +1,29 @@
|
||||||
|
<head>
|
||||||
|
|
||||||
|
<!-- Basic Page Needs
|
||||||
|
–––––––––––––––––––––––––––––––––––––––––––––––––– -->
|
||||||
|
<meta charset="utf-8">
|
||||||
|
<title>Password Card Generator</title>
|
||||||
|
<meta name="description" content="Password Card Generator">
|
||||||
|
<meta name="author" content="Raphael Zimmermann">
|
||||||
|
|
||||||
|
<!-- Mobile Specific Metas
|
||||||
|
–––––––––––––––––––––––––––––––––––––––––––––––––– -->
|
||||||
|
<meta name="viewport" content="width=device-width, initial-scale=1">
|
||||||
|
|
||||||
|
<!-- FONT
|
||||||
|
–––––––––––––––––––––––––––––––––––––––––––––––––– -->
|
||||||
|
<link href="//fonts.googleapis.com/css?family=Raleway:400,300,600" rel="stylesheet" type="text/css">
|
||||||
|
|
||||||
|
<!-- CSS
|
||||||
|
–––––––––––––––––––––––––––––––––––––––––––––––––– -->
|
||||||
|
<link rel="stylesheet" href="resources/css/normalize.css">
|
||||||
|
<link rel="stylesheet" href="resources/css/skeleton.css">
|
||||||
|
<link rel="stylesheet" href="resources/css/tinycolorpicker.css">
|
||||||
|
<link rel="stylesheet" href="resources/css/main.css">
|
||||||
|
|
||||||
|
<!-- Favicon
|
||||||
|
–––––––––––––––––––––––––––––––––––––––––––––––––– -->
|
||||||
|
<link rel="icon" type="image/png" href="resources/favicon.png">
|
||||||
|
|
||||||
|
</head>
|
|
@ -1,34 +1,6 @@
|
||||||
<!DOCTYPE html>
|
<!DOCTYPE html>
|
||||||
<html lang="en">
|
<html lang="en">
|
||||||
<head>
|
{include="includes/header"}
|
||||||
|
|
||||||
<!-- Basic Page Needs
|
|
||||||
–––––––––––––––––––––––––––––––––––––––––––––––––– -->
|
|
||||||
<meta charset="utf-8">
|
|
||||||
<title>Password Card Generator</title>
|
|
||||||
<meta name="description" content="Password Card Generator">
|
|
||||||
<meta name="author" content="Raphael Zimmermann">
|
|
||||||
|
|
||||||
<!-- Mobile Specific Metas
|
|
||||||
–––––––––––––––––––––––––––––––––––––––––––––––––– -->
|
|
||||||
<meta name="viewport" content="width=device-width, initial-scale=1">
|
|
||||||
|
|
||||||
<!-- FONT
|
|
||||||
–––––––––––––––––––––––––––––––––––––––––––––––––– -->
|
|
||||||
<link href="//fonts.googleapis.com/css?family=Raleway:400,300,600" rel="stylesheet" type="text/css">
|
|
||||||
|
|
||||||
<!-- CSS
|
|
||||||
–––––––––––––––––––––––––––––––––––––––––––––––––– -->
|
|
||||||
<link rel="stylesheet" href="resources/css/normalize.css">
|
|
||||||
<link rel="stylesheet" href="resources/css/skeleton.css">
|
|
||||||
<link rel="stylesheet" href="resources/css/tinycolorpicker.css">
|
|
||||||
<link rel="stylesheet" href="resources/css/main.css">
|
|
||||||
|
|
||||||
<!-- Favicon
|
|
||||||
–––––––––––––––––––––––––––––––––––––––––––––––––– -->
|
|
||||||
<link rel="icon" type="image/png" href="resources/favicon.png">
|
|
||||||
|
|
||||||
</head>
|
|
||||||
<body>
|
<body>
|
||||||
|
|
||||||
<!-- Primary Page Layout
|
<!-- Primary Page Layout
|
||||||
|
|
19
resources/spam.html
Normal file
19
resources/spam.html
Normal file
|
@ -0,0 +1,19 @@
|
||||||
|
<!DOCTYPE html>
|
||||||
|
<html lang="en">
|
||||||
|
{include="includes/header"}
|
||||||
|
<body>
|
||||||
|
|
||||||
|
<!-- Primary Page Layout
|
||||||
|
–––––––––––––––––––––––––––––––––––––––––––––––––– -->
|
||||||
|
<div class="container">
|
||||||
|
<div class="header">
|
||||||
|
<h1>Awww...</h1>
|
||||||
|
<p>To prevent spam you can only create 5 cards every 5 minutes...</p>
|
||||||
|
<p>While you wait ({$seconds} seconds are left) - you can watch this video of cute cats!</p>
|
||||||
|
<iframe width="560" height="315" src="https://www.youtube.com/embed/nOBX7ffZFCU" frameborder="0" allowfullscreen></iframe>
|
||||||
|
<br>
|
||||||
|
<a href="/" class="button">Go Back</a>
|
||||||
|
</div>
|
||||||
|
</div>
|
||||||
|
</body>
|
||||||
|
</html>
|
|
@ -8,6 +8,45 @@ class RequestUtils
|
||||||
return $_SERVER['REQUEST_METHOD'] == "POST";
|
return $_SERVER['REQUEST_METHOD'] == "POST";
|
||||||
}
|
}
|
||||||
|
|
||||||
|
public static function preventSpam()
|
||||||
|
{
|
||||||
|
$ip = $_SERVER['REMOTE_ADDR'];
|
||||||
|
$blacklistfile = __DIR__ . '/../blacklist/' . $ip;
|
||||||
|
$count = 0;
|
||||||
|
$creationDate = 0;
|
||||||
|
if (file_exists($blacklistfile)) {
|
||||||
|
$contents = (int)file_get_contents($blacklistfile);
|
||||||
|
// If the stored value is big, it's the unix timestamp.
|
||||||
|
// Otherwise it's the amount of created cards.
|
||||||
|
if ($contents > 5) {
|
||||||
|
$creationDate = $contents;
|
||||||
|
} else {
|
||||||
|
$count = $contents;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
if ($creationDate > 0) {
|
||||||
|
// If blocked time is over, release lock
|
||||||
|
if ($creationDate - time() < 0) {
|
||||||
|
file_put_contents($blacklistfile, 0);
|
||||||
|
} else {
|
||||||
|
return $creationDate - time();
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
if ($count === 5) {
|
||||||
|
// Write unix timestamp into the blacklist file. The
|
||||||
|
// ip is blocked till then.
|
||||||
|
file_put_contents($blacklistfile, time() + 5*60);
|
||||||
|
} else {
|
||||||
|
// increment count...
|
||||||
|
file_put_contents($blacklistfile, ($count+1));
|
||||||
|
}
|
||||||
|
|
||||||
|
return true;
|
||||||
|
}
|
||||||
|
|
||||||
public static function parseSeed()
|
public static function parseSeed()
|
||||||
{
|
{
|
||||||
if (
|
if (
|
||||||
|
|
Reference in a new issue