File size: 3.03Kb
<?php
#############################################
# 0JXRgdC70Lgg0YLRiyDRh9C40YLQsNC10YjRjCDRj #
# dGC0L4g0YHQvtC+0LHRidC10L3QuNC1LCDQt9C90L #
# DRh9C40YIg0YLRiyDQvdC10LzQvdC+0LPQviDQt9C #
# 90LDQtdGI0YwgUEhQIQ== #
#__---------------------------------------__#
#__ 0JrQu9C40Log0JrQu9GD0LE= __#
# --------------------------------------- #
# 0JDQstGC0L7RgCA6IE1vcmdhbg== #
# SUNRIDog0L3QtSDRgdC60LDQttGDIHhE #
# #
#############################################
if(is_banip($_ip))
{
if($_script_name != '/banip.php')
{
if(isset($_login) || isset($_pass))
{unset($_login,$_pass); session_unset(); session_destroy(); }
location('banip.php');
}
}
else
{
#echo 'TIME№1 : '.$_SESSION['microtime'].'<br />
#TIME№2 : '.microtime(true).'<br />';
if(empty($_SESSION['microtime']))
{
$_SESSION['microtime'] = microtime(true);
}
else
{
if((microtime(true)-$_SESSION['microtime'])<$config['time_antidos'])
{
$do = ($sitetime+$config['time_antidos_ban']);
query("INSERT INTO `$db[prefix]banip` SET `ip`='$_ip',`ua`='$_ua',`reason` = 'Забанен за попытку доса\n\rФайл $_script_name!',`time`='$sitetime',`do`='$do'");
}
else
{
$_SESSION['microtime'] = microtime(true);
}
}
if($config['checking_getvars']==1)
{
foreach($_GET as $key=>$value)
{
if(stripos($value,'SELECT')!==false || stripos($value,'UPDATE')!==false || stripos($value,'DELETE')!==false || stripos($value,'DROP')!==false || stripos($value,'UNION')!==false || stripos($value,'GROUP')!==false || stripos($value,'ORDER')!==false)
{
$do = ($sitetime+$config['banip_sqlinj_time']);
query("INSERT INTO `$db[prefix]banip` SET `ip`='$_ip',`ua`='$_ua',`reason` = 'Забанен за попытку SQL иньекции\n\rФайл $_script_name ($_query_string)!',`time`='$sitetime',`do`='$do'");
location('banip.php');
}
$_GET[$key] = str_replace(array('\'','"','/*','--','(',')','%'),'',$value);
}
}
if(empty($_SESSION['attempts_enter'])) $_SESSION['attempts_enter'] = 0;//-- Защита
if($_SESSION['attempts_enter']>=$config['banip_podpar_attempts'])
{
$do = ($sitetime+$config['banip_podpar_time']);
query("INSERT INTO `$db[prefix]banip` SET `ip`='$_ip',`ua`='$_ua',`reason` = 'Забанен за попытку подбора пароля!',`time`='$sitetime',`do`='$do'");
$_SESSION['attempts_enter'] = 0;
location('banip.php');
}//--
//-- Разные защитные функции.....
if($config['idle_time']>0)
{
if(empty($_SESSION['delay'])) $_SESSION['delay'] = $sitetime;
if(($_SESSION['delay']+$config['idle_time']) < $sitetime)
{
$user_in_site = 0;
unset($_login,$_pass);
session_unset();
session_destroy();
location('index.php');
}else{$_SESSION['delay']=$sitetime;}
}
}
################################################
# 0KHQutGA0LjQv9GCINC90LUg0L/QsNCx0LvQuNC6IQ== #
# 0KHRgtCw0LLRgNC+0L/QvtC70YwsIDIwMDkg0LMu #
################################################
?>