View file inc/antidos.php

File size: 3.03Kb
<?php
#############################################
# 0JXRgdC70Lgg0YLRiyDRh9C40YLQsNC10YjRjCDRj #
# dGC0L4g0YHQvtC+0LHRidC10L3QuNC1LCDQt9C90L #
# DRh9C40YIg0YLRiyDQvdC10LzQvdC+0LPQviDQt9C #
#          90LDQtdGI0YwgUEhQIQ==            #
#__---------------------------------------__#
#__        0JrQu9C40Log0JrQu9GD0LE=       __#
#  ---------------------------------------  #
# 0JDQstGC0L7RgCA6IE1vcmdhbg==              #
# SUNRIDog0L3QtSDRgdC60LDQttGDIHhE          #
#                                           #
#############################################


if(is_banip($_ip))
 {
 if($_script_name != '/banip.php')
  {
   if(isset($_login)  || isset($_pass))
   {unset($_login,$_pass); session_unset(); session_destroy(); }
   location('banip.php');
  }
 }
else
 {


#echo 'TIME№1 : '.$_SESSION['microtime'].'<br />
#TIME№2 : '.microtime(true).'<br />';
if(empty($_SESSION['microtime']))
 {
 $_SESSION['microtime'] = microtime(true);
 }
else
 {
 if((microtime(true)-$_SESSION['microtime'])<$config['time_antidos'])
  {
  $do = ($sitetime+$config['time_antidos_ban']);
  query("INSERT INTO `$db[prefix]banip` SET `ip`='$_ip',`ua`='$_ua',`reason` = 'Забанен за попытку доса\n\rФайл $_script_name!',`time`='$sitetime',`do`='$do'");
  }
 else
  {
  $_SESSION['microtime'] = microtime(true);
  }
 }


if($config['checking_getvars']==1)
{

foreach($_GET as $key=>$value)
{
if(stripos($value,'SELECT')!==false || stripos($value,'UPDATE')!==false || stripos($value,'DELETE')!==false || stripos($value,'DROP')!==false || stripos($value,'UNION')!==false || stripos($value,'GROUP')!==false || stripos($value,'ORDER')!==false)
 {
 $do = ($sitetime+$config['banip_sqlinj_time']);
 query("INSERT INTO `$db[prefix]banip` SET `ip`='$_ip',`ua`='$_ua',`reason` = 'Забанен за попытку SQL иньекции\n\rФайл $_script_name ($_query_string)!',`time`='$sitetime',`do`='$do'");
 location('banip.php');
 }
$_GET[$key] = str_replace(array('\'','"','/*','--','(',')','%'),'',$value);
}

}

if(empty($_SESSION['attempts_enter'])) $_SESSION['attempts_enter'] = 0;//-- Защита
if($_SESSION['attempts_enter']>=$config['banip_podpar_attempts'])
{
$do = ($sitetime+$config['banip_podpar_time']);
query("INSERT INTO `$db[prefix]banip` SET `ip`='$_ip',`ua`='$_ua',`reason` = 'Забанен за попытку подбора пароля!',`time`='$sitetime',`do`='$do'");
$_SESSION['attempts_enter'] = 0;
 location('banip.php');
}//--


//-- Разные защитные функции.....
if($config['idle_time']>0)
{
if(empty($_SESSION['delay']))  $_SESSION['delay'] = $sitetime;
if(($_SESSION['delay']+$config['idle_time']) < $sitetime)
{
$user_in_site = 0;
unset($_login,$_pass);
session_unset();
session_destroy();
location('index.php');
}else{$_SESSION['delay']=$sitetime;}
}

 }

################################################
# 0KHQutGA0LjQv9GCINC90LUg0L/QsNCx0LvQuNC6IQ== #
#   0KHRgtCw0LLRgNC+0L/QvtC70YwsIDIwMDkg0LMu   #
################################################

?>