conn = mysqli_connect(DB_HOST,DB_USER,DB_PASSWORD); $ok = mysqli_select_db($this->conn,DB_NAME); if (!$ok) return false; $this->get_options(); // plugin disabled if (!$this->enable) return; // current request is admin's one if (isset($_COOKIE['wpantiddos']) && $_COOKIE['wpantiddos']==$this->cookie) return; if ($this->only_params_enabled) if (!$this->only_param_detected()) return; // detect request type and limits if ($this->xhr_request()) { if ($this->hits_limit_XHR=='ANY') return; $request_type = 'xhr'; $hits_limit = $this->hits_limit_XHR; $seconds_limit = wpadtiddos_seconds_limit_XHR; } elseif ($_POST && isset($_POST[$this->pass_param]) ) { if ($this->seconds_limit_AUTH=='ANY') return; $request_type = 'auth'; $seconds_limit = $this->seconds_limit_AUTH; $this->only_params .= ' '.$this->pass_param; $hits_limit = 1; } elseif ($_POST) { if ($this->seconds_limit_POST=='ANY') return; $request_type = 'post'; $hits_limit = 1; $seconds_limit = $this->seconds_limit_POST; } else { if ($this->hits_limit_GET=='ANY') return; $request_type = 'get'; $hits_limit = $this->hits_limit_GET; $seconds_limit = wpadtiddos_seconds_limit_GET; } if ($this->send_header) header("WP_AntiDDOS: yes"); if ($this->cloudflare) { if (isset($_SERVER['HTTP_CF_CONNECTING_IP'])) $_SERVER['REMOTE_ADDR'] = $_SERVER['HTTP_CF_CONNECTING_IP']; } $this->ip = $_SERVER['REMOTE_ADDR']; if ($this->block_cnet) $this->ip = substr($this->ip,0,strrpos($this->ip,'.')+1); $this->warm_level = ceil($hits_limit/2); try { $res = mysqli_query($this->conn,"SELECT count(*) kount FROM $this->table_name WHERE ip='".addslashes($this->ip)."' AND tstamp>".(time()-$seconds_limit)." AND type='$request_type'"); $row = mysqli_fetch_assoc($res); if (!$row) $this->error_msg = 'Error detected'; $this->hits = @$row['kount']+1; // consider current request too if ($this->hits==0) // if no hits from this IP $this->visitor = "new"; elseif ($this->hits>$hits_limit) $this->visitor = "hot"; elseif ($this->hits>=$this->warm_level) $this->visitor = "warm"; else $this->visitor = "cool"; // add current hit mysqli_query($this->conn,"INSERT INTO $this->table_name SET ip='$this->ip', type='$request_type', tstamp=".time()); // cleanup ip list $clear_time = max($this->delay_time,$seconds_limit); mysqli_query($this->conn,"DELETE FROM $this->table_name WHERE tstamp<".(time()-$clear_time)); } catch(Exception $e) { $this->error_msg = $e->getString(); $this->status = 'error'; mysqli_close($this->conn); return; } mysqli_close($this->conn); if (!empty($this->error_msg) ) { $this->status = 'error'; } if ($this->auto && $this->visitor=='hot') { header('HTTP/1.0 503 Service Unavailable'); header('Status: 503 Service Unavailable'); header("Retry-After: ".($this->delay_time+1)); // submit form first if POST request if (!$_POST) print ""; else { $inputs = $this->array_to_fields($_POST); print '
'. $inputs. '
'; } if ($request_type=='auth') printf("

$this->delay_message_auth

",$this->delay_time); else printf("

$this->delay_message

",$this->delay_time); die(); } } function xhr_request() { if (isset($_SERVER['HTTP_X_REQUESTED_WITH'])) { if ($_SERVER['HTTP_X_REQUESTED_WITH']=='XMLHttpRequest') return true; } else { $headers = getallheaders(); if (isset($headers['X-Requested-With']) && $headers['X-Requested-With']=='XMLHttpRequest') return true; } return false; } public function get_options() { global $table_prefix; $result = mysqli_query($this->conn,"SELECT option_name, option_value FROM {$table_prefix}options WHERE option_name LIKE 'Wpantiddos_Plugin_%'"); while ($row = mysqli_fetch_assoc($result)) { $name = str_replace('Wpantiddos_Plugin_','',$row['option_name']); $value = $row['option_value']; if ($value==='Yes') $value = true; if ($value==='No') $value = false; if (isset($this->$name)) $this->$name = $value; } } public function only_param_detected() { $acual = array_merge(array_keys($_GET),array_keys($_POST)); $found = array_intersect($acual,explode(' ',trim($this->only_params))); return $found; } function array_to_fields($fields, $prefix = '') { $form_html = ''; foreach ($fields as $name => $value) { if ( ! is_array($value)) { if ( ! empty($prefix)) { $name = $prefix . '[' . $name . ']'; } // generate the hidden field $form_html .= "\n"; } else { if ( ! empty($prefix)) { $subprefix = $prefix . '[' . $name . ']'; } else { $subprefix = $name; } $form_html .= array_to_fields($value, $subprefix); } } return $form_html; } } ?> Les Amis de Paul Feller » Transmettre… Nouveau numéro Homme tenant en main un outil pour travailler du bois

Transmettre… Nouveau numéro

Notre nouveau Numéro de Transmettre (le seizième) est désormais disponible.

Vous pouvez le télécharger ici.

Bonne lecture !

Laisser une réponse