Skip to content

Q
question2answer
Switch branch/tag
Find file
Normal viewHistoryPermalink
limits.php 2.75 KB
Newer Older
Fix line endings
ad9db8be
 
Scott committed
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 
<?php
/*
	Question2Answer by Gideon Greenspan and contributors
	http://www.question2answer.org/

	Description: Database-level access to tables which monitor rate limits


	This program is free software; you can redistribute it and/or
	modify it under the terms of the GNU General Public License
	as published by the Free Software Foundation; either version 2
	of the License, or (at your option) any later version.

	This program is distributed in the hope that it will be useful,
	but WITHOUT ANY WARRANTY; without even the implied warranty of
	MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
	GNU General Public License for more details.

	More about this license: http://www.question2answer.org/license.php
*/
Coding style (db functions)
f5aaabc6
 
Scott committed
22 
if (!defined('QA_VERSION')) { // don't allow this page to be requested directly from browser
Fix redirects in direct-access prevention
5206a7ff
 
Scott committed
23 
	header('Location: ../../');
Coding style (db functions)
f5aaabc6
 
Scott committed
24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 
	exit;
}


/**
 * Get rate limit information for $action from the database for user $userid and/or IP address $ip, if they're set.
 * Return as an array with the limit type in the key, and a labelled array of the period and count.
 * @param $userid
 * @param $ip
 * @param $action
 * @return array
 */
function qa_db_limits_get($userid, $ip, $action)
{
	$selects = array();
	$arguments = array();

	if (isset($userid)) {
		$selects[] = "(SELECT 'user' AS limitkey, period, count FROM ^userlimits WHERE userid=$ AND action=$)";
		$arguments[] = $userid;
		$arguments[] = $action;
Fix line endings
ad9db8be
 
Scott committed
45 46 
	}
Coding style (db functions)
f5aaabc6
 
Scott committed
47 
	if (isset($ip)) {
Use hex values for IPs in SQL queries
e871abe5
 
Scott committed
48 49 
		$selects[] = "(SELECT 'ip' AS limitkey, period, count FROM ^iplimits WHERE ip=UNHEX($) AND action=$)";
		$arguments[] = bin2hex(@inet_pton($ip));
Coding style (db functions)
f5aaabc6
 
Scott committed
50 
		$arguments[] = $action;
Fix line endings
ad9db8be
 
Scott committed
51 52 
	}
Coding style (db functions)
f5aaabc6
 
Scott committed
53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 
	if (count($selects)) {
		$query = qa_db_apply_sub(implode(' UNION ALL ', $selects), $arguments);
		return qa_db_read_all_assoc(qa_db_query_raw($query), 'limitkey');

	} else
		return array();
}


/**
 * Increment the database rate limit count for user $userid and $action by $count within $period
 * @param $userid
 * @param $action
 * @param $period
 * @param $count
 */
function qa_db_limits_user_add($userid, $action, $period, $count)
{
	qa_db_query_sub(
		'INSERT INTO ^userlimits (userid, action, period, count) VALUES ($, $, #, #) ' .
		'ON DUPLICATE KEY UPDATE count=IF(period=#, count+#, #), period=#',
		$userid, $action, $period, $count, $period, $count, $count, $period
	);
}


/**
 * Increment the database rate limit count for IP address $ip and $action by $count within $period
 * @param $ip
 * @param $action
 * @param $period
 * @param $count
 */
function qa_db_limits_ip_add($ip, $action, $period, $count)
{
	qa_db_query_sub(
Use hex values for IPs in SQL queries
e871abe5
 
Scott committed
89 
		'INSERT INTO ^iplimits (ip, action, period, count) VALUES (UNHEX($), $, #, #) ' .
Coding style (db functions)
f5aaabc6
 
Scott committed
90 
		'ON DUPLICATE KEY UPDATE count=IF(period=#, count+#, #), period=#',
Use hex values for IPs in SQL queries
e871abe5
 
Scott committed
91 
		bin2hex(@inet_pton($ip)), $action, $period, $count, $period, $count, $count, $period
Coding style (db functions)
f5aaabc6
 
Scott committed
92 93 
	);
}