limits.php 2.75 KB
Newer Older
Scott committed
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21
<?php
/*
	Question2Answer by Gideon Greenspan and contributors
	http://www.question2answer.org/

	Description: Database-level access to tables which monitor rate limits


	This program is free software; you can redistribute it and/or
	modify it under the terms of the GNU General Public License
	as published by the Free Software Foundation; either version 2
	of the License, or (at your option) any later version.

	This program is distributed in the hope that it will be useful,
	but WITHOUT ANY WARRANTY; without even the implied warranty of
	MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
	GNU General Public License for more details.

	More about this license: http://www.question2answer.org/license.php
*/

Scott committed
22
if (!defined('QA_VERSION')) { // don't allow this page to be requested directly from browser
23
	header('Location: ../../');
Scott committed
24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44
	exit;
}


/**
 * Get rate limit information for $action from the database for user $userid and/or IP address $ip, if they're set.
 * Return as an array with the limit type in the key, and a labelled array of the period and count.
 * @param $userid
 * @param $ip
 * @param $action
 * @return array
 */
function qa_db_limits_get($userid, $ip, $action)
{
	$selects = array();
	$arguments = array();

	if (isset($userid)) {
		$selects[] = "(SELECT 'user' AS limitkey, period, count FROM ^userlimits WHERE userid=$ AND action=$)";
		$arguments[] = $userid;
		$arguments[] = $action;
Scott committed
45 46
	}

Scott committed
47
	if (isset($ip)) {
48 49
		$selects[] = "(SELECT 'ip' AS limitkey, period, count FROM ^iplimits WHERE ip=UNHEX($) AND action=$)";
		$arguments[] = bin2hex(@inet_pton($ip));
Scott committed
50
		$arguments[] = $action;
Scott committed
51 52
	}

Scott committed
53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88
	if (count($selects)) {
		$query = qa_db_apply_sub(implode(' UNION ALL ', $selects), $arguments);
		return qa_db_read_all_assoc(qa_db_query_raw($query), 'limitkey');

	} else
		return array();
}


/**
 * Increment the database rate limit count for user $userid and $action by $count within $period
 * @param $userid
 * @param $action
 * @param $period
 * @param $count
 */
function qa_db_limits_user_add($userid, $action, $period, $count)
{
	qa_db_query_sub(
		'INSERT INTO ^userlimits (userid, action, period, count) VALUES ($, $, #, #) ' .
		'ON DUPLICATE KEY UPDATE count=IF(period=#, count+#, #), period=#',
		$userid, $action, $period, $count, $period, $count, $count, $period
	);
}


/**
 * Increment the database rate limit count for IP address $ip and $action by $count within $period
 * @param $ip
 * @param $action
 * @param $period
 * @param $count
 */
function qa_db_limits_ip_add($ip, $action, $period, $count)
{
	qa_db_query_sub(
89
		'INSERT INTO ^iplimits (ip, action, period, count) VALUES (UNHEX($), $, #, #) ' .
Scott committed
90
		'ON DUPLICATE KEY UPDATE count=IF(period=#, count+#, #), period=#',
91
		bin2hex(@inet_pton($ip)), $action, $period, $count, $period, $count, $count, $period
Scott committed
92 93
	);
}