From 03e3f517a8502bac2b224e20ceb641d6753fddb0 Mon Sep 17 00:00:00 2001
From: Jakub Vrana <jakub@vrana.cz>
Date: Wed, 24 Jan 2018 12:04:53 +0100
Subject: [PATCH] Extract file_open_lock and file_write_unlock

---
 adminer/include/auth.inc.php      | 20 +++++---------------
 adminer/include/functions.inc.php | 28 ++++++++++++++++++++++++++++
 2 files changed, 33 insertions(+), 15 deletions(-)

diff --git a/adminer/include/auth.inc.php b/adminer/include/auth.inc.php
index 22ff2403..f3caae8b 100644
--- a/adminer/include/auth.inc.php
+++ b/adminer/include/auth.inc.php
@@ -17,15 +17,10 @@ if ($_COOKIE["adminer_permanent"]) {
 
 function add_invalid_login() {
 	global $adminer;
-	$filename = get_temp_dir() . "/adminer.invalid";
-	$fp = @fopen($filename, "r+"); // @ - may not exist
-	if (!$fp) { // c+ is available since PHP 5.2.6
-		$fp = @fopen($filename, "w"); // @ - may not be writable
-		if (!$fp) {
-			return;
-		}
+	$fp = file_open_lock(get_temp_dir() . "/adminer.invalid");
+	if (!$fp) {
+		return;
 	}
-	flock($fp, LOCK_EX);
 	$invalids = unserialize(stream_get_contents($fp));
 	$time = time();
 	if ($invalids) {
@@ -40,19 +35,14 @@ function add_invalid_login() {
 		$invalid = array($time + 30*60, 0); // active for 30 minutes
 	}
 	$invalid[1]++;
-	$serialized = serialize($invalids);
-	rewind($fp);
-	fwrite($fp, $serialized);
-	ftruncate($fp, strlen($serialized));
-	flock($fp, LOCK_UN);
-	fclose($fp);
+	file_write_unlock($fp, serialize($invalids));
 }
 
 function check_invalid_login() {
 	global $adminer;
 	$invalids = unserialize(@file_get_contents(get_temp_dir() . "/adminer.invalid")); // @ - may not exist
 	$invalid = $invalids[$adminer->bruteForceKey()];
-	$next_attempt = ($invalid[1] > 30 ? $invalid[0] - time() : 0); // allow 30 invalid attempts
+	$next_attempt = ($invalid[1] > 29 ? $invalid[0] - time() : 0); // allow 30 invalid attempts
 	if ($next_attempt > 0) { //! do the same with permanent login
 		auth_error(lang('Too many unsuccessful logins, try again in %d minute(s).', ceil($next_attempt / 60)));
 	}
diff --git a/adminer/include/functions.inc.php b/adminer/include/functions.inc.php
index 1d3ecf75..d1e546bb 100644
--- a/adminer/include/functions.inc.php
+++ b/adminer/include/functions.inc.php
@@ -1131,6 +1131,34 @@ function get_temp_dir() {
 	return $return;
 }
 
+/** Open and exclusively lock a file
+* @param string
+* @return resource or null for error
+*/
+function file_open_lock($filename) {
+	$fp = @fopen($filename, "r+"); // @ - may not exist
+	if (!$fp) { // c+ is available since PHP 5.2.6
+		$fp = @fopen($filename, "w"); // @ - may not be writable
+		if (!$fp) {
+			return;
+		}
+	}
+	flock($fp, LOCK_EX);
+	return $fp;
+}
+
+/** Write and unlock a file
+* @param resource
+* @param string
+*/
+function file_write_unlock($fp, $data) {
+	rewind($fp);
+	fwrite($fp, $data);
+	ftruncate($fp, strlen($data));
+	flock($fp, LOCK_UN);
+	fclose($fp);
+}
+
 /** Read password from file adminer.key in temporary directory or create one
 * @param bool
 * @return string or false if the file can not be created