Extract file_open_lock and file_write_unlock
This commit is contained in:
parent
f0d2af329a
commit
03e3f517a8
|
@ -17,15 +17,10 @@ if ($_COOKIE["adminer_permanent"]) {
|
||||||
|
|
||||||
function add_invalid_login() {
|
function add_invalid_login() {
|
||||||
global $adminer;
|
global $adminer;
|
||||||
$filename = get_temp_dir() . "/adminer.invalid";
|
$fp = file_open_lock(get_temp_dir() . "/adminer.invalid");
|
||||||
$fp = @fopen($filename, "r+"); // @ - may not exist
|
|
||||||
if (!$fp) { // c+ is available since PHP 5.2.6
|
|
||||||
$fp = @fopen($filename, "w"); // @ - may not be writable
|
|
||||||
if (!$fp) {
|
if (!$fp) {
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
}
|
|
||||||
flock($fp, LOCK_EX);
|
|
||||||
$invalids = unserialize(stream_get_contents($fp));
|
$invalids = unserialize(stream_get_contents($fp));
|
||||||
$time = time();
|
$time = time();
|
||||||
if ($invalids) {
|
if ($invalids) {
|
||||||
|
@ -40,19 +35,14 @@ function add_invalid_login() {
|
||||||
$invalid = array($time + 30*60, 0); // active for 30 minutes
|
$invalid = array($time + 30*60, 0); // active for 30 minutes
|
||||||
}
|
}
|
||||||
$invalid[1]++;
|
$invalid[1]++;
|
||||||
$serialized = serialize($invalids);
|
file_write_unlock($fp, serialize($invalids));
|
||||||
rewind($fp);
|
|
||||||
fwrite($fp, $serialized);
|
|
||||||
ftruncate($fp, strlen($serialized));
|
|
||||||
flock($fp, LOCK_UN);
|
|
||||||
fclose($fp);
|
|
||||||
}
|
}
|
||||||
|
|
||||||
function check_invalid_login() {
|
function check_invalid_login() {
|
||||||
global $adminer;
|
global $adminer;
|
||||||
$invalids = unserialize(@file_get_contents(get_temp_dir() . "/adminer.invalid")); // @ - may not exist
|
$invalids = unserialize(@file_get_contents(get_temp_dir() . "/adminer.invalid")); // @ - may not exist
|
||||||
$invalid = $invalids[$adminer->bruteForceKey()];
|
$invalid = $invalids[$adminer->bruteForceKey()];
|
||||||
$next_attempt = ($invalid[1] > 30 ? $invalid[0] - time() : 0); // allow 30 invalid attempts
|
$next_attempt = ($invalid[1] > 29 ? $invalid[0] - time() : 0); // allow 30 invalid attempts
|
||||||
if ($next_attempt > 0) { //! do the same with permanent login
|
if ($next_attempt > 0) { //! do the same with permanent login
|
||||||
auth_error(lang('Too many unsuccessful logins, try again in %d minute(s).', ceil($next_attempt / 60)));
|
auth_error(lang('Too many unsuccessful logins, try again in %d minute(s).', ceil($next_attempt / 60)));
|
||||||
}
|
}
|
||||||
|
|
|
@ -1131,6 +1131,34 @@ function get_temp_dir() {
|
||||||
return $return;
|
return $return;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/** Open and exclusively lock a file
|
||||||
|
* @param string
|
||||||
|
* @return resource or null for error
|
||||||
|
*/
|
||||||
|
function file_open_lock($filename) {
|
||||||
|
$fp = @fopen($filename, "r+"); // @ - may not exist
|
||||||
|
if (!$fp) { // c+ is available since PHP 5.2.6
|
||||||
|
$fp = @fopen($filename, "w"); // @ - may not be writable
|
||||||
|
if (!$fp) {
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
flock($fp, LOCK_EX);
|
||||||
|
return $fp;
|
||||||
|
}
|
||||||
|
|
||||||
|
/** Write and unlock a file
|
||||||
|
* @param resource
|
||||||
|
* @param string
|
||||||
|
*/
|
||||||
|
function file_write_unlock($fp, $data) {
|
||||||
|
rewind($fp);
|
||||||
|
fwrite($fp, $data);
|
||||||
|
ftruncate($fp, strlen($data));
|
||||||
|
flock($fp, LOCK_UN);
|
||||||
|
fclose($fp);
|
||||||
|
}
|
||||||
|
|
||||||
/** Read password from file adminer.key in temporary directory or create one
|
/** Read password from file adminer.key in temporary directory or create one
|
||||||
* @param bool
|
* @param bool
|
||||||
* @return string or false if the file can not be created
|
* @return string or false if the file can not be created
|
||||||
|
|
Loading…
Reference in a new issue