Galleries/PHPGallery
1
0
Fork 0
mirror of https://github.com/Fluffy-Bean/image-gallery.git synced 2025-05-19 18:04:53 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

Finalised Ban/Log system

Browse source
This commit is contained in:
Michał Gdula 2022-09-15 17:13:36 +00:00
parent 6f39ca7759
commit 8d291d0c7d
2 changed files with 177 additions and 145 deletions
Download patch file Download diff file Expand all files Collapse all files

4
account.php
View file

@ -72,7 +72,7 @@
?> ?>
</div> </div>
<br> <br>
<h3>Bans/Timeouts</h3> <h3>Bans</h3>
<div id="bans" class="bans"> <div id="bans" class="bans">
<?php <?php
// Reading images from table // Reading images from table
@ -88,7 +88,7 @@
<p><?php echo $ban['id']; ?></p> <p><?php echo $ban['id']; ?></p>
<p><?php echo $ban['ipaddress']; ?></p> <p><?php echo $ban['ipaddress']; ?></p>
<p><?php echo $ban['reason']; ?></p> <p><?php echo $ban['reason']; ?></p>
<p><?php echo $ban['length']; ?></p> <p><?php echo $ban['length']; ?> mins</p>
<?php <?php
$log_time = new DateTime($ban['time']); $log_time = new DateTime($ban['time']);
echo "<p>" . $log_time->format('d/m/Y H:i:s T') . "<br>" . $diff->time($ban['time']) . "</p>"; echo "<p>" . $log_time->format('d/m/Y H:i:s T') . "<br>" . $diff->time($ban['time']) . "</p>";

88
app/account/account.php
View file

@ -19,20 +19,10 @@ $user_ip = $user_info->get_ip();
|------------------------------------------------------------- |-------------------------------------------------------------
*/ */
if (isset($_POST['submit_login'])) { if (isset($_POST['submit_login'])) {
/*
|-------------------------------------------------------------
| Set error status to 0
|-------------------------------------------------------------
| if there are more than 0 error, then they cannot submit a
| request
|-------------------------------------------------------------
*/
$error = 0; $error = 0;
$ban_query = mysqli_query($conn, "SELECT * FROM bans WHERE ipaddress = '$user_ip' ORDER BY id DESC LIMIT 1");
$sql = "SELECT * FROM bans WHERE ipaddress = '$user_ip' ORDER BY id DESC LIMIT 1"; while ($ban_check = mysqli_fetch_assoc($ban_query)) {
$query = mysqli_query($conn, $sql);
while ($ban_check = mysqli_fetch_assoc($query)) {
$ban_time = $ban_check['time']; $ban_time = $ban_check['time'];
$ban_perm = $ban_check['permanent']; $ban_perm = $ban_check['permanent'];
} }
@ -45,29 +35,36 @@ if (isset($_POST['submit_login'])) {
sniffleAdd('Bye bye!', 'You have been banned, contact the owner if you feel that this was a mistake', 'var(--red)', 'assets/icons/warning.svg'); sniffleAdd('Bye bye!', 'You have been banned, contact the owner if you feel that this was a mistake', 'var(--red)', 'assets/icons/warning.svg');
</script> </script>
<?php <?php
$error += 1; $error += 1;
} elseif (($ban_diff / 60) <= 60) { } elseif (($ban_diff / 60) <= 60) {
?> ?>
<script> <script>
sniffleAdd('Slow down!', 'You have attempted to login too many times in the last 10 minutes. Come back in <?php echo round(60-($ban_diff/60)); ?> minutes', 'var(--red)', 'assets/icons/warning.svg'); sniffleAdd('Slow down!', 'You have attempted to login/signup too many times in 10 minutes. Come back in <?php echo round(60-($ban_diff/60)); ?> minutes', 'var(--red)', 'assets/icons/warning.svg');
</script> </script>
<?php <?php
$error += 1; $error += 1;
} else { } else {
$attemps = 0; $attemps = 0;
$log_query = mysqli_query($conn, "SELECT * FROM logs WHERE ipaddress = '$user_ip' ORDER BY id DESC LIMIT 5");
$sql = "SELECT * FROM logs WHERE ipaddress = '$user_ip' ORDER BY id DESC LIMIT 5"; while ($log_array = mysqli_fetch_assoc($log_query)) {
$query = mysqli_query($conn, $sql);
while ($log_array = mysqli_fetch_assoc($query)) {
$log_diff = time() - strtotime($log_array['time']); $log_diff = time() - strtotime($log_array['time']);
if ($log_array['action'] == 'Failed to enter correct Password' && ($log_diff / 60) <= 10) { if ($log_array['action'] == 'Failed to enter correct Password' && ($log_diff / 60) <= 10) {
$attemps += 1; $attemps += 1;
} elseif ($log_array['action'] == 'Failed to enter correct Invite Code' && ($log_diff / 60) <= 10) {
$attemps += 1;
} }
} }
if ($attemps >= 5) { if ($attemps >= 5) {
mysqli_query($conn,"INSERT INTO bans (ipaddress, reason, length, permanent) VALUES('$user_ip','Attempted password too many times', '60', '0')"); mysqli_query($conn,"INSERT INTO bans (ipaddress, reason, length, permanent) VALUES('$user_ip','Attempted password too many times', '60', '0')");
} else { }
}
if ($error <= 0) {
// Checking if Username is empty // Checking if Username is empty
if (empty(trim($_POST["username"]))) { if (empty(trim($_POST["username"]))) {
?> ?>
@ -92,8 +89,6 @@ if (isset($_POST['submit_login'])) {
$password = trim($_POST["password"]); $password = trim($_POST["password"]);
} }
} }
}
if ($error <= 0) { if ($error <= 0) {
// Prepare so SQL doesnt get spooked // Prepare so SQL doesnt get spooked
@ -174,16 +169,52 @@ if (isset($_POST['submit_login'])) {
|------------------------------------------------------------- |-------------------------------------------------------------
*/ */
if (isset($_POST['submit_signup'])) { if (isset($_POST['submit_signup'])) {
/*
|-------------------------------------------------------------
| Set error status to 0
|-------------------------------------------------------------
| if there are more than 0 error, then they cannot submit a
| request
|-------------------------------------------------------------
*/
$error = 0; $error = 0;
$ban_query = mysqli_query($conn, "SELECT * FROM bans WHERE ipaddress = '$user_ip' ORDER BY id DESC LIMIT 1");
while ($ban_check = mysqli_fetch_assoc($ban_query)) {
$ban_time = $ban_check['time'];
$ban_perm = $ban_check['permanent'];
}
$ban_diff = time() - strtotime($ban_time);
if ($ban_perm) {
?>
<script>
sniffleAdd('Bye bye!', 'You have been banned, contact the owner if you feel that this was a mistake', 'var(--red)', 'assets/icons/warning.svg');
</script>
<?php
$error += 1;
} elseif (($ban_diff / 60) <= 60) {
?>
<script>
sniffleAdd('Slow down!', 'You have attempted to login/signup too many times in 10 minutes. Come back in <?php echo round(60-($ban_diff/60)); ?> minutes', 'var(--red)', 'assets/icons/warning.svg');
</script>
<?php
$error += 1;
} else {
$attemps = 0;
$log_query = mysqli_query($conn, "SELECT * FROM logs WHERE ipaddress = '$user_ip' ORDER BY id DESC LIMIT 5");
while ($log_array = mysqli_fetch_assoc($log_query)) {
$log_diff = time() - strtotime($log_array['time']);
if ($log_array['action'] == 'Failed to enter correct Password' && ($log_diff / 60) <= 10) {
$attemps += 1;
} elseif ($log_array['action'] == 'Failed to enter correct Invite Code' && ($log_diff / 60) <= 10) {
$attemps += 1;
}
}
if ($attemps >= 5) {
mysqli_query($conn,"INSERT INTO bans (ipaddress, reason, length, permanent) VALUES('$user_ip','Attempted password too many times', '60', '0')");
}
}
if ($error <= 0) {
if (empty(trim($_POST["username"]))) { if (empty(trim($_POST["username"]))) {
// Username not entered // Username not entered
?> ?>
@ -326,6 +357,7 @@ if (isset($_POST['submit_signup'])) {
} }
} }
} }
}
// Checking for errors // Checking for errors
if ($error <= 0) { if ($error <= 0) {