+// Checks wether a table was found
+function isCrackerTrackerTableCreated ($table) {
+ // Default is not found
+ $found = FALSE;
+
+ // Run the query
+ $result = runCrackerTrackerSql('SHOW TABLES', __FUNCTION__, __LINE__);
+
+ // Is our table there?
+ while (list($tab) = mysqli_fetch_row($result)) {
+ // Debug message
+ //* NOISY-DEBUG: */ error_log('tab=' . $tab);
+
+ // Is the table there?
+ if ($tab == $table) {
+ // Okay, found. So abort
+ $found = TRUE;
+ break;
+ } // END - if
+ } // END - if
+
+ // Free result
+ freeCrackerTrackerResult($result);
+
+ // Return result
+ return $found;
+}
+
+// Creates the given table with columns
+function crackerTrackerCreateTable ($table, array $columns, array $keys) {
+ // Begin the SQL
+ $sqlString = 'CREATE TABLE IF NOT EXISTS `' . $table . '` (';
+
+ // Add table name as first column
+ $sqlString .= '`' . $table . '` BIGINT ( 20 ) UNSIGNED NOT NULL AUTO_INCREMENT, ';
+
+ // Add all columns
+ foreach ($columns as $column=>$type) {
+ // Add this entry
+ $sqlString .= '`' . $column . '` ' . $type . ', ';
+ } // END - foreach
+
+ // Add table name as primary key
+ $sqlString .= 'PRIMARY KEY (`' . $table . '`), ';
+
+ // Add keys
+ foreach ($keys as $key=>$type) {
+ // Add this entry
+ $sqlString .= '' . $type . ' (`' . $key . '`), ';
+ } // END - foreach
+
+ // Finish SQL
+ $sqlString = substr($sqlString, 0, -2) . ') TYPE=InnoDB';
+
+ // And run it
+ runCrackerTrackerSql($sqlString);
+}
+
+// Inits a table by inserting
+function crackerTrackerInitTable ($table) {
+ // Prepare SQL and run it
+ runCrackerTrackerSql('INSERT INTO `' . $table . '` (`' . $table . '`) VALUES (NULL)');
+}
+
+// Updates the database scheme automatically
+function crackerTrackerUpdateDatabaseScheme () {
+ // Is a link there?
+ if (!isCrackerTrackerDatabaseLinkUp()) {
+ // Abort here silently
+ return;
+ } // END - if
+
+ // Is the main config table there?
+ if (!isCrackerTrackerTableCreated('ctracker_config')) {
+ // Then do it for us
+ crackerTrackerCreateTable('ctracker_config', array(
+ 'ctracker_db_version' => 'BIGINT ( 20 ) UNSIGNED NOT NULL DEFAULT 0',
+ 'ctracker_min_sleep' => 'SMALLINT ( 5 ) UNSIGNED NOT NULL DEFAULT 10',
+ 'ctracker_max_sleep' => 'SMALLINT ( 5 ) UNSIGNED NOT NULL DEFAULT 30',
+ 'ctracker_alert_user' => "ENUM('Y','N') NOT NULL DEFAULT 'Y'",
+ 'ctracker_language' => "CHAR ( 2) NOT NULL DEFAULT 'en'"
+ ), array());
+
+ // Init that table
+ crackerTrackerInitTable('ctracker_config');
+ } // END - if
+
+ // Init update array here
+ crackerTrackerInitUpdates();
+
+ // Run any SQL updates recursively
+ while (isset($GLOBALS['ctracker_updates'][getCrackerTrackerConfig('ctracker_db_version')])) {
+ // Run that updates
+ runCrackerTrackerUpdates(getCrackerTrackerConfig('ctracker_db_version'));
+
+ // Update config
+ runCrackerTrackerSql('UPDATE `ctracker_config` SET `ctracker_db_version`=`ctracker_db_version`+1 WHERE `ctracker_config`=1 LIMIT 1', __FUNCTION__, __LINE__);
+
+ // And count it up in the config array
+ $GLOBALS['ctracker_config']['ctracker_db_version']++;
+ } // END - if
+}
+
+// Load the configuration
+function crackerTrackerLoadConfig () {
+ // Construct SQL command and run it
+ $result = runCrackerTrackerSql('SELECT * FROM `ctracker_config` WHERE `ctracker_config`=1 LIMIT 1', __FUNCTION__, __LINE__);
+
+ // And get it
+ $GLOBALS['ctracker_config'] = mysqli_fetch_array($result);
+
+ // Free result
+ freeCrackerTrackerResult($result);
+}
+
+// Getter for config
+function getCrackerTrackerConfig ($entry) {
+ // Is the config entry there?
+ if (!isset($GLOBALS['ctracker_config'][$entry])) {
+ // Then better die here, else we may have an endless loop
+ if (isCrackerTrackerDebug()) {
+ // Nicer message in debug mode
+ die('Configuration entry ' . $entry . ' missing!');
+ } else {
+ // die() on production systems
+ die();
+ }
+ } // END - if
+
+ // Return it
+ return $GLOBALS['ctracker_config'][$entry];
+}
+
+// Did the current IP already generated blocked attempts?
+function isCrackerTrackerIpSuspicious () {
+ // Skip this silently if we have not config
+ if (!isCrackerTrackerDatabaseLinkUp()) {
+ // Skip this step silently, all is not suspicious
+ return FALSE;
+ } // END - if
+
+ // Check if an entry is there
+ $result = runCrackerTrackerSql("SELECT COUNT(`id`) AS `cnt` FROM `ctracker_data` USE INDEX (`remote_proxy_last`) WHERE `remote_addr`='" . determineCrackerTrackerRealRemoteAddress() . "' OR `proxy_addr`='" . getenv('REMOTE_ADDR') . "' LIMIT 1", __FUNCTION__, __LINE__);
+
+ // Get row count
+ list($rows) = mysqli_fetch_row($result);
+
+ // Is there one entry?
+ $found = ($rows > 0);
+
+ // And again?
+ if ($found === TRUE) {
+ // Yes, one is found, then load it
+ $result = runCrackerTrackerSql("SELECT SQL_SMALL_RESULT * FROM `ctracker_data` USE INDEX (`remote_proxy_last`) WHERE `remote_addr`='" . determineCrackerTrackerRealRemoteAddress() . "' OR `proxy_addr`='" . getenv('REMOTE_ADDR') . "' ORDER BY `last_attempt` DESC LIMIT 1", __FUNCTION__, __LINE__);
+
+ // Cache the entry
+ $GLOBALS['ctracker_last_suspicious_entry'] = mysqli_fetch_array($result);
+ } // END - if
+
+ // Free result
+ freeCrackerTrackerResult($result);
+
+ // Return the result
+ return $found;
+}
+
+// Does the current IP have a ticket?
+function ifCrackerTrackerIpHasTicket () {
+ // We only give one ticket per IP!
+ $result = runCrackerTrackerSql("SELECT * FROM `ctracker_ticket` WHERE `ctracker_ticket_remote_addr`='" . determineCrackerTrackerRealRemoteAddress() . "' OR `ctracker_ticket_proxy_addr`='" . getenv('REMOTE_ADDR') . "' LIMIT 1", __FUNCTION__, __LINE__);
+
+ // Do we have a ticket?
+ $found = (mysqli_num_rows($result) == 1);
+
+ // And again?
+ if ($found === TRUE) {
+ // Cache the ticket data
+ $GLOBALS['ctracker_last_ticket'] = mysqli_fetch_array($result);
+ } // END - if
+
+ // Free result
+ freeCrackerTrackerResult($result);
+
+ // Return the result
+ return $found;
+}
+
+// Adds a ticket based on given (mostly $_POST) data
+function addCrackerTrackerTicket (array $data) {
+ // Prepare the array
+ $GLOBALS['ctracker_last_ticket'] = [
+ 'ctracker_ticket_remote_addr' => determineCrackerTrackerRealRemoteAddress(),
+ 'ctracker_ticket_proxy_addr' => getenv('REMOTE_ADDR'),
+ 'ctracker_ticket_user_agent' => crackerTrackerUserAgent(),
+ 'ctracker_ticket_name' => crackerTrackerSecureString($data['name']),
+ 'ctracker_ticket_email' => crackerTrackerSecureString($data['email']),
+ 'ctracker_ticket_comment' => crackerTrackerSecureString($data['comment'])
+ ];
+
+ // Insert it
+ crackerTrackerInsertArray('ctracker_ticket', $GLOBALS['ctracker_last_ticket']);
+
+ // Is there an entry?
+ if ((isset($GLOBALS['ctracker_last_insert_id'])) && ($GLOBALS['ctracker_last_insert_id'] > 0)) {
+ // All fine, so prepare the link between ticket<->data
+ $data = [
+ 'ctracker_ticket_id' => $GLOBALS['ctracker_last_insert_id'],
+ 'ctracker_data_id' => $GLOBALS['ctracker_last_suspicious_entry']['id']
+ ];
+
+ // And insert it as well
+ crackerTrackerInsertArray('ctracker_ticket_data', $data);
+
+ // Add ticket id again
+ $GLOBALS['ctracker_ticket'] = $data['ctracker_ticket_id'];
+
+ // Merge all data for emails
+ $GLOBALS['ctracker_last_ticket'] = array_merge($GLOBALS['ctracker_last_ticket'], $data);
+
+ // Is this also there?
+ if ((isset($GLOBALS['ctracker_last_insert_id'])) && ($GLOBALS['ctracker_last_insert_id'] > 0)) {
+ // All fine, so display "thank you page"
+ crackerTrackerLoadTemplate('add_ticket_thanks');
+ } else {
+ // Did not insert
+ crackerTrackerDie();
+ }
+ } else {
+ // Did not insert
+ crackerTrackerDie();
+ }
+}
+
+// Frees given result instance
+function freeCrackerTrackerResult (mysqli_result $result) {
+ // Free result
+ $result->free();
+}