X-Git-Url: https://git.mxchange.org/?a=blobdiff_plain;f=libs%2Flib_connect.php;h=37474162e5dce1a20fe2a1e117746af2c3a6f309;hb=4922a297cb2fe1801306722f1b1a72553706f135;hp=800b07eb6b497c8e23192276ec37e0a2c1151bef;hpb=378878d64bce3f2bf0c32a7b47d5a6406d46b81a;p=ctracker.git diff --git a/libs/lib_connect.php b/libs/lib_connect.php index 800b07e..3747416 100644 --- a/libs/lib_connect.php +++ b/libs/lib_connect.php @@ -4,7 +4,7 @@ * * @author Roland Haeder * @version 3.0.0 - * @copyright Copyright (c) 2009 Cracker Tracker Team + * @copyright Copyright (c) 2009, 2010 Cracker Tracker Team * @license GNU GPL 3.0 or any newer version * @link http://www.ship-simu.org * @@ -33,7 +33,10 @@ function aquireCrackerTrackerDatabaseLink () { if (!mysql_select_db($GLOBALS['ctracker_dbname'], $GLOBALS['ctracker_link'])) { // Attempt has failed crackerTrackerDatabaseError(__FUNCTION__, __LINE__); - } // END - if + } elseif (isCrackerTrackerTableCreated('ctracker_config')) { + // Load the config + crackerTrackerLoadConfig(); + } } // END - if } @@ -76,18 +79,20 @@ function crackerTrackerCloseDatabaseLink () { } // Inserts given array, if IP/check_worm combination was not found -function crackerTrackerInsertArray ($rowData) { +function crackerTrackerInsertArray ($table, $rowData) { // Is it found? if (!isCrackerTrackerEntryFound($rowData)) { - // Insert first attempt stamp - $rowData['first_attempt'] = 'NOW()'; - $rowData['count'] = '1'; - // Prepare SQL - $SQL = 'INSERT INTO `ctracker_data` (`' . implode('`,`', array_keys($rowData)) . '`) VALUES(' . implode_secure($rowData) . ')'; + $SQL = 'INSERT INTO `' . $table . '` (`' . implode('`,`', array_keys($rowData)) . '`) VALUES(' . implode_secure($rowData) . ')'; + + // Reset insert id + $GLOBALS['ctracker_last_insert_id'] = false; // Run it runCrackerTrackerSql($SQL, __FUNCTION__, __LINE__); + + // Remember the last insert id + $GLOBALS['ctracker_last_insert_id'] = mysql_insert_id($GLOBALS['ctracker_link']) or crackerTrackerDatabaseError(__FUNCTION__, __LINE__); } else { // Only update the entry updateCrackerTrackerEntry($rowData); @@ -103,10 +108,10 @@ function updateCrackerTrackerEntry ($rowData) { runCrackerTrackerSql($SQL, __FUNCTION__, __LINE__); } -// Checks if an entry with IP/check_worm combination is there +// Checks if an entry with IP/check_worm/domain combination is there function isCrackerTrackerEntryFound ($rowData) { // Construct the SELECT query - $SQL = 'SELECT `id` FROM `ctracker_data` WHERE `remote_addr`="' . crackerTrackerEscapeString($rowData['remote_addr']) . '" AND `check_worm` = "' . crackerTrackerEscapeString($rowData['check_worm']) . '" LIMIT 1'; + $SQL = 'SELECT `id` FROM `ctracker_data` WHERE `remote_addr`="' . crackerTrackerEscapeString($rowData['remote_addr']) . '" AND `check_worm` = "' . crackerTrackerEscapeString($rowData['check_worm']) . '" AND `server_name`="' . crackerTrackerEscapeString($rowData['server_name']) . '" LIMIT 1'; // Run the SQL and check if we have one line return (mysql_num_rows(runCrackerTrackerSql($SQL, __FUNCTION__, __LINE__)) == 1); @@ -151,5 +156,216 @@ function runCrackerTrackerSql ($SQL, $F, $L) { return $GLOBALS['ctracker_last_result']; } +// Checks wether a table was found +function isCrackerTrackerTableCreated ($table) { + // Default is not found + $found = false; + + // Run the query + $result = runCrackerTrackerSql('SHOW TABLES', __FUNCTION__, __LINE__); + + // Is our table there? + while (list($tab) = mysql_fetch_row($result)) { + // Is the table there? + if ($tab == $table) { + // Okay, found. So abort + $found = true; + break; + } // END - if + } // END - if + + // Free result + mysql_free_result($result) or crackerTrackerDatabaseError(__FUNCTION__, __LINE__); + + // Return result + return $found; +} + +// Creates the given table with columns +function crackerTrackerCreateTable ($table, array $columns, array $keys) { + // Begin the SQL + $SQL = 'CREATE TABLE IF NOT EXISTS `' . $table . '` ('; + + // Add table name as first column + $SQL .= '`' . $table . '` BIGINT ( 20 ) UNSIGNED NOT NULL AUTO_INCREMENT, '; + + // Add all columns + foreach ($columns as $column=>$type) { + // Add this entry + $SQL .= '`' . $column . '` ' . $type . ', '; + } // END - foreach + + // Add table name as primary key + $SQL .= 'PRIMARY KEY (`' . $table . '`), '; + + // Add keys + foreach ($keys as $key=>$type) { + // Add this entry + $SQL .= '' . $type . ' (`' . $key . '`), '; + } // END - foreach + + // Finish SQL + $SQL = substr($SQL, 0, -2) . ') TYPE=InnoDB'; + + // And run it + runCrackerTrackerSql($SQL); +} + +// Inits a table by inserting +function crackerTrackerInitTable ($table) { + // Prepare SQL and run it + runCrackerTrackerSql('INSERT INTO `' . $table . '` (`' . $table . '`) VALUES (NULL)'); +} + +// Updates the database scheme automatically +function crackerTrackerUpdateDatabaseScheme () { + // Is the main config table there? + if (!isCrackerTrackerTableCreated('ctracker_config')) { + // Then do it for us + crackerTrackerCreateTable('ctracker_config', array( + 'ctracker_db_version' => 'BIGINT ( 20 ) UNSIGNED NOT NULL DEFAULT 0', + 'ctracker_min_sleep' => 'SMALLINT ( 5 ) UNSIGNED NOT NULL DEFAULT 10', + 'ctracker_max_sleep' => 'SMALLINT ( 5 ) UNSIGNED NOT NULL DEFAULT 30', + 'ctracker_alert_user' => "ENUM('Y','N') NOT NULL DEFAULT 'Y'", + 'ctracker_language' => "CHAR ( 2) NOT NULL DEFAULT 'en'" + ), array()); + + // Init that table + crackerTrackerInitTable('ctracker_config'); + } // END - if + + // Init update array here + crackerTrackerInitUpdates(); + + // Run any SQL updates recursively + while (isset($GLOBALS['ctracker_updates'][getCrackerTrackerConfig('ctracker_db_version')])) { + // Run that updates + runCrackerTrackerUpdates(getCrackerTrackerConfig('ctracker_db_version')); + + // Update config + runCrackerTrackerSql('UPDATE `ctracker_config` SET `ctracker_db_version`=`ctracker_db_version`+1 WHERE `ctracker_config`=1 LIMIT 1', __FUNCTION__, __LINE__); + + // And count it up in the config array + $GLOBALS['ctracker_config']['ctracker_db_version']++; + } // END - if +} + +// Load the configuration +function crackerTrackerLoadConfig () { + // Construct SQL command and run it + $result = runCrackerTrackerSql('SELECT * FROM `ctracker_config` WHERE `ctracker_config`=1 LIMIT 1', __FUNCTION__, __LINE__); + + // And get it + $GLOBALS['ctracker_config'] = mysql_fetch_array($result); + + // Free result + mysql_free_result($result) or crackerTrackerDatabaseError(__FUNCTION__, __LINE__); +} + +// Getter for config +function getCrackerTrackerConfig ($entry) { + // Is the config entry there? + if (!isset($GLOBALS['ctracker_config'][$entry])) { + // Then better die here, else we may have an endless loop + if (isCrackerTrackerDebug()) { + // Nicer message in debug mode + die('Configuration entry ' . $entry . ' missing!'); + } else { + // die() on production systems + die(); + } + } // END - if + + // Return it + return $GLOBALS['ctracker_config'][$entry]; +} + +// Did the current IP already generated blocked attempts? +function isCrackerTrackerIpSuspicious () { + // We only need the very last attempt to get! + $result = runCrackerTrackerSql("SELECT * FROM `ctracker_data` WHERE `remote_addr`='" . determineCrackerTrackerRealRemoteAddress() . "' ORDER BY `last_attempt` DESC LIMIT 1", __FUNCTION__, __LINE__); + + // Do we have entries? + $found = (mysql_num_rows($result) == 1); + + // And again? + if ($found === true) { + // Cache the entry + $GLOBALS['ctracker_last_suspicious_entry'] = mysql_fetch_array($result); + } // END - if + + // Free result + mysql_free_result($result) or crackerTrackerDatabaseError(__FUNCTION__, __LINE__); + + // Return the result + return $found; +} + +// Does the current IP have a ticket? +function ifCrackerTrackerIpHasTicket () { + // We only give one ticket per IP! + $result = runCrackerTrackerSql("SELECT * FROM `ctracker_ticket` WHERE `ctracker_ticket_remote_addr`='" . determineCrackerTrackerRealRemoteAddress() . "' LIMIT 1", __FUNCTION__, __LINE__); + + // Do we have a ticket? + $found = (mysql_num_rows($result) == 1); + + // And again? + if ($found === true) { + // Cache the ticket data + $GLOBALS['ctracker_last_ticket'] = mysql_fetch_array($result); + } // END - if + + // Free result + mysql_free_result($result) or crackerTrackerDatabaseError(__FUNCTION__, __LINE__); + + // Return the result + return $found; +} + +// Adds a ticket based on given (mostly $_POST) data +function addCrackerTrackerTicket (array $data) { + // Prepare the array + $GLOBALS['ctracker_last_ticket'] = array( + 'ctracker_ticket_remote_addr' => determineCrackerTrackerRealRemoteAddress(), + 'ctracker_ticket_user_agent' => crackerTrackerUserAgent(), + 'ctracker_ticket_name' => crackerTrackerSecureString($data['name']), + 'ctracker_ticket_email' => crackerTrackerSecureString($data['email']), + 'ctracker_ticket_comment' => crackerTrackerSecureString($data['comment']) + ); + + // Insert it + crackerTrackerInsertArray('ctracker_ticket', $GLOBALS['ctracker_last_ticket']); + + // Is there an entry? + if ((isset($GLOBALS['ctracker_last_insert_id'])) && ($GLOBALS['ctracker_last_insert_id'] > 0)) { + // All fine, so prepare the link between ticket<->data + $data = array( + 'ctracker_ticket_id' => $GLOBALS['ctracker_last_insert_id'], + 'ctracker_data_id' => $GLOBALS['ctracker_last_suspicious_entry']['id'] + ); + + // And insert it as well + crackerTrackerInsertArray('ctracker_ticket_data', $data); + + // Add ticket id again + $GLOBALS['ctracker_ticket'] = $data['ctracker_ticket_id']; + + // Merge all data for emails + $GLOBALS['ctracker_last_ticket'] = array_merge($GLOBALS['ctracker_last_ticket'], $data); + + // Is this also there? + if ((isset($GLOBALS['ctracker_last_insert_id'])) && ($GLOBALS['ctracker_last_insert_id'] > 0)) { + // All fine, so display "thank you page" + crackerTrackerLoadTemplate('add_ticket_thanks'); + } else { + // Did not insert + crackerTrackerDie(); + } + } else { + // Did not insert + crackerTrackerDie(); + } +} + // [EOF] ?>