paste.chapril.org-privatebin/lib/trafficlimiter.php

<?php
/**
 * PrivateBin
 *
 * a zero-knowledge paste bin
 *
 * @link      https://github.com/PrivateBin/PrivateBin
 * @copyright 2012 Sébastien SAUVAGE (sebsauvage.net)
 * @license   http://www.opensource.org/licenses/zlib-license.php The zlib/libpng License
 * @version   0.22
 */

/**
 * trafficlimiter
 *
 * Handles traffic limiting, so no user does more than one call per 10 seconds.
 */
class trafficlimiter extends persistence
{
    /**
     * time limit in seconds, defaults to 10s
     *
     * @access private
     * @static
     * @var    int
     */
    private static $_limit = 10;

    /**
     * key to fetch IP address
     *
     * @access private
     * @static
     * @var    string
     */
    private static $_ipKey = 'REMOTE_ADDR';

    /**
     * set the time limit in seconds
     *
     * @access public
     * @static
     * @param  int $limit
     * @return void
     */
    public static function setLimit($limit)
    {
        self::$_limit = $limit;
    }

    /**
     * set configuration options of the traffic limiter
     *
     * @access public
     * @static
     * @param configuration $conf
     * @return void
     */
    public static function setConfiguration(configuration $conf)
    {
        self::setLimit($conf->getKey('limit', 'traffic'));
        self::setPath($conf->getKey('dir', 'traffic'));
        if (($option = $conf->getKey('header', 'traffic')) !== null)
        {
            $httpHeader = 'HTTP_' . $option;
            if (array_key_exists($httpHeader, $_SERVER) && !empty($_SERVER[$httpHeader]))
            {
                self::$_ipKey = $httpHeader;
            }
        }
    }

    /**
     * get the current visitors IP address
     *
     * @access public
     * @static
     * @return string
     */
    public static function getIp()
    {
        return $_SERVER[self::$_ipKey];
    }

    /**
     * traffic limiter
     *
     * Make sure the IP address makes at most 1 request every 10 seconds.
     *
     * @access public
     * @static
     * @throws Exception
     * @return bool
     */
    public static function canPass()
    {
        // disable limits if set to less then 1
        if (self::$_limit < 1) return true;

        $ip = hash_hmac('sha256', self::getIp(), serversalt::get());

        $file = 'traffic_limiter.php';
        if (!self::_exists($file))
        {
            self::_store(
                $file,
                '<?php' . PHP_EOL .
                '$GLOBALS[\'traffic_limiter\'] = array();' . PHP_EOL
            );
        }

        $path = self::getPath($file);
        require $path;
        $now = time();
        $tl = $GLOBALS['traffic_limiter'];

        // purge file of expired IPs to keep it small
        foreach($tl as $key => $time)
        {
            if ($time + self::$_limit < $now)
            {
                unset($tl[$key]);
            }
        }

        if (array_key_exists($ip, $tl) && ($tl[$ip] + self::$_limit >= $now))
        {
            $result = false;
        } else {
            $tl[$ip] = time();
            $result = true;
        }
        self::_store(
            $file,
            '<?php' . PHP_EOL .
            '$GLOBALS[\'traffic_limiter\'] = ' .
            var_export($tl, true) . ';' . PHP_EOL
        );
        return $result;
    }
}
Refactoring of code base - modularized code, introduced configuration, started working on a PDO based DB connector 2012-04-29 19:15:06 +02:00			`<?php`
			`/**`
renaming the fork to PrivateBin 2016-07-11 11:58:15 +02:00			`* PrivateBin`
Refactoring of code base - modularized code, introduced configuration, started working on a PDO based DB connector 2012-04-29 19:15:06 +02:00			`*`
			`* a zero-knowledge paste bin`
			`*`
renaming the fork to PrivateBin 2016-07-11 11:58:15 +02:00			`* @link https://github.com/PrivateBin/PrivateBin`
Refactoring of code base - modularized code, introduced configuration, started working on a PDO based DB connector 2012-04-29 19:15:06 +02:00			`* @copyright 2012 Sébastien SAUVAGE (sebsauvage.net)`
			`* @license http://www.opensource.org/licenses/zlib-license.php The zlib/libpng License`
incrementing version, updating changelog, added missing phpdoc comments 2015-11-09 21:39:42 +01:00			`* @version 0.22`
Refactoring of code base - modularized code, introduced configuration, started working on a PDO based DB connector 2012-04-29 19:15:06 +02:00			`*/`

			`/**`
ZeroBin 0.17 * added deletion link. * small refactoring. * improved regex checks. * larger server alt on installation. 2013-11-01 01:15:14 +01:00			`* trafficlimiter`
Refactoring of code base - modularized code, introduced configuration, started working on a PDO based DB connector 2012-04-29 19:15:06 +02:00			`*`
			`* Handles traffic limiting, so no user does more than one call per 10 seconds.`
			`*/`
ZeroBin 0.17 * added deletion link. * small refactoring. * improved regex checks. * larger server alt on installation. 2013-11-01 01:15:14 +01:00			`class trafficlimiter extends persistence`
Refactoring of code base - modularized code, introduced configuration, started working on a PDO based DB connector 2012-04-29 19:15:06 +02:00			`{`
			`/**`
cleaned up phpdoc comments, added README on how to install and use it 2015-08-16 15:55:31 +02:00			`* time limit in seconds, defaults to 10s`
			`*`
Refactoring of code base - modularized code, introduced configuration, started working on a PDO based DB connector 2012-04-29 19:15:06 +02:00			`* @access private`
			`* @static`
			`* @var int`
			`*/`
			`private static $_limit = 10;`

preparing unit test for model refactoring, refactoring traffic limiter 2015-09-26 17:57:46 +02:00			`/**`
			`* key to fetch IP address`
			`*`
			`* @access private`
			`* @static`
			`* @var string`
			`*/`
			`private static $_ipKey = 'REMOTE_ADDR';`

Refactoring of code base - modularized code, introduced configuration, started working on a PDO based DB connector 2012-04-29 19:15:06 +02:00			`/**`
			`* set the time limit in seconds`
			`*`
			`* @access public`
			`* @static`
			`* @param int $limit`
			`* @return void`
			`*/`
			`public static function setLimit($limit)`
			`{`
			`self::$_limit = $limit;`
			`}`

preparing unit test for model refactoring, refactoring traffic limiter 2015-09-26 17:57:46 +02:00			`/**`
			`* set configuration options of the traffic limiter`
			`*`
			`* @access public`
			`* @static`
			`* @param configuration $conf`
			`* @return void`
			`*/`
			`public static function setConfiguration(configuration $conf)`
			`{`
			`self::setLimit($conf->getKey('limit', 'traffic'));`
			`self::setPath($conf->getKey('dir', 'traffic'));`
			`if (($option = $conf->getKey('header', 'traffic')) !== null)`
			`{`
			`$httpHeader = 'HTTP_' . $option;`
			`if (array_key_exists($httpHeader, $_SERVER) && !empty($_SERVER[$httpHeader]))`
			`{`
			`self::$_ipKey = $httpHeader;`
			`}`
			`}`
			`}`

			`/**`
			`* get the current visitors IP address`
			`*`
			`* @access public`
			`* @static`
			`* @return string`
			`*/`
			`public static function getIp()`
			`{`
switching to SHA256 HMAC of IPs in traffic limiter, resolves #57 2015-12-22 20:58:23 +01:00			`return $_SERVER[self::$_ipKey];`
preparing unit test for model refactoring, refactoring traffic limiter 2015-09-26 17:57:46 +02:00			`}`

Refactoring of code base - modularized code, introduced configuration, started working on a PDO based DB connector 2012-04-29 19:15:06 +02:00			`/**`
			`* traffic limiter`
			`*`
			`* Make sure the IP address makes at most 1 request every 10 seconds.`
			`*`
			`* @access public`
			`* @static`
fixing nasty deletion bug from #15, included unit tests to trigger it and reworked persistence classes to through exceptions rather to fail silently 2015-08-27 21:41:21 +02:00			`* @throws Exception`
Refactoring of code base - modularized code, introduced configuration, started working on a PDO based DB connector 2012-04-29 19:15:06 +02:00			`* @return bool`
			`*/`
preparing unit test for model refactoring, refactoring traffic limiter 2015-09-26 17:57:46 +02:00			`public static function canPass()`
Refactoring of code base - modularized code, introduced configuration, started working on a PDO based DB connector 2012-04-29 19:15:06 +02:00			`{`
preparing unit test for model refactoring, refactoring traffic limiter 2015-09-26 17:57:46 +02:00			`// disable limits if set to less then 1`
			`if (self::$_limit < 1) return true;`
Added more configuration options, based on patch by Uli Köhler 2013-10-30 23:54:42 +01:00
switching to SHA256 HMAC of IPs in traffic limiter, resolves #57 2015-12-22 20:58:23 +01:00			`$ip = hash_hmac('sha256', self::getIp(), serversalt::get());`

ZeroBin 0.17 * added deletion link. * small refactoring. * improved regex checks. * larger server alt on installation. 2013-11-01 01:15:14 +01:00			`$file = 'traffic_limiter.php';`
			`if (!self::_exists($file))`
Refactoring of code base - modularized code, introduced configuration, started working on a PDO based DB connector 2012-04-29 19:15:06 +02:00			`{`
ZeroBin 0.17 * added deletion link. * small refactoring. * improved regex checks. * larger server alt on installation. 2013-11-01 01:15:14 +01:00			`self::_store(`
Refactoring of code base - modularized code, introduced configuration, started working on a PDO based DB connector 2012-04-29 19:15:06 +02:00			`$file,`
			`'<?php' . PHP_EOL .`
			`'$GLOBALS[\'traffic_limiter\'] = array();' . PHP_EOL`
			`);`
			`}`

ZeroBin 0.17 * added deletion link. * small refactoring. * improved regex checks. * larger server alt on installation. 2013-11-01 01:15:14 +01:00			`$path = self::getPath($file);`
			`require $path;`
removed leftovers from submodule uglifyjs, added credits file, cleaned up CSS, changed template to output clean XHTML 5, added unit tests for 60% of the code, found a few bugs by doing that and fixed them 2012-08-26 00:49:11 +02:00			`$now = time();`
Refactoring of code base - modularized code, introduced configuration, started working on a PDO based DB connector 2012-04-29 19:15:06 +02:00			`$tl = $GLOBALS['traffic_limiter'];`

			`// purge file of expired IPs to keep it small`
			`foreach($tl as $key => $time)`
			`{`
removed leftovers from submodule uglifyjs, added credits file, cleaned up CSS, changed template to output clean XHTML 5, added unit tests for 60% of the code, found a few bugs by doing that and fixed them 2012-08-26 00:49:11 +02:00			`if ($time + self::$_limit < $now)`
Refactoring of code base - modularized code, introduced configuration, started working on a PDO based DB connector 2012-04-29 19:15:06 +02:00			`{`
			`unset($tl[$key]);`
			`}`
			`}`

removed leftovers from submodule uglifyjs, added credits file, cleaned up CSS, changed template to output clean XHTML 5, added unit tests for 60% of the code, found a few bugs by doing that and fixed them 2012-08-26 00:49:11 +02:00			`if (array_key_exists($ip, $tl) && ($tl[$ip] + self::$_limit >= $now))`
Refactoring of code base - modularized code, introduced configuration, started working on a PDO based DB connector 2012-04-29 19:15:06 +02:00			`{`
			`$result = false;`
			`} else {`
			`$tl[$ip] = time();`
			`$result = true;`
			`}`
ZeroBin 0.17 * added deletion link. * small refactoring. * improved regex checks. * larger server alt on installation. 2013-11-01 01:15:14 +01:00			`self::_store(`
Refactoring of code base - modularized code, introduced configuration, started working on a PDO based DB connector 2012-04-29 19:15:06 +02:00			`$file,`
			`'<?php' . PHP_EOL .`
			`'$GLOBALS[\'traffic_limiter\'] = ' .`
			`var_export($tl, true) . ';' . PHP_EOL`
			`);`
			`return $result;`
			`}`
			`}`