Parašė BloodKiller· 2007 Rugp. 5 23:08:23
#1
Taigi, as cia sukuriau siokia tokia sistemele nuo bruteforce ataku (aisku tai tik 50% apsaugos jus nuo bruteforce ataku, taciau nera ko jaudintis, nes kita 50% taip pat kazkada sukursiu). Si apsauga neleis jungtis ketvirta karta 30 minuciu, jeigu ivesite klaidingus prisijungimo duomenis. :D :D
Pirmiausia vykdome SQL koda.
CREATE TABLE prefix_blogi_bandymai (
bandymo_ip VARCHAR (255) NOT NULL,
bandymo_data BIGINT (20) NOT NULL
);
Dabar atsidarote maincore.php faila, susirandate...
} else {
redirect(BASEDIR."setuser.php?error=3");
}
...if (isset($_POST['login'])) {...} salygoje ir pries redirect(BASEDIR."setuser.php?error=3"); rasote...
if (dbcount("(*)","blogi_bandymai","bandymo_ip = '".$_SERVER['REMOTE_ADDR']."' AND bandymo_data > ".(time()-1800)) < 3) $result = dbquery("INSERT INTO ".$db_prefix."blogi_bandymai (bandymo_ip,bandymo_data) VALUES ('".$_SERVER['REMOTE_ADDR']."','".time()."');");
Dabar susiraskite maincore.php faile pati pirma
if (dbrows($result) != 0) { ir keiskite i
if (dbrows($result) != 0 && dbcount("(*)","blogi_bandymai","bandymo_ip = '".$_SERVER['REMOTE_ADDR']."' AND bandymo_data > ".(time()-1800)) < 3) {
Beje, patartina dar butu (jei nenorite apkrauti
MySQL), susirasti
if (isset($_POST['login'])) { maincore.php faile ir po siuo sakiniu rasyti...
$result = dbquery("DELETE FROM ".$db_prefix."blogi_bandymai WHERE bandymo_data < ".(time()-1800));
Redagavo BloodKiller· 2007 Rugp. 5 23:08:08