View source
<?php
namespace Drupal\Core\Flood;
use Drupal\Core\Database\DatabaseException;
use Symfony\Component\HttpFoundation\RequestStack;
use Drupal\Core\Database\Connection;
class DatabaseBackend implements FloodInterface {
const TABLE_NAME = 'flood';
protected $connection;
protected $requestStack;
public function __construct(Connection $connection, RequestStack $request_stack) {
$this->connection = $connection;
$this->requestStack = $request_stack;
}
public function register($name, $window = 3600, $identifier = NULL) {
if (!isset($identifier)) {
$identifier = $this->requestStack
->getCurrentRequest()
->getClientIp();
}
$try_again = FALSE;
try {
$this
->doInsert($name, $window, $identifier);
} catch (\Exception $e) {
$try_again = $this
->ensureTableExists();
if (!$try_again) {
throw $e;
}
}
if ($try_again) {
$this
->doInsert($name, $window, $identifier);
}
}
protected function doInsert($name, $window, $identifier) {
$this->connection
->insert(static::TABLE_NAME)
->fields([
'event' => $name,
'identifier' => $identifier,
'timestamp' => REQUEST_TIME,
'expiration' => REQUEST_TIME + $window,
])
->execute();
}
public function clear($name, $identifier = NULL) {
if (!isset($identifier)) {
$identifier = $this->requestStack
->getCurrentRequest()
->getClientIp();
}
try {
$this->connection
->delete(static::TABLE_NAME)
->condition('event', $name)
->condition('identifier', $identifier)
->execute();
} catch (\Exception $e) {
$this
->catchException($e);
}
}
public function isAllowed($name, $threshold, $window = 3600, $identifier = NULL) {
if (!isset($identifier)) {
$identifier = $this->requestStack
->getCurrentRequest()
->getClientIp();
}
try {
$number = $this->connection
->select(static::TABLE_NAME, 'f')
->condition('event', $name)
->condition('identifier', $identifier)
->condition('timestamp', REQUEST_TIME - $window, '>')
->countQuery()
->execute()
->fetchField();
return $number < $threshold;
} catch (\Exception $e) {
$this
->catchException($e);
return TRUE;
}
}
public function garbageCollection() {
try {
$return = $this->connection
->delete(static::TABLE_NAME)
->condition('expiration', REQUEST_TIME, '<')
->execute();
} catch (\Exception $e) {
$this
->catchException($e);
}
}
protected function ensureTableExists() {
try {
$database_schema = $this->connection
->schema();
if (!$database_schema
->tableExists(static::TABLE_NAME)) {
$schema_definition = $this
->schemaDefinition();
$database_schema
->createTable(static::TABLE_NAME, $schema_definition);
return TRUE;
}
} catch (DatabaseException $e) {
return TRUE;
}
return FALSE;
}
protected function catchException(\Exception $e) {
if ($this->connection
->schema()
->tableExists(static::TABLE_NAME)) {
throw $e;
}
}
public function schemaDefinition() {
return [
'description' => 'Flood controls the threshold of events, such as the number of contact attempts.',
'fields' => [
'fid' => [
'description' => 'Unique flood event ID.',
'type' => 'serial',
'not null' => TRUE,
],
'event' => [
'description' => 'Name of event (e.g. contact).',
'type' => 'varchar_ascii',
'length' => 64,
'not null' => TRUE,
'default' => '',
],
'identifier' => [
'description' => 'Identifier of the visitor, such as an IP address or hostname.',
'type' => 'varchar_ascii',
'length' => 128,
'not null' => TRUE,
'default' => '',
],
'timestamp' => [
'description' => 'Timestamp of the event.',
'type' => 'int',
'not null' => TRUE,
'default' => 0,
],
'expiration' => [
'description' => 'Expiration timestamp. Expired events are purged on cron run.',
'type' => 'int',
'not null' => TRUE,
'default' => 0,
],
],
'primary key' => [
'fid',
],
'indexes' => [
'allow' => [
'event',
'identifier',
'timestamp',
],
'purge' => [
'expiration',
],
],
];
}
}