You are here

Home » API reference » User One 7 » userone.module

function userone_block_ips in User One 7

2 string references to 'userone_block_ips'
userone_form_user_login_alter in ./userone.module
Implements hook_form_FORM_ID_alter(). Append to the list of core validators to block IPs. Duplicate code to avoid using hook_form_alter() for better performance.
userone_form_user_login_block_alter in ./userone.module

File

./userone.module, line 298
User One module.

Code

function userone_block_ips($form, &$form_state) {
  if (!empty($form_state['uid'])) {
    return;
  }
  if (variable_get('userone_block_ip_on_failed_login_ip', FALSE)) {

    // Find IPs that broke threshold and block them permanently.
    $result = db_query("SELECT identifier AS ip FROM {flood} WHERE event = :event AND timestamp > :timestamp GROUP BY identifier HAVING COUNT(*) > :threshold", array(
      ':event' => 'failed_login_attempt_ip',
      ':timestamp' => REQUEST_TIME - variable_get('user_failed_login_ip_window', 3600),
      ':threshold' => variable_get('user_failed_login_ip_limit', 50),
    ));
    foreach ($result as $row) {
      if (!db_query("SELECT * FROM {blocked_ips} WHERE ip = :ip", array(
        ':ip' => $row->ip,
      ))
        ->fetchField()) {
        db_insert('blocked_ips')
          ->fields(array(
          'ip' => $row->ip,
        ))
          ->execute();
        $blocked_ip[] = $row->ip;
      }
    }
  }
  if (variable_get('userone_block_ip_on_failed_login_user1', FALSE)) {

    // Find IPs that broke threshold with user 1 and block them permanently.
    $result = db_query("SELECT identifier AS uid_ip FROM {flood} WHERE event = :event AND timestamp > :timestamp AND identifier LIKE '1-%' GROUP BY identifier HAVING COUNT(*) > :threshold", array(
      ':event' => 'failed_login_attempt_user',
      ':timestamp' => REQUEST_TIME - variable_get('user_failed_login_user_window', 21600),
      ':threshold' => variable_get('user_failed_login_user_limit', 5),
    ));
    foreach ($result as $row) {
      list($uid, $ip) = explode('-', $row->uid_ip);
      if (!db_query("SELECT * FROM {blocked_ips} WHERE ip = :ip", array(
        ':ip' => $ip,
      ))
        ->fetchField()) {
        db_insert('blocked_ips')
          ->fields(array(
          'ip' => $ip,
        ))
          ->execute();
        $blocked_ip[] = $ip . ' (failed logins for user id ' . $uid . ')';
      }
    }
  }

  // Notify user one.
  if (!empty($blocked_ip)) {
    $user1 = user_load(1);
    $params['subject'] = variable_get('site_name') . ': Blocked IP due to multiple failed logins';
    $params['body'][] = 'Hi User One,';
    $params['body'][] = 'There were suspected login activities and associated IP has been blocked.';
    $params['body'][] = 'Blocked IP: ' . implode(', ', $blocked_ip);
    $params['body'][] = 'You can review the list of blocked IPs at ' . url('admin/config/people/ip-blocking', array(
      'absolute' => TRUE,
    ));
    $params['body'][] = 'Thank you.';
    $params['body'][] = 'Sent by User One module.';
    drupal_mail('userone', 'blocked-ip', $user1->mail, language_default(), $params);

    //drupal_mail('userone', 'blocked-ip', $usr->mail, language_default(), $params, $from);
  }
}