Extract file_open_lock and file_write_unlock

author Jakub Vrana <jakub@vrana.cz>

Wed, 24 Jan 2018 11:04:53 +0000 (12:04 +0100)

committer Jakub Vrana <jakub@vrana.cz>

Wed, 24 Jan 2018 11:04:53 +0000 (12:04 +0100)
author Jakub Vrana <jakub@vrana.cz>
Wed, 24 Jan 2018 11:04:53 +0000 (12:04 +0100)
committer Jakub Vrana <jakub@vrana.cz>
Wed, 24 Jan 2018 11:04:53 +0000 (12:04 +0100)
diff --git a/adminer/include/auth.inc.php b/adminer/include/auth.inc.php

index 22ff2403a53e563db146a22e1b393fca36370a1d..f3caae8b30c791486f3f571c9d3e0c4176a02f16 100644 (file)
--- a/adminer/include/auth.inc.php
+++ b/adminer/include/auth.inc.php
@@ -17,15 +17,10 @@ if ($_COOKIE["adminer_permanent"]) {
  
  function add_invalid_login() {
         global $adminer;
-       $filename = get_temp_dir() . "/adminer.invalid";
-       $fp = @fopen($filename, "r+"); // @ - may not exist
-       if (!$fp) { // c+ is available since PHP 5.2.6
-               $fp = @fopen($filename, "w"); // @ - may not be writable
-               if (!$fp) {
-                       return;
-               }
+       $fp = file_open_lock(get_temp_dir() . "/adminer.invalid");
+       if (!$fp) {
+               return;
         }
-       flock($fp, LOCK_EX);
         $invalids = unserialize(stream_get_contents($fp));
         $time = time();
         if ($invalids) {
@@ -40,19 +35,14 @@ function add_invalid_login() {
                 $invalid = array($time + 30*60, 0); // active for 30 minutes
         }
         $invalid[1]++;
-       $serialized = serialize($invalids);
-       rewind($fp);
-       fwrite($fp, $serialized);
-       ftruncate($fp, strlen($serialized));
-       flock($fp, LOCK_UN);
-       fclose($fp);
+       file_write_unlock($fp, serialize($invalids));
  }
  
  function check_invalid_login() {
         global $adminer;
         $invalids = unserialize(@file_get_contents(get_temp_dir() . "/adminer.invalid")); // @ - may not exist
         $invalid = $invalids[$adminer->bruteForceKey()];
-       $next_attempt = ($invalid[1] > 30 ? $invalid[0] - time() : 0); // allow 30 invalid attempts
+       $next_attempt = ($invalid[1] > 29 ? $invalid[0] - time() : 0); // allow 30 invalid attempts
         if ($next_attempt > 0) { //! do the same with permanent login
                 auth_error(lang('Too many unsuccessful logins, try again in %d minute(s).', ceil($next_attempt / 60)));
         }
diff --git a/adminer/include/functions.inc.php b/adminer/include/functions.inc.php

index 1d3ecf7569662b4808a645985c4131ba0d0b7005..d1e546bb103c895b2b4a1926e5efc4263e640273 100644 (file)
--- a/adminer/include/functions.inc.php
+++ b/adminer/include/functions.inc.php
@@ -1131,6 +1131,34 @@ function get_temp_dir() {
         return $return;
  }
  
+/** Open and exclusively lock a file
+* @param string
+* @return resource or null for error
+*/
+function file_open_lock($filename) {
+       $fp = @fopen($filename, "r+"); // @ - may not exist
+       if (!$fp) { // c+ is available since PHP 5.2.6
+               $fp = @fopen($filename, "w"); // @ - may not be writable
+               if (!$fp) {
+                       return;
+               }
+       }
+       flock($fp, LOCK_EX);
+       return $fp;
+}
+
+/** Write and unlock a file
+* @param resource
+* @param string
+*/
+function file_write_unlock($fp, $data) {
+       rewind($fp);
+       fwrite($fp, $data);
+       ftruncate($fp, strlen($data));
+       flock($fp, LOCK_UN);
+       fclose($fp);
+}
+
  /** Read password from file adminer.key in temporary directory or create one
  * @param bool
  * @return string or false if the file can not be created
author	Jakub Vrana <jakub@vrana.cz>
	Wed, 24 Jan 2018 11:04:53 +0000 (12:04 +0100)
committer	Jakub Vrana <jakub@vrana.cz>
	Wed, 24 Jan 2018 11:04:53 +0000 (12:04 +0100)
adminer/include/auth.inc.php		patch \| blob \| history
adminer/include/functions.inc.php		patch \| blob \| history