代码放在includes/init.php
$db = new cls_mysql($db_host, $db_user, $db_pass, $db_name);
下方插入如下代码:
$get_ip = real_ip();
$black_file = file_get_contents("black_log.txt");
$black_log = explode(',',$black_file);
if(in_array($get_ip,$black_log)){
die('Hacking attempt');
}
$now_time = time();
$last_time = $now_time - 30*60;
半小时内访问次数大于100,加入黑名单,并删除session
$sql = 'SELECT count(ip) FROM '.$ecs->table('sessions').' WHERE ip = \''.$get_ip.'\' AND expiry > '.$last_time;
$get_count = $db->getOne($sql);
if($get_count > 18){
$result = file_put_contents('black_log.txt',','.$get_ip,FILE_APPEND);
$sql = 'DELETE FROM '.$ecs->table('sessions').' WHERE ip = '.$get_ip;
$db->query($sql);
}
|