Main RocketGit repo
/inc/ratelimit.inc.php (479fc97e75ed7f372ae7db5cdca0d27f32901494) (1854 bytes) (mode 100644) (type blob)
<?php
// Deals with rate-limitting requests to the server to prevent abuses
// TODO: rate limit 404 errors
// TODO: we must to rate limit per user, not globally (defined in plan)
/*
* Returns -1 in case of errors or no conf present (fake "no over limit").
* Returns 0 if the user is over limit.
* Returns >0 when the @ip is under limit (the return value represents how
* many requests are still allowed.
*/
function rg_rate_limit($db)
{
rg_prof_start('rate_limit');
$ret = -1;
do {
$period = rg_state_get_uint($db, 'rate_limit_period');
if (($period === FALSE) || ($period == 0))
break;
$limit = rg_state_get_uint($db, 'rate_limit_max');
if (($limit === FALSE) || ($limit == 0))
break;
$now = time();
$ip = rg_ip();
$eip = str_replace(':', '_', $ip); // escape IPv6
$k = 'ratelimit::' . $eip;
$row = rg_cache_lock($k, 0);
if ($row !== FALSE)
rg_log_debug('from cache: row=' . rg_array2string($row));
if (($row === FALSE) || ($row['start'] + $period < $now)) {
$params = array('t' => $now - $period, 'ip' => $ip);
$sql = 'SELECT MIN(itime) AS start, COUNT(1) AS count'
. ' FROM conns'
. ' WHERE itime >= @@t@@'
. ' AND ip = @@ip@@';
$res = rg_sql_query_params($db, $sql, $params);
if ($res === FALSE)
break;
$row = rg_sql_fetch_array($res);
if ($row['count'] == 0)
$row = array('start' => $now, 'count' => 0);
rg_sql_free_result($res);
rg_log_debug('from db: row=' . rg_array2string($row));
}
$row['count']++;
if ($row['count'] > $limit) {
rg_log('IP is over limit (' . $limit . ')');
$ret = 0;
break;
}
rg_cache_set($k, $row, RG_SOCKET_NO_WAIT | RG_CACHE_UNLOCK);
rg_log_debug('IP is not over limit (count=' . $row['count'] . '/' . $limit . ')');
$ret = $limit - $row['count'];
} while (0);
rg_prof_end('rate_limit');
return $ret;
}
| Mode | Type | Size | Ref | File |
|---|---|---|---|---|
| 100644 | blob | 9 | f3c7a7c5da68804a1bdf391127ba34aed33c3cca | .exclude |
| 100644 | blob | 108 | acc2186b1d357966e09df32afcea14933f5f0c78 | .gitignore |
| 100644 | blob | 375 | 1f425bcd2049c526744d449511094fc045ceac74 | AUTHORS |
| 100644 | blob | 2375 | 07d4a2277dd1c385e2562a9ac7c636bcdd084c18 | History.txt |
| 100644 | blob | 34520 | dba13ed2ddf783ee8118c6a581dbf75305f816a3 | LICENSE |
| 100644 | blob | 3632 | f216d8f6ca7180c095ee4fcbe96d8fc2ca2b0dee | Makefile.in |
| 100644 | blob | 5325 | 96c40d868ce10b715299085ccffb30f96a730cf3 | README |
| 100644 | blob | 194316 | 464d80c60ed62ecbf5b91ff26e747163b7a3b656 | TODO |
| 100644 | blob | 1294 | f22911eb777f0695fcf81ad686eac133eb11fcc4 | TODO-plans |
| 100644 | blob | 203 | a2863c67c3da44126b61a15a6f09738c25e0fbe0 | TODO.perf |
| 100644 | blob | 967 | 56bbaa7c937381fb10a2907b6bbe056ef8cc824a | TODO.vm |
| 040000 | tree | - | 21928e906ad2907a55c2e81c2a8b0502b586b8a0 | artwork |
| 100644 | blob | 5328 | d5be4cc3f15d059ad8d267d800c602e9774816a8 | compare.csv |
| 100755 | blob | 30 | 92c4bc48245c00408cd7e1fd89bc1a03058f4ce4 | configure |
| 040000 | tree | - | 66648b9a1193c863332c5e0487b723223dbdc1a4 | debian |
| 040000 | tree | - | 98aa7eab5457a649ed3c683caa22699a1f44e138 | docker |
| 040000 | tree | - | f67d3605efbd6422a8acdd953578991139266391 | docs |
| 100755 | blob | 18252 | e2438615edba7066a730ed6a796a5302263f1f37 | duilder |
| 100644 | blob | 536 | 1431ab7fdd572e4815f0b15facc04a6b047a0dd5 | duilder.conf |
| 040000 | tree | - | 73914e7faf49474a12b29e936ae77006254cc1a1 | hooks |
| 040000 | tree | - | ca371e380febf1e280eca9bd0a5875f07b9cd102 | inc |
| 040000 | tree | - | e255ce234c3993998edc12bc7e93fff555376eda | misc |
| 100644 | blob | 6380 | ae703ff087613ba62a559f2d637a6785b50fd29c | rocketgit.spec |
| 040000 | tree | - | 150931608e051754ede7f677e94d3b4025ad7b3b | root |
| 040000 | tree | - | 19d974acea12eaedf6dd233d2997183b3f84f1a6 | samples |
| 040000 | tree | - | 598183d3781803f4d6014853bf75f2848be67b29 | scripts |
| 040000 | tree | - | 454044f7e286fe13ec18598fce6b613190f52e5e | selinux |
| 100755 | blob | 256 | 462ccd108c431f54e380cdac2329129875a318b5 | spell_check.sh |
| 040000 | tree | - | d9260d3cf0d6490be720312893600a8041bf991b | techdocs |
| 040000 | tree | - | 1697fd6dc35e069d2d16a6c262c4ddc84abd0566 | tests |
| 040000 | tree | - | e810d7397575886ef495708d571eb3675f6928ba | tools |
Hints:
Before first commit, do not forget to setup your git environment:
Clone this repository using HTTP(S):
Clone this repository using ssh (do not forget to upload a key first):
Clone this repository using git:
You are allowed to anonymously push to this repository.
This means that your pushed commits will automatically be transformed into a merge request:
Before first commit, do not forget to setup your git environment:
git config --global user.name "your_name_here"
git config --global user.email "your@email_here"
git config --global user.email "your@email_here"
Clone this repository using HTTP(S):
git clone https://rocketgit.com/user/catalinux/rocketgit
Clone this repository using ssh (do not forget to upload a key first):
git clone ssh://rocketgit@ssh.rocketgit.com/user/catalinux/rocketgit
Clone this repository using git:
git clone git://git.rocketgit.com/user/catalinux/rocketgit
You are allowed to anonymously push to this repository.
This means that your pushed commits will automatically be transformed into a merge request:
... clone the repository ...
... make some changes and some commits ...
git push origin main
... make some changes and some commits ...
git push origin main
RocketGit
Rocket your launch!
Rocket your launch!