1: <?php
 2: 
 3: /**
 4:  * Class for filtering requests from temporariy blacklisted HTTP clients
 5:  *
 6:  * @package alpha::util::filters
 7:  * @since 1.0
 8:  * @author John Collins <dev@alphaframework.org>
 9:  * @version $Id: ClientTempBlacklistFilter.inc 1760 2014-04-10 21:01:08Z alphadevx $
10:  * @license http://www.opensource.org/licenses/bsd-license.php The BSD License
11:  * @copyright Copyright (c) 2014, John Collins (founder of Alpha Framework).
12:  * All rights reserved.
13:  *
14:  * <pre>
15:  * Redistribution and use in source and binary forms, with or
16:  * without modification, are permitted provided that the
17:  * following conditions are met:
18:  *
19:  * * Redistributions of source code must retain the above
20:  *   copyright notice, this list of conditions and the
21:  *   following disclaimer.
22:  * * Redistributions in binary form must reproduce the above
23:  *   copyright notice, this list of conditions and the
24:  *   following disclaimer in the documentation and/or other
25:  *   materials provided with the distribution.
26:  * * Neither the name of the Alpha Framework nor the names
27:  *   of its contributors may be used to endorse or promote
28:  *   products derived from this software without specific
29:  *   prior written permission.
30:  *
31:  * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND
32:  * CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES,
33:  * INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
34:  * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
35:  * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR
36:  * CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
37:  * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
38:  * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
39:  * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
40:  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
41:  * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE
42:  * OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
43:  * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
44:  * </pre>
45:  *
46:  */
47: class ClientTempBlacklistFilter implements AlphaFilterInterface {
48:     /**
49:      * Trace logger
50:      *
51:      * @var Logger
52:      * @since 1.0
53:      */
54:     private static $logger = null;
55: 
56:     /**
57:      * Constructor
58:      *
59:      * @since 1.0
60:      */
61:     public function __construct() {
62:         self::$logger = new Logger('ClientTempBlacklistFilter');
63:     }
64: 
65:     /**
66:      * (non-PHPdoc)
67:      * @see alpha/util/filters/AlphaFilterInterface#process()
68:      *
69:      * @throws ResourceNotAllowedException
70:      */
71:     public function process() {
72:         global $config;
73: 
74:         // if no user agent string or IP are provided, we can't filter by these anyway to might as well skip
75:         if(!isset($_SERVER['HTTP_USER_AGENT']) || !isset($_SERVER['REMOTE_ADDR']))
76:             return;
77: 
78:         $client = $_SERVER['HTTP_USER_AGENT'];
79:         $IP = $_SERVER['REMOTE_ADDR'];
80: 
81:         if(!empty($client) && !empty($IP)) {
82:             $request = new BadRequestObject();
83:             $request->set('client', $client);
84:             $request->set('IP', $IP);
85:             $badRequestCount = $request->getBadRequestCount();
86: 
87:             if($badRequestCount >= $config->get('security.client.temp.blacklist.filter.limit')) {
88:                 // if we got this far then the client is bad
89:                 self::$logger->warn('The client ['.$client.'] was blocked from accessing the resource ['.$_SERVER['REQUEST_URI'].'] on a temporary basis');
90:                 throw new ResourceNotAllowedException('Not allowed!');
91:             }
92:         }
93:     }
94: }
95: 
96: ?>