Commit 364512ab authored by Dominik Hebeler's avatar Dominik Hebeler

Modified Humanverification to make less Database requests

parent 548381aa
...@@ -20,6 +20,9 @@ class HumanVerification ...@@ -20,6 +20,9 @@ class HumanVerification
*/ */
public function handle($request, Closure $next) public function handle($request, Closure $next)
{ {
// The specific user
$user = null;
$newUser = true;
try { try {
$id = hash("sha512", $request->ip()); $id = hash("sha512", $request->ip());
$uid = hash("sha512", $request->ip() . $_SERVER["AGENT"]); $uid = hash("sha512", $request->ip() . $_SERVER["AGENT"]);
...@@ -35,16 +38,32 @@ class HumanVerification ...@@ -35,16 +38,32 @@ class HumanVerification
return $next($request); return $next($request);
} }
// The specific user
$user = DB::table('humanverification')->where('uid', $uid)->first(); $users = DB::select('select * from humanverification where id = ?', [$id]);
$createdAt = Carbon::now(); # Lock out everyone in a Bot network
$unusedResultPages = 1; # Find out how many requests this IP has made
$locked = false; $sum = 0;
foreach($users as $userTmp){
if($uid == $userTmp->uid){
$user = ['uid' => $userTmp->uid,
'id' => $userTmp->id,
'unusedResultPages' => intval($userTmp->unusedResultPages),
'whitelist' => filter_var($userTmp->whitelist, FILTER_VALIDATE_BOOLEAN),
'whitelistCounter' => $userTmp->whitelistCounter,
'locked' => filter_var($userTmp->locked, FILTER_VALIDATE_BOOLEAN),
"lockedKey" => $userTmp->lockedKey,
'updated_at' => Carbon::now(),
];
$newUser = false;
}
if($userTmp->whitelist === 0)
$sum += $userTmp->unusedResultPages;
}
# If this user doesn't have an entry we will create one # If this user doesn't have an entry we will create one
if ($user === null) { if ($user === null) {
DB::table('humanverification')->insert( $user =
[ [
'uid' => $uid, 'uid' => $uid,
'id' => $id, 'id' => $id,
...@@ -54,18 +73,9 @@ class HumanVerification ...@@ -54,18 +73,9 @@ class HumanVerification
'locked' => false, 'locked' => false,
"lockedKey" => "", "lockedKey" => "",
'updated_at' => Carbon::now(), 'updated_at' => Carbon::now(),
] ];
);
# Insert the URL the user tries to reach
$url = url()->full();
DB::table('usedurls')->insert(['uid' => $uid, 'id' => $id, 'eingabe' => $request->input('eingabe', '')]);
$user = DB::table('humanverification')->where('uid', $uid)->first();
} }
# Lock out everyone in a Bot network
# Find out how many requests this IP has made
$sum = DB::table('humanverification')->where('id', $id)->where('whitelist', false)->sum('unusedResultPages');
# A lot of automated requests are from websites that redirect users to our result page. # A lot of automated requests are from websites that redirect users to our result page.
# We will detect those requests and put a captcha # We will detect those requests and put a captcha
$referer = URL::previous(); $referer = URL::previous();
...@@ -81,16 +91,19 @@ class HumanVerification ...@@ -81,16 +91,19 @@ class HumanVerification
} }
// Defines if this is the only user using that IP Adress // Defines if this is the only user using that IP Adress
$alone = DB::table('humanverification')->where('id', $id)->count() === 1; $alone = true;
if ((!$alone && $sum >= 50 && $user->whitelist !== 1) || $refererLock) { foreach($users as $userTmp){
DB::table('humanverification')->where('uid', $uid)->update(['locked' => true]); if($userTmp->uid != $uid && !$userTmp->whitelist)
$user->locked = 1; $alone = false;
}
if ((!$alone && $sum >= 50 && !$user["whitelist"]) || $refererLock) {
$user["locked"] = true;
} }
# If the user is locked we will force a Captcha validation # If the user is locked we will force a Captcha validation
if ($user->locked === 1) { if ($user["locked"]) {
$captcha = Captcha::create("default", true); $captcha = Captcha::create("default", true);
DB::table('humanverification')->where('uid', $uid)->update(['lockedKey' => $captcha["key"]]); $user["lockedKey"] = $captcha["key"];
return return
new Response( new Response(
view('humanverification.captcha') view('humanverification.captcha')
...@@ -101,11 +114,9 @@ class HumanVerification ...@@ -101,11 +114,9 @@ class HumanVerification
); );
} }
$unusedResultPages = intval($user->unusedResultPages); $user["unusedResultPages"]++;
$unusedResultPages++;
$locked = false;
if ($alone || $user->whitelist === 1) { if ($alone || $user["whitelist"]) {
# This IP doesn't need verification yet # This IP doesn't need verification yet
# The user currently isn't locked # The user currently isn't locked
...@@ -114,20 +125,44 @@ class HumanVerification ...@@ -114,20 +125,44 @@ class HumanVerification
# If the user shows activity on our result page the counter will be deleted # If the user shows activity on our result page the counter will be deleted
# Maybe I'll add a ban if the user reaches 100 # Maybe I'll add a ban if the user reaches 100
if ($unusedResultPages === 50 || $unusedResultPages === 75 || $unusedResultPages === 85 || $unusedResultPages >= 90) { if ($user["unusedResultPages"] === 50 || $user["unusedResultPages"] === 75 || $user["unusedResultPages"] === 85 || $user["unusedResultPages"] >= 90) {
$locked = true; $user["locked"] = true;
} }
} }
DB::table('humanverification')->where('uid', $uid)->update(['unusedResultPages' => $unusedResultPages, 'locked' => $locked]);
# Insert the URL the user tries to reach
DB::table('usedurls')->insert(['uid' => $uid, 'id' => $id, 'eingabe' => $request->input('eingabe', '')]);
} catch (\Illuminate\Database\QueryException $e) { } catch (\Illuminate\Database\QueryException $e) {
// Failure in contacting metager3.de // Failure in contacting metager3.de
} finally {
// Update the user in the database
if($newUser){
DB::table('humanverification')->insert(
[
'uid' => $user["uid"],
'id' => $user["id"],
'unusedResultPages' => $user['unusedResultPages'],
'whitelist' => $user["whitelist"],
'whitelistCounter' => $user["whitelistCounter"],
'locked' => $user["locked"],
"lockedKey" => $user["lockedKey"],
'updated_at' => $user["updated_at"],
]
);
}else{
DB::table('humanverification')->where('uid', $uid)->update(
[
'uid' => $user["uid"],
'id' => $user["id"],
'unusedResultPages' => $user['unusedResultPages'],
'whitelist' => $user["whitelist"],
'whitelistCounter' => $user["whitelistCounter"],
'locked' => $user["locked"],
"lockedKey" => $user["lockedKey"],
'updated_at' => $user["updated_at"],
]
);
}
} }
if(isset($uid) && isset($unusedResultPages)) $request->request->add(['verification_id' => $user["uid"], 'verification_count' => $user["unusedResultPages"]]);
$request->request->add(['verification_id' => $uid, 'verification_count' => $unusedResultPages]);
return $next($request); return $next($request);
} }
} }
<?php
use Illuminate\Database\Migrations\Migration;
use Illuminate\Database\Schema\Blueprint;
use Illuminate\Support\Facades\Schema;
class Usedurls extends Migration
{
/**
* Run the migrations.
*
* @return void
*/
public function up()
{
Schema::create('usedurls', function (Blueprint $table) {
$table->increments('number')->unique();
$table->string('uid');
$table->string('id');
$table->text('eingabe');
$table->timestamp('created_at');
$table->foreign('uid')->references('uid')->on('humanverification')->onDelete('cascade');
});
}
/**
* Reverse the migrations.
*
* @return void
*/
public function down()
{
Schema::drop('usedurls');
}
}
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment