Change firewall time from hours to minutes

nouveau fichier: core/lib/Thelia/Form/BruteforceForm.php modifié: core/lib/Thelia/Form/FirewallForm.php modifié: setup/insert.sql modifié: setup/update/2.0.3.sql
2014-07-16 14:22:32 +02:00
parent b424fb2750
commit 28e027bca4
4 changed files with 58 additions and 13 deletions
--- a/core/lib/Thelia/Form/BruteforceForm.php
+++ b/core/lib/Thelia/Form/BruteforceForm.php
@@ -0,0 +1,37 @@
+<?php
+/*************************************************************************************/
+/*      This file is part of the Thelia package.                                     */
+/*                                                                                   */
+/*      Copyright (c) OpenStudio                                                     */
+/*      email : dev@thelia.net                                                       */
+/*      web : http://www.thelia.net                                                  */
+/*                                                                                   */
+/*      For the full copyright and license information, please view the LICENSE.txt  */
+/*      file that was distributed with this source code.                             */
+/*************************************************************************************/
+
+namespace Thelia\Form;
+use Thelia\Model\ConfigQuery;
+
+/**
+ * Class BruteforceForm
+ * @package Thelia\Form
+ * @author Benjamin Perche <bperche@openstudio.fr>
+ */
+abstract class BruteforceForm extends FirewallForm
+{
+    const DEFAULT_TIME_TO_WAIT = 10; // 10 minutes
+
+    const DEFAULT_ATTEMPTS = 10;
+
+    public function getConfigTime()
+    {
+        return ConfigQuery::read("form_firewall_bruteforce_time_to_wait", static::DEFAULT_TIME_TO_WAIT);
+    }
+
+    public function getConfigAttempts()
+    {
+        return ConfigQuery::read("form_firewall_bruteforce_attempts", static::DEFAULT_ATTEMPTS);
+    }
+
+} 
--- a/core/lib/Thelia/Form/FirewallForm.php
+++ b/core/lib/Thelia/Form/FirewallForm.php
@@ -25,8 +25,10 @@ abstract class FirewallForm extends BaseForm
 {
    /**
     * Those values are for a "normal" security policy
+     *
+     * Time is in minutes
     */
-    const DEFAULT_TIME_TO_WAIT = 1;
+    const DEFAULT_TIME_TO_WAIT = 60; // 1 hour
    const DEFAULT_ATTEMPTS = 6;

    /** @var  \Thelia\Model\FormFirewall */
@@ -54,7 +56,7 @@ abstract class FirewallForm extends BaseForm
            /**
             * Get the last request execution time in hour.
             */
-            $lastRequest = (time() - $lastRequestTimestamp) / 3600;
+            $lastRequest = (time() - $lastRequestTimestamp) / 60;

            if ($lastRequest > $this->getConfigTime()) {
                $firewallRow->resetAttempts();
@@ -107,15 +109,21 @@ abstract class FirewallForm extends BaseForm

    public function getWaitingTime()
    {
-        $time = $this->getConfigTime();
-        $name = "hour(s)";
+        $translator = Translator::getInstance();
+        $minutes = $this->getConfigTime();
+        $minutesName = $translator->trans("minute(s)");
+        $text = "";

-        if ($time < 1) {
-            $time *= 60;
-            $name = "minute(s)";
+        if ($minutes > 60) {
+            $hour = floor($minutes / 60);
+            $minutes %= 60;
+            $text = $hour . " " . $translator->trans("hour(s)") . " ";
        }
-        $time = round($time);

-        return $time . " " . Translator::getInstance()->trans($name);
+        if ($minutes !== 0) {
+            $text .= $minutes . " " . $minutesName;
+        }
+
+        return $text;
    }
 }
--- a/setup/insert.sql
+++ b/setup/insert.sql
@@ -53,8 +53,8 @@ INSERT INTO `config` (`name`, `value`, `secured`, `hidden`, `created_at`, `updat
 ('sitemap_ttl','7200', 1, 1, NOW(), NOW()),
 ('feed_ttl','7200', 1, 1, NOW(), NOW()),

-('form_firewall_bruteforce_time_to_wait', '0.166667', 0, 0, NOW(), NOW()),
-('form_firewall_time_to_wait', '1', 0, 0, NOW(), NOW()),
+('form_firewall_bruteforce_time_to_wait', '10', 0, 0, NOW(), NOW()),
+('form_firewall_time_to_wait', '60', 0, 0, NOW(), NOW()),
 ('form_firewall_bruteforce_attempts', '10', 0, 0, NOW(), NOW()),
 ('form_firewall_attempts', '6', 0, 0, NOW(), NOW()),
 ('from_firewall_active', '1', 0, 0, NOW(), NOW());
--- a/setup/update/2.0.3.sql
+++ b/setup/update/2.0.3.sql
@@ -285,8 +285,8 @@ CREATE TABLE `form_firewall`


 INSERT INTO `config`(`name`, `value`, `secured`, `hidden`, `created_at`, `updated_at`) VALUES
-('form_firewall_bruteforce_time_to_wait', '0.166667', 0, 0, NOW(), NOW()),
-('form_firewall_time_to_wait', '1', 0, 0, NOW(), NOW()),
+('form_firewall_bruteforce_time_to_wait', '10', 0, 0, NOW(), NOW()),
+('form_firewall_time_to_wait', '60', 0, 0, NOW(), NOW()),
 ('form_firewall_bruteforce_attempts', '10', 0, 0, NOW(), NOW()),
 ('form_firewall_attempts', '6', 0, 0, NOW(), NOW()),
 ('from_firewall_active', '1', 0, 0, NOW(), NOW())