RanchiMall/php-mpos
3
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

ripped out all the memcache session stuff, not worth it with the side effects of caching things

Browse Source 
cleaned up config/checks
This commit is contained in:
xisi 2014-01-30 18:41:56 -05:00
parent 8487a8d462
commit afdf3abb29
10 changed files with 60 additions and 292 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
public/include/admin_checks.php
View File

@ -78,8 +78,8 @@ if (@$_SESSION['USERDATA']['is_admin'] && $user->isAdmin(@$_SESSION['USERDATA'][
if (mysqli_connect_errno() || !array_key_exists('client_info', $db_connect)) {
$error[] = "Unable to connect to mysql using provided credentials";
}
if (($config['strict'] || $config['mc_antidos']) && !$config['memcache']['enabled']) {
$error[] = "strict or mc_antidos are enabled and memcache is not, <u>memcache is required</u> to use these.";
if ($config['mc_antidos'] && !$config['memcache']['enabled']) {
$error[] = "mc_antidos is enabled and memcache is not, <u>memcache is required</u> to use this";
}
// poke stratum using gettingstarted details -> enotice
if (substr_count(strtolower(PHP_OS), 'nix') > 0) {
@ -102,10 +102,6 @@ if (@$_SESSION['USERDATA']['is_admin'] && $user->isAdmin(@$_SESSION['USERDATA'][
}
// security checks
// strict not on -> notice
if (!$config['strict']) {
$notice[] = "Strict is <u>disabled</u> - if you have memcache, you should turn this on.";
}
// salts too short -> notice, salts default -> error
if ((strlen($config['SALT']) < 24) || (strlen($config['SALTY']) < 24) || $config['SALT'] == 'PLEASEMAKEMESOMETHINGRANDOM' || $config['SALTY'] == 'THISSHOULDALSOBERRAANNDDOOM') {
if ($config['SALT'] == 'PLEASEMAKEMESOMETHINGRANDOM' || $config['SALTY'] == 'THISSHOULDALSOBERRAANNDDOOM') {

2
public/include/autoloader.inc.php
View File

@ -12,7 +12,7 @@ if (empty($config['algorithm']) || $config['algorithm'] == 'scrypt') {
// Default classes
require_once(CLASS_DIR . '/debug.class.php');
require_once(INCLUDE_DIR . '/lib/KLogger.php');
if ($config['strict']) {
if ($config['mysql_filter']) {
require_once(CLASS_DIR . '/strict.class.php');
}
require_once(INCLUDE_DIR . '/database.inc.php');

85
public/include/classes/memcache_ad.class.php
View File

@ -7,116 +7,79 @@ class MemcacheAntiDos
public $rate_limit_this_request = false;
public $rate_limit_api_request = false;
public $rate_limit_site_request = false;
public function __construct($config, &$memcache, $userORip, $request='', $mcSettings) {
public function __construct($config, &$memcache, $request='') {
$this->cache = $memcache;
// set our config options
$per_page = '';
$flush_sec_api = $config['flush_seconds_api'];
$rate_limit_api = $config['rate_limit_api'];
$flush_sec_site = $config['flush_seconds_site'];
$rate_limit_site = $config['rate_limit_site'];
$ajax_add = $config['ajax_hits_additive'];
unset($config);
$userORip = $_SERVER['REMOTE_ADDR'].$_SERVER['HTTP_USER_AGENT'];
// prep stuff we need to check this request
$key_md5 = md5($mcSettings['keyprefix'].$userORip);
$key_md5 = $config['memcache']['keyprefix'].md5($userORip);
$request_data = $this->cache->get($key_md5);
$now = time();
$max_req_flush = max(array($flush_sec_api,$flush_sec_site));
$max_req_flush = max(array($config['mc_antidos']['flush_seconds_api'],$config['mc_antidos']['flush_seconds_site']));
// check the request
if (is_array($request_data)) {
// this request key already exists, update it
$request_data['la'] = $now;
if ($request == 'api') {
$request_data['ha'] += 1;
if ($ajax_add) {
if ($config['mc_antidos']['ajax_hits_additive']) {
$request_data['hn'] += 1;
}
} else {
$request_data['hn'] += 1;
}
// not rate limited yet, update the rest of the object
if (($request_data['hn'] < $rate_limit_site) && ($request_data['ha'] < $rate_limit_api)) {
if (((($request_data['hnl'] + $flush_sec_site) <= $now) || ($request_data['hal'] + $flush_sec_api) <= $now) || (($request_data['la'] + $max_req_flush) <= $now)) {
if (($request_data['hn'] < $config['mc_antidos']['rate_limit_site']) && ($request_data['ha'] < $config['mc_antidos']['rate_limit_api'])) {
if (((($request_data['hnl'] + $config['mc_antidos']['flush_seconds_site']) <= $now) || ($request_data['hal'] + $config['mc_antidos']['flush_seconds_api']) <= $now) || (($request_data['la'] + $max_req_flush) <= $now)) {
// needs to be flushed & updated
$new = $this->getRequestBase();
$new['key'] = $key_md5;
$new['sid'] = session_id();
$new['ua'] = md5($_SERVER['HTTP_USER_AGENT']);
$new['ip'] = $key_md5;
$new['la'] = $now;
$new['hal'] = ((($request_data['hal'] + $flush_sec_api) <= $now)) ? $now : 1;
$new['hnl'] = ((($request_data['hnl'] + $flush_sec_site) <= $now)) ? $now : 1;
$this->cache->set($key_md5, $new, $max_req_flush);
$this->rate_limit_api_request = ($request_data['ha'] >= $rate_limit_api) ? true : false;
$this->rate_limit_site_request = ($request_data['hn'] >= $rate_limit_site) ? true : false;
//$this->rate_limit_this_request = false;
$new['hal'] = ((($request_data['hal'] + $config['mc_antidos']['flush_seconds_api']) <= $now)) ? $now : 1;
$new['hnl'] = ((($request_data['hnl'] + $config['mc_antidos']['flush_seconds_site']) <= $now)) ? $now : 1;
$this->cache->set($key_md5, $new, $config['memcache']['expiration']);
$this->rate_limit_api_request = ($request_data['ha'] >= $config['mc_antidos']['rate_limit_api']) ? true : false;
$this->rate_limit_site_request = ($request_data['hn'] >= $config['mc_antidos']['rate_limit_site']) ? true : false;
} else {
// no flush, just update
$new = $this->getRequestBase();
$new['key'] = $key_md5;
$new['sid'] = session_id();
$new['ua'] = md5($_SERVER['HTTP_USER_AGENT']);
$new['ip'] = $key_md5;
$new['key'] = $request_data['key'];
$new['la'] = time();
$new['ha'] = $request_data['ha'];
$new['hal'] = $request_data['hal'];
$new['hn'] = $request_data['hn'];
$new['hnl'] = $request_data['hnl'];
$this->cache->set($key_md5, $new, $max_req_flush);
//$this->rate_limit_this_request = false;
$this->rate_limit_api_request = ($request_data['ha'] >= $rate_limit_api) ? true : false;
$this->rate_limit_site_request = ($request_data['hn'] >= $rate_limit_site) ? true : false;
$this->cache->set($key_md5, $new, $config['memcache']['expiration']);
$this->rate_limit_api_request = ($request_data['ha'] >= $config['mc_antidos']['rate_limit_api']) ? true : false;
$this->rate_limit_site_request = ($request_data['hn'] >= $config['mc_antidos']['rate_limit_site']) ? true : false;
}
} else {
// too many hits, we should rate limit this
//$this->rate_limit_this_request = true;
$this->rate_limit_api_request = ($request_data['ha'] >= $rate_limit_api) ? true : false;
$this->rate_limit_site_request = ($request_data['hn'] >= $rate_limit_site) ? true : false;
$this->rate_limit_api_request = ($request_data['ha'] >= $config['mc_antidos']['rate_limit_api']) ? true : false;
$this->rate_limit_site_request = ($request_data['hn'] >= $config['mc_antidos']['rate_limit_site']) ? true : false;
}
} else {
// doesn't exist for this request_key, create one
$new = $this->getRequestBase();
$new['key'] = $key_md5;
$new['sid'] = session_id();
$new['ua'] = md5($_SERVER['HTTP_USER_AGENT']);
$new['ip'] = $key_md5;
$new['key'] = $config['memcache']['keyprefix'].md5($userORip);
$new['la'] = time();
if ($request == 'api') {
$new['ha'] += 1;
if ($ajax_add) {
if ($config['mc_antidos']['ajax_hits_additive']) {
$new['hn'] += 1;
}
} else {
$new['hn'] += 1;
}
$this->cache->set($key_md5, $new, $max_req_flush);
$this->rate_limit_this_request = false;
$this->cache->set($key_md5, $new, $config['memcache']['expiration']);
$this->rate_limit_api_request = false;
$this->rate_limit_site_request = false;
}
}
public function getRequestBase() {
$new = array(
'key' => '',
'sid' => '',
'ua' => '',
'ip' => '',
'la' => 0,
'hn' => 0,
'hnl' => 0,
'ha' => 0,
'hal' => 0
);
$new = array('key' => '','la' => 0,'hn' => 0,'hnl' => 0,'ha' => 0,'hal' => 0);
return $new;
}
public function rateLimitRequest() {
return $this->rate_limit_this_request;
}
public function rateLimitSite() {
return $this->rate_limit_site_request;
}
public function rateLimitAPI() {
return $this->rate_limit_api_request;
}
}
?>

137
public/include/classes/strict.class.php
View File

@ -1,143 +1,6 @@
<?php
$defflip = (!cfip()) ? exit(header('HTTP/1.1 401 Unauthorized')) : 1;
class strict_session {
private $memcache = null;
private $validate_client = false;
private $validate_client_ip = false;
private $validate_client_ua = false;
private $validate_client_sid = false;
private $validate_client_num = 0;
private $valid_server = '';
private $memcache_key = '';
public function valid_session_id($id) {
return preg_match('#^[a-zA-Z0-9]{26}$#', $id);
}
public function session_delete_key($key) {
$read = $this->memcache->delete($key);
}
private $validation_misses = 0;
private $initial_ua;
public function create_or_update_client($client, $force=false, $login=false) {
$read = $this->memcache->get($client['key']);
// this needs to be available later
$update = array('key' => '','sid' => '','ua' => '','ip' => '','la' => 0,'hn' => 0,'hnl' => 0,'ha' => 0,'hal' => 0);
$update['sid'] = $client['sid'];
$update['ua'] = md5($this->initial_ua);
$update['ip'] = $client['ip'];
$update['la'] = time();
$update['key'] = md5($this->memcache_key.$client['ip']);
$validation_misses = 0;
if ($read !== false) {
$read_model = array('key' => '','sid' => '','ua' => '','ip' => '','la' => 0,'hn' => 0,'hnl' => 0,'ha' => 0,'hal' => 0);
$read_model['sid'] = @$read['sid'];
$read_model['ip'] = @$read['ip'];
$read_model['ua'] = @$read['ua'];
$read_model['la'] = @$read['la'];
$read_model['key'] = md5($this->memcache_key.$read['ip']);
// key already exists, update
if ($this->validate_client) {
if ($this->verify_client($read_model, $update, $login)) {
$update_client = $this->memcache->set($update['key'], $update);
}
}
} else {
$update_client = $this->memcache->set($client['key'], $client);
if ($force && $login) {
$update_client = $this->memcache->set($update['key'], $update);
}
}
}
public function verify_client($client_model, $data, $login=false) {
$fails = 0;
$fails += ((count($client_model)) !== (count($data)) && $this->validate_client) ? 1 : 0;
$fails += ($client_model['ua'] !== $data['ua'] && $this->validate_client && $this->validate_client_ua) ? 1 : 0;
$fails += ($client_model['ip'] !== $data['ip'] && $this->validate_client && $this->validate_client_ip) ? 1 : 0;
$now = time();
$this->validation_misses = $fails;
if ($fails > $this->validate_client_num && $login == false && $this->validate_client) {
// something changed
$port = ($_SERVER["SERVER_PORT"] == "80" || $_SERVER["SERVER_PORT"] == "443") ? "" : (":".$_SERVER["SERVER_PORT"]);
$location = (@$_SERVER['HTTPS'] == "on") ? 'https://' : 'http://';
$location .= $_SERVER['SERVER_NAME'] . $port . $_SERVER['SCRIPT_NAME'];
$this->session_delete_key($client_model['key']);
$this->session_delete_key($data['key']);
@session_start();
@session_regenerate_id(true);
$_SESSION = null;
$_SESSION['POPUP'][] = array('CONTENT' => "Session revoked due to a change in your client. You may have a plugin messing with your useragent, or your IP address may have changed.", 'TYPE' => 'warning');
$location.= '?page=login';
if (!headers_sent()) exit(header('Location: ' . $location));
exit('<meta http-equiv="refresh" content="0; url=' . htmlspecialchars($location) . '"/>');
}
return ($fails > 0) ? false : true;
}
public function read_if_client_exists($client_key) {
if ($this->memcache !== null) {
$exists = $this->memcache->get($client_key);
}
return ($exists !== null) ? $exists : false;
}
public function regen_session_id() {
$sidbefore = @session_id();
@session_regenerate_id(true);
$sid = session_id();
return $sid;
}
public function __construct($config, &$memcache) {
$this->initial_ua = $_SERVER['HTTP_USER_AGENT'];
$this->memcache = $memcache;
$this->memcache_key = $config['memcache']['keyprefix'];
if ($config['strict__verify_client']) {
$this->validate_client = true;
$this->validate_client_ip = $config['strict__verify_client_ip'];
$this->validate_client_ua = $config['strict__verify_client_useragent'];
$this->validate_client_sid = $config['strict__verify_client_sessionid'];
$this->validate_client_num = 0;
if ($config['strict__verify_server']) {
$proto = (@$_SERVER['HTTPS'] == "on") ? 'https' : 'http';
$location = $proto."://".$_SERVER['SERVER_NAME'] . $_SERVER['SERVER_PORT'];
if ($config['strict__verify_server']) {
if ($config['strict__bind_protocol']."://".$config['strict__bind_host'].$config['strict__bind_port'] !== $location) {
return false;
}
}
}
$client = array('key' => '','sid' => '','ua' => '','ip' => '','la' => 0,'hn' => 0,'hnl' => 0,'ha' => 0,'hal' => 0);
$client['ua'] = md5($_SERVER['HTTP_USER_AGENT']);
$client['ip'] = md5($_SERVER['REMOTE_ADDR']);
$client['la'] = time();
$client['key'] = md5($this->memcache_key.$client['ip']);
$read = $this->read_if_client_exists($client['key']);
}
session_set_cookie_params((time()+$config['cookie']['duration']), $config['cookie']['path'], $config['cookie']['domain'], false, true);
$session_start = @session_start();
$client['sid'] = session_id();
$valid_session_id = $this->valid_session_id($client['sid']);
if (!$valid_session_id || !$session_start) {
@session_destroy();
$client['sid'] = $this->regen_session_id();
session_start();
}
if ($read !== null) {
// client exists, verify
$this->create_or_update_client($client, true, false);
} else {
// doesn't exist
$this->create_or_update_client($client, true, true);
}
@setcookie(session_name(), $client['sid'], (time()+$config['cookie']['duration']), $config['cookie']['path'], $config['cookie']['domain'], false, true);
// post changes validate
if ($this->validate_client) {
$read_post = $this->read_if_client_exists($client['key']);
if ($read_post !== null) {
$this->verify_client($client, $read_post, true);
}
}
}
}
class mysqli_strict extends mysqli {
public function bind_param($paramTypes) {
if (!is_string($paramTypes)) {

30
public/include/classes/user.class.php
View File

@ -503,17 +503,10 @@ class User extends Base {
if (!empty($lastIP) && (!empty($lastLoginTime))) {
$_SESSION['last_ip_pop'] = array($lastIP, $lastLoginTime);
}
if ($this->config['strict'] && $this->config['memcache']['enabled']) {
session_regenerate_id(true);
$_SESSION['AUTHENTICATED'] = '1';
// $this->user from checkUserPassword
$_SESSION['USERDATA'] = $this->user;
} else {
session_regenerate_id(true);
$_SESSION['AUTHENTICATED'] = '1';
// $this->user from checkUserPassword
$_SESSION['USERDATA'] = $this->user;
}
session_regenerate_id(true);
$_SESSION['AUTHENTICATED'] = '1';
// $this->user from checkUserPassword
$_SESSION['USERDATA'] = $this->user;
}
/**
@ -814,17 +807,10 @@ class User extends Base {
**/
public function isAuthenticated($logout=true) {
$this->debug->append("STA " . __METHOD__, 4);
if (!$this->config['strict']) {
if (@$_SESSION['AUTHENTICATED'] == true &&
!$this->isLocked($_SESSION['USERDATA']['id']) &&
$this->getUserIp($_SESSION['USERDATA']['id']) == $_SERVER['REMOTE_ADDR']
) return true;
} else {
if (@$_SESSION['AUTHENTICATED'] && $_SESSION['AUTHENTICATED'] == '1' &&
(!$this->isLocked($_SESSION['USERDATA']['id'])) &&
($this->getUserIp($_SESSION['USERDATA']['id']) == $_SERVER['REMOTE_ADDR']))
return true;
}
if (@$_SESSION['AUTHENTICATED'] == true &&
!$this->isLocked($_SESSION['USERDATA']['id']) &&
$this->getUserIp($_SESSION['USERDATA']['id']) == $_SERVER['REMOTE_ADDR']
) return true;
// Catchall
if ($logout == true) $this->logoutUser($_SERVER['REQUEST_URI']);
return false;

20
public/include/config/security.inc.dist.php
View File

@ -2,22 +2,12 @@
$defflip = (!cfip()) ? exit(header('HTTP/1.1 401 Unauthorized')) : 1;
/**
* Strict Mode
* Extra security options that can help protect against a few different types of attacks
* https://github.com/MPOS/php-mpos/wiki/Config-Setup#wiki-strict-mode
* Misc
* Extra security settings
*
**/
$config['strict'] = true;
$config['strict__https_only'] = false;
$config['strict__mysql_filter'] = true;
$config['strict__verify_client'] = true;
$config['strict__verify_client_ip'] = true;
$config['strict__verify_client_useragent'] = true;
$config['strict__verify_client_sessionid'] = true;
$config['strict__verify_client_fails'] = 0;
$config['strict__verify_server'] = false;
$config['strict__bind_protocol'] = 'https';
$config['strict__bind_host'] = '';
$config['strict__bind_port'] = 443;
$config['https_only'] = false;
$config['mysql_filter'] = true;
/**
* Memcache Rate Limiting

2
public/include/database.inc.php
View File

@ -2,7 +2,7 @@
$defflip = (!cfip()) ? exit(header('HTTP/1.1 401 Unauthorized')) : 1;
// Instantiate class, we are using mysqlng
if ($config['strict'] && $config['strict__mysql_filter']) {
if ($config['mysql_filter']) {
$mysqli = new mysqli_strict($config['db']['host'], $config['db']['user'], $config['db']['pass'], $config['db']['name'], $config['db']['port']);
} else {
$mysqli = new mysqli($config['db']['host'], $config['db']['user'], $config['db']['pass'], $config['db']['name'], $config['db']['port']);

12
public/include/pages/login.inc.php
View File

@ -29,17 +29,7 @@ if ($setting->getValue('maintenance') && !$user->isAdmin($user->getUserIdByEmail
$port = ($_SERVER["SERVER_PORT"] == "80" || $_SERVER["SERVER_PORT"] == "443") ? "" : (":".$_SERVER["SERVER_PORT"]);
$location = (@$_SERVER['HTTPS'] == "on") ? 'https://' : 'http://';
$location .= $_SERVER['SERVER_NAME'] . $port . $_SERVER['SCRIPT_NAME'];
if ($config['strict'] && $config['memcache']['enabled']) {
$update = array('key' => '','sid' => '','ua' => '','ip' => '','la' => 0,'hn' => 0,'hnl' => 0,'ha' => 0,'hal' => 0);
$session->regen_session_id();
$update['sid'] = session_id();
$update['ua'] = md5($_SERVER['HTTP_USER_AGENT']);
$update['ip'] = md5($_SERVER['REMOTE_ADDR']);
$update['la'] = time();
$update['key'] = md5($update['ip']);
$session->create_or_update_client($update, true, true);
$location.= '?page=dashboard';
}
$location.= '?page=dashboard';
if (!headers_sent()) header('Location: ' . $location);
exit('<meta http-equiv="refresh" content="0; url=' . htmlspecialchars($location) . '"/>');
} else {

13
public/include/pages/logout.inc.php
View File

@ -1,18 +1,7 @@
<?php
$defflip = (!cfip()) ? exit(header('HTTP/1.1 401 Unauthorized')) : 1;
if ($config['strict']) {
$user->logoutUser();
$update = $session::$client_model;
$update['sid'] = session_id();
$update['ua'] = $_SERVER['HTTP_USER_AGENT'];
$update['ip'] = $_SERVER['REMOTE_ADDR'];
$update['la'] = time();
$update['key'] = md5($update['ua'].$update['ip']);
$session->create_or_update_client($update, true);
} else {
$user->logoutUser();
}
$user->logoutUser();
$smarty->assign("CONTENT", "default.tpl");
?>

43
public/index.php
View File

@ -40,40 +40,33 @@ define("BASEPATH", dirname(__FILE__) . "/");
include_once('include/bootstrap.php');
// switch to https if config option is enabled
$hts = ($config['strict__https_only'] && (!empty($_SERVER['QUERY_STRING']))) ? "https://".$_SERVER['SERVER_NAME'].$_SERVER['SCRIPT_NAME']."?".$_SERVER['QUERY_STRING'] : "https://".$_SERVER['SERVER_NAME'].$_SERVER['SCRIPT_NAME'];
($config['strict__https_only'] && @!$_SERVER['HTTPS']) ? exit(header("Location: ".$hts)):0;
$hts = ($config['https_only'] && (!empty($_SERVER['QUERY_STRING']))) ? "https://".$_SERVER['SERVER_NAME'].$_SERVER['SCRIPT_NAME']."?".$_SERVER['QUERY_STRING'] : "https://".$_SERVER['SERVER_NAME'].$_SERVER['SCRIPT_NAME'];
($config['https_only'] && @!$_SERVER['HTTPS']) ? exit(header("Location: ".$hts)):0;
if ($config['memcache']['enabled'] && ($config['mc_antidos']['enabled'] || $config['strict'])) {
if ($config['memcache']['enabled'] && $config['mc_antidos']['enabled']) {
if (PHP_OS == 'WINNT') {
require_once(CLASS_DIR . 'memcached.class.php');
}
// strict mode and memcache antidos need a memcache handle
// memcache antidos needs a memcache handle
$memcache = new Memcached();
$memcache->addServer($config['memcache']['host'], $config['memcache']['port']);
}
if ($config['memcache']['enabled'] && $config['strict'] || $config['mc_antidos']['enabled']) {
if ($config['memcache']['enabled'] && $config['mc_antidos']['enabled']) {
require_once(CLASS_DIR . '/memcache_ad.class.php');
}
if ($config['memcache']['enabled'] && $config['strict']) {
$session = new strict_session($config, $memcache);
if ($config['strict__verify_server'] && !$session) {
// server not verified, session manager will kill the client verification failures
exit(header('HTTP/1.1 401 Unauthorized'));
}
} else {
$session_start = @session_start();
session_set_cookie_params(time()+$config['cookie']['duration'], $config['cookie']['path'], $config['cookie']['domain'], $config['cookie']['secure'], $config['cookie']['httponly']);
if (!$session_start) {
session_destroy();
session_regenerate_id(true);
session_start();
}
@setcookie(session_name(), session_id(), time()+$config['cookie']['duration'], $config['cookie']['path'], $config['cookie']['domain'], $config['cookie']['secure'], $config['cookie']['httponly']);
$session_start = @session_start();
session_set_cookie_params(time()+$config['cookie']['duration'], $config['cookie']['path'], $config['cookie']['domain'], $config['cookie']['secure'], $config['cookie']['httponly']);
if (!$session_start) {
session_destroy();
session_regenerate_id(true);
session_start();
}
@setcookie(session_name(), session_id(), time()+$config['cookie']['duration'], $config['cookie']['path'], $config['cookie']['domain'], $config['cookie']['secure'], $config['cookie']['httponly']);
// Rate limiting
if ($config['memcache']['enabled'] && ($config['mc_antidos']['enabled'] || $config['strict'])) {
if ($config['memcache']['enabled'] && $config['mc_antidos']['enabled']) {
$skip_check = false;
// if this is an api call we need to be careful not to time them out for those calls separately
$per_page = '';
@ -97,14 +90,12 @@ if ($config['memcache']['enabled'] && ($config['mc_antidos']['enabled'] || $conf
$skip_check = true;
}
if (!$skip_check) {
$mcad = new MemcacheAntiDos($config['mc_antidos'], $memcache, $_SERVER['REMOTE_ADDR'], $per_page, $config['memcache']);
$rate_limit_reached_site = $mcad->rateLimitSite();
$rate_limit_reached_api = $mcad->rateLimitAPI();
if ($rate_limit_reached_api && $is_ajax_call && $config['mc_antidos']['protect_ajax']) {
$mcad = new MemcacheAntiDos($config, $memcache, $per_page);
if ($config['mc_antidos']['protect_ajax'] && $is_ajax_call && $mcad->rate_limit_api_request) {
exit(header('HTTP/1.1 401 Unauthorized'));
}
$error_page = $config['mc_antidos']['error_push_page'];
if ($rate_limit_reached_site == true) {
if ($mcad->rate_limit_site_request) {
if (!is_array($error_page) || count($error_page) < 1 || (empty($error_page['page']) && empty($error_page['action']))) {
die("You are sending too many requests too fast!");
} else {