X-Git-Url: http://mop.ddnsfree.com/gitweb/?p=brisk.git;a=blobdiff_plain;f=web%2Findex.php;fp=web%2Findex.php;h=feaa28e4b95bc90ab3bcfd1390af3da7015ddb92;hp=6ee1d74fc6b53773e161c13af4d371c8a3498d93;hb=8dae4c3ee7fdb23c9780191e7e51343553033a93;hpb=ffe7c5f4e251654501bc5a2bdd690944076ef131

diff --git a/web/index.php b/web/index.php
index 6ee1d74..feaa28e 100644
--- a/web/index.php
+++ b/web/index.php
@@ -237,7 +237,7 @@ function poll_dom() {
     return '';
 }
 
-function index_main(&$brisk, $transp_type, &$header_out, $addr, $get, $post, $cookie)
+function index_main(&$brisk, $transp_type, &$header_out, $remote_addr_full, $get, $post, $cookie)
 {
     GLOBAL $G_with_donors, $G_donors_cur, $G_donors_all;
     GLOBAL $G_with_topbanner, $G_topbanner, $G_is_local;
@@ -258,8 +258,10 @@ function index_main(&$brisk, $transp_type, &$header_out, $addr, $get, $post, $co
     if (($table_token = gpcs_var('table_idx', $get, $post, $cookie)) === FALSE)
         unset ($table_token);
 
+    $remote_addr = addrtoipv4($remote_addr_full);
+
     // Use of proxies isn't allowed.
-    if (!$G_is_local && is_proxy($addr)) {
+    if (!$G_is_local && is_proxy($remote_addr)) {
         return FALSE;
     }
 
@@ -298,15 +300,22 @@ function index_main(&$brisk, $transp_type, &$header_out, $addr, $get, $post, $co
       if ($ACTION == "login" && isset($name)) {
           log_main("pre garbage_manager DUE");
 
-          if (isset($pass_private) == FALSE) {
+          if (isset($pass_private) == FALSE || $pass_private == "") {
               $pass_private = FALSE;
+
+              $banned = FALSE;
+              if ($brisk->ban_check($remote_addr)) {
+                  // TODO: find a way to add a nonblocking sleep(5) here
+                  $banned = TRUE;
+                  $idx = -1;
+              }
           }
 
           $brisk->garbage_manager(TRUE);
           /* try login */
 
-          $ipv4addr = addrtoipv4($addr);
-          if (($user = $brisk->add_user(&$sess, &$idx, $name, $pass_private, $ipv4addr, $cookie)) != FALSE) {
+          if ($banned == FALSE &&
+              ($user = $brisk->add_user(&$sess, &$idx, $name, $pass_private, $remote_addr, $cookie)) != FALSE) {
               $brisk->sess_cur_set($user->sess);
               $ACTION = "room";
               if ($idx < 0) {
@@ -314,7 +323,7 @@ function index_main(&$brisk, $transp_type, &$header_out, $addr, $get, $post, $co
                   $is_login = TRUE;
               }
 
-              log_legal($curtime, $ipv4addr, $user, "STAT:LOGIN", '');
+              log_legal($curtime, $remote_addr, $user, "STAT:LOGIN", '');
 
               // recovery lost game
               if ($user->stat == "table") {