-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathbad-behavior-mysql.php
More file actions
76 lines (68 loc) · 2.28 KB
/
bad-behavior-mysql.php
File metadata and controls
76 lines (68 loc) · 2.28 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
<?php
/**
* Database functions.
*
* @package BadBehavior
* @author Kevin Provance/SVL Studios
* @license GNU General Public License, version 3
* @copyright 2024 SVL Studios
*/
defined( 'ABSPATH' ) || exit;
/**
* Our log table structure.
*
* @param string $name DB name.
*
* @return string
*/
function bb2_table_structure( string $name ): string {
// It's not paranoia if they really are out to get you.
$name_escaped = bb2_db_escape( $name );
return "CREATE TABLE IF NOT EXISTS `$name_escaped` (
`id` INT(11) NOT NULL auto_increment,
`ip` TEXT NOT NULL,
`date` DATETIME NOT NULL default '0000-00-00 00:00:00',
`request_method` TEXT NOT NULL,
`request_uri` TEXT NOT NULL,
`server_protocol` TEXT NOT NULL,
`http_headers` TEXT NOT NULL,
`user_agent` TEXT NOT NULL,
`request_entity` TEXT NOT NULL,
`key` TEXT NOT NULL,
INDEX (`ip`(15)),
INDEX (`user_agent`(10)),
PRIMARY KEY (`id`) );"; // TODO: INDEX might need tuning.
}
/**
* Insert a new record.
*
* @param array $settings Settings.
* @param array $package Package.
* @param string $key Key.
*
* @return string
*/
function bb2_insert( array $settings, array $package, string $key ): string {
if ( ! $settings['logging'] ) {
return '';
}
$ip = bb2_db_escape( $package['ip'] );
$date = bb2_db_date();
$request_method = bb2_db_escape( $package['request_method'] );
$request_uri = bb2_db_escape( $package['request_uri'] );
$server_protocol = bb2_db_escape( $package['server_protocol'] );
$user_agent = bb2_db_escape( $package['user_agent'] );
$headers = "$request_method $request_uri $server_protocol\n";
foreach ( $package['headers'] as $h => $v ) {
$headers .= bb2_db_escape( "$h: $v\n" );
}
$request_entity = '';
if ( ! strcasecmp( $request_method, 'POST' ) ) {
foreach ( $package['request_entity'] as $h => $v ) {
$request_entity .= bb2_db_escape( "$h: $v\n" );
}
}
return 'INSERT INTO `' . bb2_db_escape( $settings['log_table'] ) . "`
(`ip`, `date`, `request_method`, `request_uri`, `server_protocol`, `http_headers`, `user_agent`, `request_entity`, `key`) VALUES
('$ip', '$date', '$request_method', '$request_uri', '$server_protocol', '$headers', '$user_agent', '$request_entity', '$key')";
}