This repository has been archived by the owner on Sep 18, 2023. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathlock.inc.php
48 lines (35 loc) · 2.06 KB
/
lock.inc.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
<?php
require_once("config.inc.php");
require_once("sql.inc.php");
function databaseIsLocked($year) {
return file_exists(dirname(__FILE__) . "/lock/finanzen_" . $year . ".txt");
}
function databaseGetLockMeta($year) {
$meta = unserialize(file_get_contents(dirname(__FILE__) . "/lock/finanzen_" . $year . ".txt"));
$meta[] = filectime(dirname(__FILE__) . "/lock/finanzen_" . $year . ".txt");
return $meta;
}
function databaseIsAuth($year, $user, $host) {
list($lockedBy, $lockedHost, $lockedPassword, $lockedTimestamp) = databaseGetLockMeta($year);
return $lockedBy == databaseGetSqlUser($user) && $lockedHost == $host;
}
function databaseGetSqlUser($user) {
return substr($user,0,14);
}
function databaseLock($year, $user, $host) {
global $sql;
$sqluser = databaseGetSqlUser($user);
$password = substr(md5(microtime(true) . "-" . $year . "-" . rand(10000,99999)), rand(0,15), 16);
$sql->query("CREATE USER '".$sql->real_escape_string($sqluser)."'@'".$sql->real_escape_string($host)."' IDENTIFIED BY '".$sql->real_escape_string($password)."';");
$sql->query("GRANT ALL PRIVILEGES ON `finanzen\\_".str_replace("_","\\_",$sql->real_escape_string($year))."` . * TO '".$sql->real_escape_string($sqluser)."'@'".$sql->real_escape_string($host)."';");
file_put_contents(dirname(__FILE__) . "/lock/finanzen_" . $year . ".txt", serialize(array($sqluser, $host, $password)));
file_put_contents(dirname(__FILE__) . "/lock/finanzen_" . $year . ".log", "[" .strftime("%Y-%m-%d %H:%M",time()). "] Locked ".$sqluser."@".$host." by " . $user . "\n", FILE_APPEND);
return array($sqluser, $password);
}
function databaseUnlock($year) {
global $sql;
list($lockedBy, $lockedHost, $lockedPassword, $lockedTimestamp) = databaseGetLockMeta($year);
$sql->query("DROP USER '".$sql->real_escape_string($lockedBy)."'@'".$sql->real_escape_string($lockedHost)."'");
file_put_contents(dirname(__FILE__) . "/lock/finanzen_" . $year . ".log", "[" .strftime("%Y-%m-%d %H:%M",time()). "] Unlocked ".$lockedBy."@".$lockedHost. "\n", FILE_APPEND);
unlink(dirname(__FILE__) . "/lock/finanzen_" . $year . ".txt");
}