我收到一个无法重现的错误。
以下代码是防止攻击的模块的一部分。这个特定的片段正在跟踪我从特定机器人用户代理获得的点击次数。
经过多年无故障使用,我突然收到错误:
遇到格式不正确的数值;
这发生在以下行:
$seconds = time() - $time;
$time 的值为2016-10-02 19:33:42
函数 safefilename() 返回:
Mozilla-5-0-compatible-spbot-5-0-3-http-OpenLinkProfiler-org-bot
正在写入和读取的文件的名称是:
bot_2016-10-02--19-33-42_Mozilla-5-0-compatible-spbot-5-0-3-http-Open_104.131.179.5.log
方法
下面的代码针对机器人并写入基于用户代理和文件创建时间的文件名。每次使用该用户代理时,它都会在文件中添加一个“X”,以便我可以跟踪该代理访问了多少次。如果机器人针对我的次数超过一定次数,我会阻止它。
下面的代码在测试和生产中产生了期望的结果——当然,抛出这个错误时除外。提到的文件有6个字节写入它,所以它之前已经成功读取和写入了5次。
php 错误记录在 06:37:04 并且我的服务器日志文件显示了这些命中:
104.131.63.140 - - [10/Dec/2016:06:36:59 -0800] "GET /robots.txt HTTP/1.1" 301 257 "-" "Mozilla/5.0 (compatible; spbot/5.0.3; +http://OpenLinkProfiler.org/bot )"
104.131.63.140 - - [10/Dec/2016:06:36:59 -0800] "GET /robots.txt HTTP/1.1" 200 1460 "-" "Mozilla/5.0 (compatible; spbot/5.0.3; +http://OpenLinkProfiler.org/bot )"
104.131.63.140 - - [10/Dec/2016:06:37:04 -0800] "GET / HTTP/1.1" 403 937 "-" "Mozilla/5.0 (compatible; spbot/5.0.3; +http://OpenLinkProfiler.org/bot )"
104.131.63.140 - - [10/Dec/2016:06:37:05 -0800] "GET / HTTP/1.1" 301 247 "-" "Mozilla/5.0 (compatible; spbot/5.0.3; +http://OpenLinkProfiler.org/bot )"
PHP 代码 我提取了以下代码,可以单独运行以进行测试。
// this is my site address
define("STATIC_SITE_ROOT", "http://static");
$agent = "Mozilla/5.0 (compatible; spbot/5.0.3; +http://OpenLinkProfiler.org/bot )";
$ip = '127.0.0.1';
$t = new test();
$t->testAgent($agent, $ip);
class test {
public $agent;
public $ip;
public $maxbadpages = 100;
function testAgent($agent, $ip){
$this->agent = $agent;
$this->ip = $ip;
if (strlen($badbot = $this->badbot($this->agent)) > 0){
$new = FALSE;
$path = $_SERVER['DOCUMENT_ROOT'] . "/logs";
// $filename = "bot-" . time() . "-" . safefilename(substr($this->agent, 0, 50));
$safefilename = safefilename(substr($this->agent, 0, 50));
$filename = "bot_" . date("Y-m-d--H-i-s") . "_" . $safefilename . "_" . $this->ip . ".log";
$filter = $safefilename;
$afiles = getDirArray($path, $filter);
if (count($afiles) > 0){
// bot file already exists
$filename = $afiles[0];
} else {
// add time to filename if crating new file
$new = TRUE;
}
$fullfilename = "$path/$filename";
// log a counter (# bytes in file)
file_put_contents($fullfilename, "X", FILE_APPEND);
// number of hits == size of file
$size = filesize($fullfilename);
// count hits to determine if block via htaccess
// if > # entries in log from a useragent, ban it
if ($size > $this->maxbadpages){
$this->blockagent($this->agent, $this->ip, "> $this->maxbadpages hits");
} elseif (! $new) {
// test for hits per second
$blockagent = FALSE;
$parts = explode("_", $filename);
// 2nd part is the time
// $time = strtotime($parts[1]);
$parts2 = explode("--", $parts[1]);
$time = $parts2[0] . " " . str_replace("-",":",$parts2[1]);
// seconds is time elapsed
$seconds = time() - $time;
// check for various scenarios
if ($size > $seconds * 2){
// more than average of 2 hits per second for any period
$blockagent = TRUE;
$reason = "$size (hits) > $seconds (seconds) * 2";
}
if ($seconds >= 10 && $size > $seconds * 1){
// more than 1 hit per second over 10 seconds
$blockagent = TRUE;
$reason = "$seconds (seconds) >= 10 && $size (hits) > $seconds (seconds) * 1";
}
if ($blockagent){
$this->blockagent($this->agent, $this->ip, $reason);
}
}
$this->blockAccess("bad bot: ". $badbot);
}
}
function blockAgent($message){
die("Block Agent: " . $message);
}
function blockAccess($message){
die("Block Access: " . $message);
}
function badbot($agent) {
if (stripos($agent, "bot") !==FALSE){
return "match 'bot' in agent: ($agent)";
} elseif (stripos($agent, "spider") !==FALSE){
return "match 'spider' in agent: ($agent)";
} elseif (stripos($agent, "crawl") !==FALSE){
return "match 'crawl' in agent: ($agent)";
}
$badbots = array(
"007AC9",
"2Bone",
"404 Checker",
"There are many more bad bots contained in this array...");
foreach ($badbots as $bot) {
//If the spider text is found in the current user agent, then return true
if (stripos($agent, $bot) !== false){
return "$bot ($agent)";
return "match: $bot in agent: ($agent)";
}
}
//If it gets this far then no bot was found!
return "";
}
}
function safefilename($string){
// convert entities e.g. Á => Á
$string = htmlentities($string, ENT_QUOTES, 'UTF-8');
// replace the entities with letter equivalents
$string = preg_replace('~&([a-z]{1,2})(acute|cedil|circ|grave|lig|orn|ring|slash|th|tilde|uml);~i', '$1', $string);
// return entities which did not have letter equivalents back to entities
$string = html_entity_decode($string, ENT_QUOTES, 'UTF-8');
// replace non valid chars with dash and multiple dashes with only one
$string = preg_replace(array('~[^0-9a-z]~i', '~[ -]+~'), '-', $string);
return trim($string, ' -');
}
function getDirArray($path = "./", $filter = ".*", $exclude = '', $sorted = true, $optfilter2 = '') {
// for server directories, can't use the static url
$path = str_replace(STATIC_SITE_ROOT, $_SERVER['DOCUMENT_ROOT'], $path);
if (file_exists($path) == false) {
if (mkdir($path, 0777, true) == false) {
die($path);
exit;
}
}
$handle = opendir($path);
$dir = array();
while ($file = readdir($handle)) {
if (is_file("$path/$file") && preg_match("/$filter/", $file) && (strlen($exclude) == 0 ? TRUE : !preg_match("/$exclude/", $file))) {
if ($optfilter2 == '') {
// No 2n filter
$dir[] = $file;
} else {
$pos = strpos($file, $optfilter2);
if ($pos === false) {
// Not found
} else {
$dir[] = $file;
}
}
}
}
closedir($handle);
if ($sorted == true) {
sort($dir);
}
return $dir;
}