define('wpadtiddos_seconds_limit_GET',1);
define('wpadtiddos_seconds_limit_XHR',3);
class wp_antiddos
{
var $enable = true;
var $hits_limit_GET = 3; // hits limit for GET requests (per wpadtiddos_seconds_limit_GET second)
var $hits_limit_XHR = 3; // hits limit for XHR requests (per wpadtiddos_seconds_limit_XHR second)
var $seconds_limit_POST = 3; // seconds limit for POST requests
var $seconds_limit_AUTH = 3; // seconds limit for AUTH (Password) requests
var $visitor; // status of visitor = raw|cool|warm|hot
var $warm_level; // number of hits for last $seconds_limit seconds that cause visitor`s status turn to warm
var $auto = true; // block visitors by AntiDDOS
var $delay_time = 30; // seconds of delay of blocked visitors
var $block_cnet = true; // block all C class net.
var $cloudflare = true; // convert Cloudflare HTTP_CF_CONNECTING_IP to REMOTE_ADDR
var $send_header = false; // send "WP_AntiDDOS: yes" header for debug purposes
var $only_params_enabled = false; // Only Params feature enabled
var $only_params = 's'; // the only GET/POST params that trigger checkup
var $status, $error_msg;
var $conn; // mysql connection
var $hits = false; // actual hits number for current IP
var $cookie = ''; // wpantiddos cookie value that prevents anti DDOS processing
var $table_name = '';
var $pass_param = 'pwd'; // name of POST parameter that indentify Login (AUTH) request
var $delay_message = 'Our server is currently overloaded, your request will be repeated automatically in %s seconds';
var $delay_message_auth = 'Our server is currently overloaded, your request will be repeated automatically in %s seconds';
public function __construct()
{
if (isset($GLOBALS['wp_antiddos_instance']))
return;
else
$GLOBALS['wp_antiddos_instance'] = &$this;
if ($_SERVER['REMOTE_ADDR']=='127.0.0.1')
return;
$this->conn = mysqli_connect(DB_HOST,DB_USER,DB_PASSWORD);
$ok = mysqli_select_db($this->conn,DB_NAME);
if (!$ok) return false;
$this->get_options();
// plugin disabled
if (!$this->enable) return;
// current request is admin's one
if (isset($_COOKIE['wpantiddos']) && $_COOKIE['wpantiddos']==$this->cookie) return;
if ($this->only_params_enabled)
if (!$this->only_param_detected())
return;
// detect request type and limits
if ($this->xhr_request())
{
if ($this->hits_limit_XHR=='ANY') return;
$request_type = 'xhr';
$hits_limit = $this->hits_limit_XHR;
$seconds_limit = wpadtiddos_seconds_limit_XHR;
}
elseif ($_POST && isset($_POST[$this->pass_param]) )
{
if ($this->seconds_limit_AUTH=='ANY') return;
$request_type = 'auth';
$seconds_limit = $this->seconds_limit_AUTH;
$this->only_params .= ' '.$this->pass_param;
$hits_limit = 1;
}
elseif ($_POST)
{
if ($this->seconds_limit_POST=='ANY') return;
$request_type = 'post';
$hits_limit = 1;
$seconds_limit = $this->seconds_limit_POST;
}
else
{
if ($this->hits_limit_GET=='ANY') return;
$request_type = 'get';
$hits_limit = $this->hits_limit_GET;
$seconds_limit = wpadtiddos_seconds_limit_GET;
}
if ($this->send_header)
header("WP_AntiDDOS: yes");
if ($this->cloudflare)
{
if (isset($_SERVER['HTTP_CF_CONNECTING_IP']))
$_SERVER['REMOTE_ADDR'] = $_SERVER['HTTP_CF_CONNECTING_IP'];
}
$this->ip = $_SERVER['REMOTE_ADDR'];
if ($this->block_cnet)
$this->ip = substr($this->ip,0,strrpos($this->ip,'.')+1);
$this->warm_level = ceil($hits_limit/2);
try
{
$res = mysqli_query($this->conn,"SELECT count(*) kount FROM $this->table_name WHERE ip='".addslashes($this->ip)."' AND tstamp>".(time()-$seconds_limit)." AND type='$request_type'");
$row = mysqli_fetch_assoc($res);
if (!$row)
$this->error_msg = 'Error detected';
$this->hits = @$row['kount']+1; // consider current request too
if ($this->hits==0) // if no hits from this IP
$this->visitor = "new";
elseif ($this->hits>$hits_limit)
$this->visitor = "hot";
elseif ($this->hits>=$this->warm_level)
$this->visitor = "warm";
else
$this->visitor = "cool";
// add current hit
mysqli_query($this->conn,"INSERT INTO $this->table_name SET ip='$this->ip', type='$request_type', tstamp=".time());
// cleanup ip list
$clear_time = max($this->delay_time,$seconds_limit);
mysqli_query($this->conn,"DELETE FROM $this->table_name WHERE tstamp<".(time()-$clear_time));
}
catch(Exception $e)
{
$this->error_msg = $e->getString();
$this->status = 'error';
mysqli_close($this->conn);
return;
}
mysqli_close($this->conn);
if (!empty($this->error_msg) )
{
$this->status = 'error';
}
if ($this->auto && $this->visitor=='hot')
{
header('HTTP/1.0 503 Service Unavailable');
header('Status: 503 Service Unavailable');
header("Retry-After: ".($this->delay_time+1)); // submit form first if POST request
if (!$_POST)
print "
Offerte en 1500 par le chanoine Hugues le coq, La tenture de la vie de la vierge orne le cœur de la collégiale. Véritable bande dessinée de laine et en soie, elle évoque la vie de la vierge .
Les épisodes les plus connus (la nativité, l’adoration des mages, l’annonciation) côtoient des scènes totalement inédites car inspirées des évangiles apocryphes ou de la légende dorée de Jacques de Voragine. L’ensemble de ces scènes repose sur un parterre de millefleurs, véritable jardin mystique où fleurissent œillets, ancolies, muguet … (chaque fleur ayant sa symbolique propre) et dans lequel nichent des oiseaux de toutes sortes qui accompagnent les personnages de la tenture : le faisan l’oiseau royal assistant au couronnement de la vierge ou le faucon (symbole de la vigilance) accompagnant la fuite en Egypte.
Les visages ont gardé malgré les siècles toute leur expressivité : la colère du jeune homme, furieux de ne pouvoir épouser Marie, ou Le regard tendrement inquiet de Joseph pendant la fuite en Egypte.
Une équipe de bénévoles est chargée de l’accueil à la collégiale et reçoit près de 27000 visiteurs chaque année.