add protection

index.php

@@ -9,9 +9,18 @@ require_once 'stats.php';
 $ip = ip2long(substr(trim($_GET['ip']),0,15));
 $token = substr(trim($_GET['token']),0,32);
 $action = substr(trim($_GET['action']),0,9);
+$clientIP = ip2long(substr(trim($_SERVER['REMOTE_ADDR']),0,15));
+
 $stats = true;
+$act = new action;
+
+if($act->isBlocked($clientIP)) {
+    http_response_code(403);
+    exit;
+}
 
 if (!(new token)->isReporter($token)) {
+    $act->block($clientIP);
     echo "client access denied";
     exit;
 }
@@ -20,14 +29,14 @@ if($stats == true) {
 }
 switch($action) {
     case 'delist':
-        if((new action)->delist($ip)){
+        if($act->delist($ip)){
             echo long2ip($ip) . " delisted\n";
         } else {
             echo long2ip($ip) . " not delisted\n";
         };
         break;
     default:
-        if((new action)->list($ip)){
+        if($act->list($ip)){
             echo " inserted " . long2ip($ip) ."\n";
         } else {
             echo " fehler\n";

list.php

@@ -5,13 +5,22 @@ require_once 'action.php';
 require_once 'db.php';
 require_once 'token.php';
 
+$clientIP = ip2long(substr(trim($_SERVER['REMOTE_ADDR']),0,15));
 $token = substr(trim($_GET['token']),0,32);
 
+$act= new act;
+
+if($act->isBlocked($clientIP)) {
+    http_response_code(403);
+    exit;
+}
+
 if (!(new token)->isConsumer($token)) {
+    $act->block($clientIP);
     echo "user access denied";
     exit;
 }
-$list = (new action)->getBlockList();
+$list = $act->getBlockList();
 foreach($list as $ip) {
     echo long2ip($ip) . PHP_EOL;
 }