add protection

action.php

@@ -5,6 +5,23 @@ class action {
         $this->db = new db();
     }
 
+    public function block($ip) {
+        $dbAction = $this->db->prepare("SELECT count FROM blocklist WHERE ip = ?");
+        $dbAction->bind_param('i',$ip);
+        $dbAction->execute();
+        $dbAction->store_result();
+        $dbAction->bind_result($count);
+        $dbAction->fetch();
+        if($count > 3) {
+            $this->list($ip);
+            return true;
+        };
+        $dbAction = $this->db->prepare("INSERT INTO blocklist ip VALUES (?) ON DUPLICATE KEY UPDATE count = count + 1");
+        $dbAction->bind_param('i',$ip);
+        $dbAction->execute();
+        return true;
+    }
+
     public function getUser() {
         $list = array();
         $dbAction = $this->db->prepare("SELECT token, role, description FROM clients ORDER BY role ASC");

admin.php

@@ -47,6 +47,7 @@ if($act->isBlocked(ip2long($clientIP))) {
 }
 
 if (!$tok->isAdmin($token)) {
+    $act->block($clientIP);
     echo "admin access denied</div></body></html>";
     exit;
 }