} elseif (isCrackerTrackerTableCreated('ctracker_config')) {
// Load the config
crackerTrackerLoadConfig();
- } // END - if
+ }
} else {
// Init fake config
crackerTrackerInitFakeConfig();
}
// Database error detected
-function crackerTrackerDatabaseError ($F, $L) {
+function crackerTrackerDatabaseError (string $file, int $line) {
// Should we debug?
if (isCrackerTrackerDebug()) {
// Output error
- print 'Function : ' . $F . '<br />';
- print 'Line : ' . $L . '<br />';
- if (isset($GLOBALS['ctracker_link'])) {
- print 'MySQL error : ' . mysqli_error($GLOBALS['ctracker_link']) . '<br />';
+ print 'Function : ' . $file . '<br />' . PHP_EOL;
+ print 'Line : ' . $line . '<br />' . PHP_EOL;
+ if (isset($GLOBALS['ctracker_link']) && $GLOBALS['ctracker_link'] !== false) {
+ print 'MySQL error : ' . mysqli_error($GLOBALS['ctracker_link']) . '<br />' . PHP_EOL;
+ } else {
+ print 'No MySQLi available.<br />' . PHP_EOL;
+ }
+ if (isset($GLOBALS['ctracker_last_sql'])) {
+ print 'Last SQL : '. $GLOBALS['ctracker_last_sql'] . '<br />' . PHP_EOL;
} else {
- print 'No MySQLi available.<br />';
+ print 'No last SQL command available.<br />' . PHP_EOL;
}
- print 'Last SQL : '. $GLOBALS['ctracker_last_sql'] . '<br />';
- } // END - if
+ }
// Currently only die here
crackerTrackerDie();
// Closes a maybe open database link
function crackerTrackerCloseDatabaseLink () {
- // Is the link up?
- if (isCrackerTrackerDatabaseLinkUp()) {
- // Did it work?
- if (!mysqli_close($GLOBALS['ctracker_link'])) {
- // Attempt has failed
- crackerTrackerDatabaseError(__FUNCTION__, __LINE__);
- } // END - if
- } // END - if
+ // The link should be up here
+ if (!isCrackerTrackerDatabaseLinkUp()) {
+ // Throw exception
+ throw new BadFunctionCallException('Link is not up.');
+ }
+
+ // Did it work?
+ if (!mysqli_close($GLOBALS['ctracker_link'])) {
+ // Attempt has failed
+ crackerTrackerDatabaseError(__FUNCTION__, __LINE__);
+ }
}
// Inserts given array, if IP/check_get combination was not found
-function crackerTrackerInsertArray ($table, array $rowData) {
- // Is there a link up?
- if (!isCrackerTrackerDatabaseLinkUp()) {
- // Abort silently here
- return FALSE;
- } // END - if
-
+function crackerTrackerInsertArray (string $table, array $rowData) {
// Is it found?
if (!isCrackerTrackerEntryFound($rowData)) {
- // Prepare SQL
- $sqlString = 'INSERT INTO `' . $table . '` (`' . implode('`,`', array_keys($rowData)) . '`) VALUES(' . implode_secure($rowData) . ')';
-
// Reset insert id
- $GLOBALS['ctracker_last_insert_id'] = FALSE;
+ $GLOBALS['ctracker_last_insert_id'] = false;
// Run it
- runCrackerTrackerSql($sqlString, __FUNCTION__, __LINE__);
+ runCrackerTrackerSql(sprintf("INSERT INTO `%s` (`%s`) VALUES(%s)",
+ $table,
+ implode('`,`', array_keys($rowData)),
+ implode_secure($rowData)
+ ), __FUNCTION__, __LINE__);
// Remember the last insert id
$GLOBALS['ctracker_last_insert_id'] = mysqli_insert_id($GLOBALS['ctracker_link']) or crackerTrackerDatabaseError(__FUNCTION__, __LINE__);
}
// Updates a given entry by just counting it up
-function updateCrackerTrackerEntry (array $rowData, $countColumn = 'count') {
- // Construct the SELECT query
- $sqlString = 'UPDATE `ctracker_data` SET `' . $countColumn . '`=`' . $countColumn . '`+1 WHERE (`remote_addr`="' . crackerTrackerEscapeString($rowData['remote_addr']) . '" AND `proxy_addr`="' . crackerTrackerEscapeString($rowData['proxy_addr']) . '") LIMIT 1';
+function updateCrackerTrackerEntry (array $rowData, string $countColumn = 'count') {
+ // The link should be up here
+ if (!isCrackerTrackerDatabaseLinkUp()) {
+ // Throw exception
+ throw new BadFunctionCallException('Link is not up.');
+ }
// Run the SQL and check if we have one line
- runCrackerTrackerSql($sqlString, __FUNCTION__, __LINE__);
+ runCrackerTrackerSql(sprintf("UPDATE `ctracker_data` SET `%s`=`%s`+1 WHERE (`remote_addr`='%s' AND `proxy_addr`='%s') LIMIT 1",
+ $countColumn,
+ $countColumn,
+ crackerTrackerEscapeString($rowData['remote_addr']),
+ crackerTrackerEscapeString($rowData['proxy_addr'])
+ ), __FUNCTION__, __LINE__);
}
// Checks if an entry with IP/check_get/domain combination is there
function isCrackerTrackerEntryFound (array $rowData) {
- // Construct the SELECT query
- $sqlString = 'SELECT `id` FROM `ctracker_data` WHERE (`remote_addr`="' . crackerTrackerEscapeString($rowData['remote_addr']) . '" OR `proxy_addr`="' . crackerTrackerEscapeString($rowData['proxy_addr']) . '") AND `check_get` = "' . crackerTrackerEscapeString($rowData['check_get']) . '" AND `server_name`="' . crackerTrackerEscapeString($rowData['server_name']) . '" LIMIT 1';
+ // The link should be up here
+ if (!isCrackerTrackerDatabaseLinkUp()) {
+ // Throw exception
+ throw new BadFunctionCallException('Link is not up.');
+ }
// Run the SQL and check if we have one line
- return ((isCrackerTrackerDatabaseLinkUp()) && (mysqli_num_rows(runCrackerTrackerSql($sqlString, __FUNCTION__, __LINE__)) == 1));
+ $result = runCrackerTrackerSql(sprintf("SELECT `id` FROM `ctracker_data` WHERE (`remote_addr`='%s' OR `proxy_addr`='%s') AND `check_get` = '%s' AND `server_name`='%s' LIMIT 1'",
+ crackerTrackerEscapeString($rowData['remote_addr']),
+ crackerTrackerEscapeString($rowData['proxy_addr']),
+ crackerTrackerEscapeString($rowData['check_get']),
+ crackerTrackerEscapeString($rowData['server_name'])
+ ), __FUNCTION__, __LINE__);
+
+ // Check count of rows
+ return (mysqli_num_rows($result) == 1);
}
// Escapes the string
-function crackerTrackerEscapeString ($string) {
+function crackerTrackerEscapeString (string $string) {
// Is the link up?
if (!isCrackerTrackerDatabaseLinkUp()) {
// Then we cant use mysqli_real_escape_string!
- $string = addslashes($string);
+ $string = htmlentities($string, ENT_QUOTES);
} elseif (function_exists('mysqli_real_escape_string')) {
// Use mysqli_real_escape_string()
$string = mysqli_real_escape_string($GLOBALS['ctracker_link'], $string);
} else {
// Use fall-back (bad!)
- $string = addslashes($string);
+ $string = htmlentities($string, ENT_QUOTES);
}
// Return the secured string
return $string;
-} // END - if
+}
// Runs an SQL query and checks for errors
-function runCrackerTrackerSql ($sqlString, $function, $line) {
+function runCrackerTrackerSql (string $sqlString, string $function, int $line) {
// Is the link up?
if (!isCrackerTrackerDatabaseLinkUp()) {
// Abort here
crackerTrackerDie();
- } // END - if
+ }
// Remember last SQL
$GLOBALS['ctracker_last_sql'] = $sqlString;
}
// Checks wether a table was found
-function isCrackerTrackerTableCreated ($table) {
+function isCrackerTrackerTableCreated (string $table) {
// Default is not found
- $found = FALSE;
+ $found = false;
// Run the query
$result = runCrackerTrackerSql('SHOW TABLES', __FUNCTION__, __LINE__);
// Is the table there?
if ($tab == $table) {
// Okay, found. So abort
- $found = TRUE;
+ $found = true;
break;
- } // END - if
- } // END - if
+ }
+ }
// Free result
freeCrackerTrackerResult($result);
}
// Creates the given table with columns
-function crackerTrackerCreateTable ($table, array $columns, array $keys) {
+function crackerTrackerCreateTable (string $table, array $columns, array $keys) {
// Begin the SQL
$sqlString = 'CREATE TABLE IF NOT EXISTS `' . $table . '` (';
foreach ($columns as $column=>$type) {
// Add this entry
$sqlString .= '`' . $column . '` ' . $type . ', ';
- } // END - foreach
+ }
// Add table name as primary key
$sqlString .= 'PRIMARY KEY (`' . $table . '`), ';
// Add keys
- foreach ($keys as $key=>$type) {
+ foreach ($keys as $key => $type) {
// Add this entry
$sqlString .= '' . $type . ' (`' . $key . '`), ';
- } // END - foreach
+ }
// Finish SQL
$sqlString = substr($sqlString, 0, -2) . ') TYPE=InnoDB';
}
// Inits a table by inserting
-function crackerTrackerInitTable ($table) {
+function crackerTrackerInitTable (string $table) {
// Prepare SQL and run it
runCrackerTrackerSql('INSERT INTO `' . $table . '` (`' . $table . '`) VALUES (NULL)');
}
if (!isCrackerTrackerDatabaseLinkUp()) {
// Abort here silently
return;
- } // END - if
+ }
// Is the main config table there?
if (!isCrackerTrackerTableCreated('ctracker_config')) {
// Init that table
crackerTrackerInitTable('ctracker_config');
- } // END - if
+ }
// Init update array here
crackerTrackerInitUpdates();
// And count it up in the config array
$GLOBALS['ctracker_config']['ctracker_db_version']++;
- } // END - if
+ }
}
// Load the configuration
}
// Getter for config
-function getCrackerTrackerConfig ($entry) {
+function getCrackerTrackerConfig (string $entry) {
// Is the config entry there?
if (!isset($GLOBALS['ctracker_config'][$entry])) {
// Then better die here, else we may have an endless loop
// die() on production systems
die();
}
- } // END - if
+ }
// Return it
return $GLOBALS['ctracker_config'][$entry];
// Skip this silently if we have not config
if (!isCrackerTrackerDatabaseLinkUp()) {
// Skip this step silently, all is not suspicious
- return FALSE;
- } // END - if
+ return false;
+ }
// Check if an entry is there
$result = runCrackerTrackerSql("SELECT COUNT(`id`) AS `cnt` FROM `ctracker_data` USE INDEX (`remote_proxy_last`) WHERE `remote_addr`='" . determineCrackerTrackerRealRemoteAddress() . "' OR `proxy_addr`='" . getenv('REMOTE_ADDR') . "' LIMIT 1", __FUNCTION__, __LINE__);
$found = ($rows > 0);
// And again?
- if ($found === TRUE) {
+ if ($found === true) {
// Yes, one is found, then load it
$result = runCrackerTrackerSql("SELECT SQL_SMALL_RESULT * FROM `ctracker_data` USE INDEX (`remote_proxy_last`) WHERE `remote_addr`='" . determineCrackerTrackerRealRemoteAddress() . "' OR `proxy_addr`='" . getenv('REMOTE_ADDR') . "' ORDER BY `last_attempt` DESC LIMIT 1", __FUNCTION__, __LINE__);
// Cache the entry
$GLOBALS['ctracker_last_suspicious_entry'] = mysqli_fetch_array($result);
- } // END - if
+ }
// Free result
freeCrackerTrackerResult($result);
$found = (mysqli_num_rows($result) == 1);
// And again?
- if ($found === TRUE) {
+ if ($found === true) {
// Cache the ticket data
$GLOBALS['ctracker_last_ticket'] = mysqli_fetch_array($result);
- } // END - if
+ }
// Free result
freeCrackerTrackerResult($result);