*
* @author Roland Haeder <webmaster@ship-simu.org>
* @version 3.0.0
- * @copyright Copyright (c) 2009, 2010 Cracker Tracker Team
+ * @copyright Copyright (c) 2009 - 2011 Cracker Tracker Team
* @license GNU GPL 3.0 or any newer version
* @link http://www.ship-simu.org
*
// Function to aquire a database link
function aquireCrackerTrackerDatabaseLink () {
// Is the link up?
- if (!isCrackerTrackerDatabaseLinkUp()) {
+ if ((!isCrackerTrackerDatabaseLinkUp()) && (!empty($GLOBALS['ctracker_host'])) && (!empty($GLOBALS['ctracker_dbname'])) && (!empty($GLOBALS['ctracker_user']))) {
// Then connect to the database
$GLOBALS['ctracker_link'] = mysql_connect($GLOBALS['ctracker_host'], $GLOBALS['ctracker_user'], $GLOBALS['ctracker_password']) or crackerTrackerDatabaseError(__FUNCTION__, __LINE__);
// Load the config
crackerTrackerLoadConfig();
}
- } // END - if
+ } else {
+ // Init fake config
+ crackerTrackerInitFakeConfig();
+ }
+}
+
+// Inits a fake configurtation
+function crackerTrackerInitFakeConfig () {
+ // Set the array
+ $GLOBALS['ctracker_config'] = array(
+ 'ctracker_alert_user' => 'Y',
+ );
}
// Checks if the link is up
if (isCrackerTrackerDatabaseLinkUp()) {
// Did it work?
if (!mysql_close($GLOBALS['ctracker_link'])) {
- // Remove the link from global array
- unset($GLOBALS['ctracker_link']);
+ // Remove all data from global space
+ unsetCtrackerData();
// Attempt has failed
crackerTrackerDatabaseError(__FUNCTION__, __LINE__);
} // END - if
} // END - if
- // Remove the link from global array
- unset($GLOBALS['ctracker_link']);
+ // Remove all data from global space
+ unsetCtrackerData();
}
// Inserts given array, if IP/check_worm combination was not found
function crackerTrackerInsertArray ($table, $rowData) {
+ // Is there a link up?
+ if (!isCrackerTrackerDatabaseLinkUp()) {
+ // Abort silently here
+ return FALSE;
+ } // END - if
+
// Is it found?
if (!isCrackerTrackerEntryFound($rowData)) {
// Prepare SQL
$SQL = 'INSERT INTO `' . $table . '` (`' . implode('`,`', array_keys($rowData)) . '`) VALUES(' . implode_secure($rowData) . ')';
// Reset insert id
- $GLOBALS['ctracker_last_insert_id'] = false;
+ $GLOBALS['ctracker_last_insert_id'] = FALSE;
// Run it
runCrackerTrackerSql($SQL, __FUNCTION__, __LINE__);
// Updates a given entry by just counting it up
function updateCrackerTrackerEntry ($rowData) {
// Construct the SELECT query
- $SQL = 'UPDATE `ctracker_data` SET `count`=`count`+1 WHERE `remote_addr`="' . crackerTrackerEscapeString($rowData['remote_addr']) . '" AND `check_worm` = "' . crackerTrackerEscapeString($rowData['check_worm']) . '" LIMIT 1';
+ $SQL = 'UPDATE `ctracker_data` SET `count`=`count`+1 WHERE (`remote_addr`="' . crackerTrackerEscapeString($rowData['remote_addr']) . '" OR `proxy_addr`="' . crackerTrackerEscapeString($rowData['proxy_addr']) . '") AND `check_worm` = "' . crackerTrackerEscapeString($rowData['check_worm']) . '" LIMIT 1';
// Run the SQL and check if we have one line
runCrackerTrackerSql($SQL, __FUNCTION__, __LINE__);
// Checks if an entry with IP/check_worm/domain combination is there
function isCrackerTrackerEntryFound ($rowData) {
// Construct the SELECT query
- $SQL = 'SELECT `id` FROM `ctracker_data` WHERE `remote_addr`="' . crackerTrackerEscapeString($rowData['remote_addr']) . '" AND `check_worm` = "' . crackerTrackerEscapeString($rowData['check_worm']) . '" AND `server_name`="' . crackerTrackerEscapeString($rowData['server_name']) . '" LIMIT 1';
+ $SQL = 'SELECT `id` FROM `ctracker_data` WHERE (`remote_addr`="' . crackerTrackerEscapeString($rowData['remote_addr']) . '" OR `proxy_addr`="' . crackerTrackerEscapeString($rowData['proxy_addr']) . '") AND `check_worm` = "' . crackerTrackerEscapeString($rowData['check_worm']) . '" AND `server_name`="' . crackerTrackerEscapeString($rowData['server_name']) . '" LIMIT 1';
// Run the SQL and check if we have one line
- return (mysql_num_rows(runCrackerTrackerSql($SQL, __FUNCTION__, __LINE__)) == 1);
+ return ((isCrackerTrackerDatabaseLinkUp()) && (mysql_num_rows(runCrackerTrackerSql($SQL, __FUNCTION__, __LINE__)) == 1));
}
// Escapes the string
// Checks wether a table was found
function isCrackerTrackerTableCreated ($table) {
// Default is not found
- $found = false;
+ $found = FALSE;
// Run the query
$result = runCrackerTrackerSql('SHOW TABLES', __FUNCTION__, __LINE__);
// Is the table there?
if ($tab == $table) {
// Okay, found. So abort
- $found = true;
+ $found = TRUE;
break;
} // END - if
} // END - if
// Updates the database scheme automatically
function crackerTrackerUpdateDatabaseScheme () {
+ // Is a link there?
+ if (!isCrackerTrackerDatabaseLinkUp()) {
+ // Abort here silently
+ return;
+ } // END - if
+
// Is the main config table there?
if (!isCrackerTrackerTableCreated('ctracker_config')) {
// Then do it for us
// Did the current IP already generated blocked attempts?
function isCrackerTrackerIpSuspicious () {
- // We only need the very last attempt to get!
- $result = runCrackerTrackerSql("SELECT * FROM `ctracker_data` WHERE `remote_addr`='" . determineCrackerTrackerRealRemoteAddress() . "' ORDER BY `last_attempt` DESC LIMIT 1", __FUNCTION__, __LINE__);
+ // Skip this silently if we have not config
+ if (!isCrackerTrackerDatabaseLinkUp()) {
+ // Skip this step silently, all is not suspicious
+ return FALSE;
+ } // END - if
- // Do we have entries?
- $found = (mysql_num_rows($result) == 1);
+ // Check if an entry is there
+ $result = runCrackerTrackerSql("SELECT COUNT(`id`) AS `cnt` FROM `ctracker_data` USE INDEX (`remote_proxy_last`) WHERE `remote_addr`='" . determineCrackerTrackerRealRemoteAddress() . "' OR `proxy_addr`='" . getenv('REMOTE_ADDR') . "' LIMIT 1", __FUNCTION__, __LINE__);
+
+ // Get row count
+ list($rows) = mysql_fetch_row($result);
+
+ // Is there one entry?
+ $found = ($rows > 0);
// And again?
- if ($found === true) {
+ if ($found === TRUE) {
+ // Yes, one is found, then load it
+ $result = runCrackerTrackerSql("SELECT SQL_SMALL_RESULT * FROM `ctracker_data` USE INDEX (`remote_proxy_last`) WHERE `remote_addr`='" . determineCrackerTrackerRealRemoteAddress() . "' OR `proxy_addr`='" . getenv('REMOTE_ADDR') . "' ORDER BY `last_attempt` DESC LIMIT 1", __FUNCTION__, __LINE__);
+
// Cache the entry
$GLOBALS['ctracker_last_suspicious_entry'] = mysql_fetch_array($result);
} // END - if
// Does the current IP have a ticket?
function ifCrackerTrackerIpHasTicket () {
// We only give one ticket per IP!
- $result = runCrackerTrackerSql("SELECT * FROM `ctracker_ticket` WHERE `ctracker_ticket_remote_addr`='" . determineCrackerTrackerRealRemoteAddress() . "' LIMIT 1", __FUNCTION__, __LINE__);
+ $result = runCrackerTrackerSql("SELECT * FROM `ctracker_ticket` WHERE `ctracker_ticket_remote_addr`='" . determineCrackerTrackerRealRemoteAddress() . "' OR `ctracker_ticket_proxy_addr`='" . getenv('REMOTE_ADDR') . "' LIMIT 1", __FUNCTION__, __LINE__);
// Do we have a ticket?
$found = (mysql_num_rows($result) == 1);
// And again?
- if ($found === true) {
+ if ($found === TRUE) {
// Cache the ticket data
$GLOBALS['ctracker_last_ticket'] = mysql_fetch_array($result);
} // END - if
// Prepare the array
$GLOBALS['ctracker_last_ticket'] = array(
'ctracker_ticket_remote_addr' => determineCrackerTrackerRealRemoteAddress(),
+ 'ctracker_ticket_proxy_addr' => getenv('REMOTE_ADDR'),
'ctracker_ticket_user_agent' => crackerTrackerUserAgent(),
'ctracker_ticket_name' => crackerTrackerSecureString($data['name']),
'ctracker_ticket_email' => crackerTrackerSecureString($data['email']),