Renaming season has started:

- renamed $F -> $function
- renamed $L -> $line
- renamed $SQL -> $sqlString
- added type-hint for arrays

Signed-off-by: Roland Häder <roland@mxchange.org>

diff --git a/libs/lib_connect.php b/libs/lib_connect.php
index 533ad555829e47d098786430210f96d52cb40ce1..05a7de9026e41722765a9576478ae5d95bccf908 100644 (file)
--- a/libs/lib_connect.php
+++ b/libs/lib_connect.php
@@ -96,7 +96,7 @@ function crackerTrackerCloseDatabaseLink () {
        } // END - if
 }
 
-// Inserts given array, if IP/check_worm combination was not found
+// Inserts given array, if IP/check_get combination was not found
 function crackerTrackerInsertArray ($table, $rowData) {
        // Is there a link up?
        if (!isCrackerTrackerDatabaseLinkUp()) {
@@ -107,13 +107,13 @@ function crackerTrackerInsertArray ($table, $rowData) {
        // Is it found?
        if (!isCrackerTrackerEntryFound($rowData)) {
                // Prepare SQL
-               $SQL = 'INSERT INTO `' . $table . '` (`' . implode('`,`', array_keys($rowData)) . '`) VALUES(' . implode_secure($rowData) . ')';
+               $sqlString = 'INSERT INTO `' . $table . '` (`' . implode('`,`', array_keys($rowData)) . '`) VALUES(' . implode_secure($rowData) . ')';
 
                // Reset insert id
                $GLOBALS['ctracker_last_insert_id'] = FALSE;
 
                // Run it
-               runCrackerTrackerSql($SQL, __FUNCTION__, __LINE__);
+               runCrackerTrackerSql($sqlString, __FUNCTION__, __LINE__);
 
                // Remember the last insert id
                $GLOBALS['ctracker_last_insert_id'] = mysqli_insert_id($GLOBALS['ctracker_link']) or crackerTrackerDatabaseError(__FUNCTION__, __LINE__);
@@ -124,21 +124,21 @@ function crackerTrackerInsertArray ($table, $rowData) {
 }
 
 // Updates a given entry by just counting it up
-function updateCrackerTrackerEntry ($rowData) {
+function updateCrackerTrackerEntry (array $rowData) {
        // Construct the SELECT query
-       $SQL = 'UPDATE `ctracker_data` SET `count`=`count`+1 WHERE (`remote_addr`="' . crackerTrackerEscapeString($rowData['remote_addr']) . '" OR `proxy_addr`="' . crackerTrackerEscapeString($rowData['proxy_addr']) . '") AND `check_worm` = "' . crackerTrackerEscapeString($rowData['check_worm']) . '" LIMIT 1';
+       $sqlString = 'UPDATE `ctracker_data` SET `count`=`count`+1 WHERE (`remote_addr`="' . crackerTrackerEscapeString($rowData['remote_addr']) . '" OR `proxy_addr`="' . crackerTrackerEscapeString($rowData['proxy_addr']) . '") AND `` = "' . crackerTrackerEscapeString($rowData['']) . '" LIMIT 1';
 
        // Run the SQL and check if we have one line
-       runCrackerTrackerSql($SQL, __FUNCTION__, __LINE__);
+       runCrackerTrackerSql($sqlString, __FUNCTION__, __LINE__);
 }
 
-// Checks if an entry with IP/check_worm/domain combination is there
-function isCrackerTrackerEntryFound ($rowData) {
+// Checks if an entry with IP/check_get/domain combination is there
+function isCrackerTrackerEntryFound (array $rowData) {
        // Construct the SELECT query
-       $SQL = 'SELECT `id` FROM `ctracker_data` WHERE (`remote_addr`="' . crackerTrackerEscapeString($rowData['remote_addr']) . '" OR `proxy_addr`="' . crackerTrackerEscapeString($rowData['proxy_addr']) . '") AND `check_worm` = "' . crackerTrackerEscapeString($rowData['check_worm']) . '" AND `server_name`="' . crackerTrackerEscapeString($rowData['server_name']) . '" LIMIT 1';
+       $sqlString = 'SELECT `id` FROM `ctracker_data` WHERE (`remote_addr`="' . crackerTrackerEscapeString($rowData['remote_addr']) . '" OR `proxy_addr`="' . crackerTrackerEscapeString($rowData['proxy_addr']) . '") AND `check_get` = "' . crackerTrackerEscapeString($rowData['check_get']) . '" AND `server_name`="' . crackerTrackerEscapeString($rowData['server_name']) . '" LIMIT 1';
 
        // Run the SQL and check if we have one line
-       return ((isCrackerTrackerDatabaseLinkUp()) && (mysqli_num_rows(runCrackerTrackerSql($SQL, __FUNCTION__, __LINE__)) == 1));
+       return ((isCrackerTrackerDatabaseLinkUp()) && (mysqli_num_rows(runCrackerTrackerSql($sqlString, __FUNCTION__, __LINE__)) == 1));
 }
 
 // Escapes the string
@@ -160,7 +160,7 @@ function crackerTrackerEscapeString ($string) {
 } // END - if
 
 // Runs an SQL query and checks for errors
-function runCrackerTrackerSql ($SQL, $F, $L) {
+function runCrackerTrackerSql ($sqlString, $function, $line) {
        // Is the link up?
        if (!isCrackerTrackerDatabaseLinkUp()) {
                // Abort here
@@ -168,10 +168,10 @@ function runCrackerTrackerSql ($SQL, $F, $L) {
        } // END - if
 
        // Remember last SQL
-       $GLOBALS['ctracker_last_sql'] = $SQL;
+       $GLOBALS['ctracker_last_sql'] = $sqlString;
 
        // Run the query
-       $GLOBALS['ctracker_last_result'] = mysqli_query($GLOBALS['ctracker_link'], $SQL) or crackerTrackerDatabaseError(__FUNCTION__, __LINE__);
+       $GLOBALS['ctracker_last_result'] = mysqli_query($GLOBALS['ctracker_link'], $sqlString) or crackerTrackerDatabaseError($function, $line);
 
        // And return it
        return $GLOBALS['ctracker_last_result'];
@@ -208,31 +208,31 @@ function isCrackerTrackerTableCreated ($table) {
 // Creates the given table with columns
 function crackerTrackerCreateTable ($table, array $columns, array $keys) {
        // Begin the SQL
-       $SQL = 'CREATE TABLE IF NOT EXISTS `' . $table . '` (';
+       $sqlString = 'CREATE TABLE IF NOT EXISTS `' . $table . '` (';
 
        // Add table name as first column
-       $SQL .= '`' . $table . '` BIGINT ( 20 ) UNSIGNED NOT NULL AUTO_INCREMENT, ';
+       $sqlString .= '`' . $table . '` BIGINT ( 20 ) UNSIGNED NOT NULL AUTO_INCREMENT, ';
 
        // Add all columns
        foreach ($columns as $column=>$type) {
                // Add this entry
-               $SQL .= '`' . $column . '` ' . $type . ', ';
+               $sqlString .= '`' . $column . '` ' . $type . ', ';
        } // END - foreach
 
        // Add table name as primary key
-       $SQL .= 'PRIMARY KEY (`' . $table . '`), ';
+       $sqlString .= 'PRIMARY KEY (`' . $table . '`), ';
 
        // Add keys
        foreach ($keys as $key=>$type) {
                // Add this entry
-               $SQL .= '' . $type . ' (`' . $key . '`), ';
+               $sqlString .= '' . $type . ' (`' . $key . '`), ';
        } // END - foreach
 
        // Finish SQL
-       $SQL = substr($SQL, 0, -2) . ') TYPE=InnoDB';
+       $sqlString = substr($sqlString, 0, -2) . ') TYPE=InnoDB';
 
        // And run it
-       runCrackerTrackerSql($SQL);
+       runCrackerTrackerSql($sqlString);
 }
 
 // Inits a table by inserting 

diff --git a/libs/lib_detector.php b/libs/lib_detector.php
index a59ae07a0cb6e6618fc558c38bd47913196f451c..49b39768fd6b5f93c1cb6ebcaa57048e39baf5fc 100644 (file)
--- a/libs/lib_detector.php
+++ b/libs/lib_detector.php
@@ -251,7 +251,7 @@ function crackerTrackerSendMail ($mail, $recipient = NULL, $subject = NULL) {
        $rowData = array(
                'remote_addr' => determineCrackerTrackerRealRemoteAddress(),
                'proxy_addr'  => getenv('REMOTE_ADDR'),
-               'check_worm'  => $GLOBALS['ctracker_checked_get'],
+               'check_get'   => $GLOBALS['ctracker_checked_get'],
                'server_name' => crackerTrackerServerName()
        );
 
@@ -291,16 +291,16 @@ function sendCrackerTrackerPostMail () {
        // Mail text
        $mail = 'POST-Attack detected:
 -----------------------------------------------------
-Remote-IP            : '.determineCrackerTrackerRealRemoteAddress().'
-User-Agent           : '.crackerTrackerUserAgent().'
-Request-string       : '.crackerTrackerQueryString().'
-Filtered string      : '.$GLOBALS['ctracker_checked_get'].'
-Server               : '.crackerTrackerServerName().'
-Script               : '.crackerTrackerScriptName().'
-Referrer             : '.crackerTrackerReferer().'
+Remote-IP            : ' . determineCrackerTrackerRealRemoteAddress() . '
+User-Agent           : ' . crackerTrackerUserAgent() . '
+Request-string       : ' . crackerTrackerQueryString() . '
+Filtered string      : ' . $GLOBALS['ctracker_checked_get'] . '
+Server               : ' . crackerTrackerServerName() . '
+Script               : ' . crackerTrackerScriptName() . '
+Referrer             : ' . crackerTrackerReferer() . '
 -----------------------------------------------------
-POST string          : '.$GLOBALS['ctracker_post_track'].'
-Filtered POST string : '.$GLOBALS['ctracker_checked_post'].'
+POST string          : ' . $GLOBALS['ctracker_post_track'] . '
+Filtered POST string : ' . $GLOBALS['ctracker_checked_post'] . '
 -----------------------------------------------------
 ';
 
@@ -355,7 +355,8 @@ function crackerTrackerLogAttack () {
                'user_agent'     => crackerTrackerUserAgent(),
                'get_data'       => crackerTrackerQueryString(),
                'post_data'      => $GLOBALS['ctracker_post_track'],
-               'check_worm'     => $GLOBALS['ctracker_checked_get'],
+               'check_ua'       => $GLOBALS['ctracker_checked_ua'],
+               'check_get'      => $GLOBALS['ctracker_checked_get'],
                'check_post'     => $GLOBALS['ctracker_checked_post'],
                'server_name'    => crackerTrackerServerName(),
                'script_name'    => crackerTrackerScriptName(),

diff --git a/libs/lib_updates.php b/libs/lib_updates.php
index 73944a7e23495016f9858cf26815e58251f44b26..dc0cd675278088b16eafdca74eb53508b87f6d80 100644 (file)
--- a/libs/lib_updates.php
+++ b/libs/lib_updates.php
@@ -82,6 +82,14 @@ FOREIGN KEY ( `ctracker_data_id` ) REFERENCES `' . $GLOBALS['ctracker_dbname'] .
                6 => array(
                        'ALTER TABLE `ctracker_data` ADD INDEX `count` (`count`)',
                ),
+
+               // Log also UA after check
+               7 => array(
+                       "ALTER TABLE `ctracker_data`
+                       ADD `check_ua` tinytext COLLATE 'utf8_general_ci' NULL COMMENT 'User agent after check' AFTER `post_data`,
+                       CHANGE `check_worm` `check_get` tinytext COLLATE 'utf8_general_ci' NOT NULL COMMENT 'GET data after check' AFTER `check_ua`,
+                       CHANGE `check_post` `check_post` tinytext COLLATE 'utf8_general_ci' NOT NULL COMMENT 'POST data after check' AFTER `check_worm`",
+               ),
        );
 }