From: Roland Haeder Date: Thu, 18 Jul 2013 00:07:58 +0000 (+0000) Subject: Experimental commit: X-Git-Url: https://git.mxchange.org/?a=commitdiff_plain;h=405e14dad137dced353b1ac5b0389291e3f1a984;p=ctracker.git Experimental commit: decode URL before checking to avoid something like this: q=%2FopenFooBar which would be converted to q=%2fopenfoobar and then blocked as 'fopen' is then found. This happens with StatusNet 1.1.1 --- diff --git a/libs/lib_detector.php b/libs/lib_detector.php index 11d5c07..3fa9b4d 100644 --- a/libs/lib_detector.php +++ b/libs/lib_detector.php @@ -95,7 +95,7 @@ function initCrackerTrackerArrays () { // Checks for worms function isCrackerTrackerWormDetected () { // Check against the whole list - $GLOBALS['ctracker_checkworm'] = str_ireplace($GLOBALS['ctracker_get_blacklist'], '*', crackerTrackerQueryString()); + $GLOBALS['ctracker_checkworm'] = str_ireplace($GLOBALS['ctracker_get_blacklist'], '*', urldecode(crackerTrackerQueryString())); // If it differs to original and the *whole* request string is not in whitelist // then blog the attempt diff --git a/libs/lib_general.php b/libs/lib_general.php index 64bc6a7..fe382dc 100644 --- a/libs/lib_general.php +++ b/libs/lib_general.php @@ -93,7 +93,7 @@ function determineCrackerTrackerRealRemoteAddress () { $address = $_SERVER['HTTP_CLIENT_IP']; } elseif (isset($_SERVER['REMOTE_ADDR'])) { // The regular address when no proxy was used - $address = $_SERVER['REMOTE_ADDR']; + $address = getenv('REMOTE_ADDR'); } // This strips out the real address from proxy output