From: Roland Haeder Date: Sun, 11 Aug 2013 12:02:25 +0000 (+0000) Subject: server_name and script_name can now be NULL and set all empty strings to NULL, added... X-Git-Url: https://git.mxchange.org/?a=commitdiff_plain;h=c66ed34e09fa87f7c16c27f1428577a0437c12c4;p=ctracker.git server_name and script_name can now be NULL and set all empty strings to NULL, added %3E%3C (><) which indicates an attempt to insert a HTML link into a badly secured URL --- diff --git a/libs/lib_detector.php b/libs/lib_detector.php index e08a497..a6f8435 100644 --- a/libs/lib_detector.php +++ b/libs/lib_detector.php @@ -123,6 +123,9 @@ function initCrackerTrackerArrays () { // Windows XP (?) hacks 'xp_enumdsn', 'xp_availablemedia', 'xp_filelist', 'xp_cmdshell', + // Attempts to insert links into a badly secured URL + '%3E%3C', + // @TODO Misc/unsorted 'cgi-', '.eml', '$_request', '$_get', '$request', '$get', '.system', '&aim', 'new_password', '&icq', '.conf', 'motd ', 'HTTP/1.', diff --git a/libs/lib_updates.php b/libs/lib_updates.php index 51e8ea2..1b8bcc9 100644 --- a/libs/lib_updates.php +++ b/libs/lib_updates.php @@ -52,6 +52,14 @@ FOREIGN KEY ( `ctracker_data_id` ) REFERENCES `' . $GLOBALS['ctracker_dbname'] . `id` ) ON DELETE CASCADE ) TYPE=InnoDB', + ), + + // NULL for missing values + 1 => array( + "ALTER TABLE `ctracker_data` CHANGE `script_name` `script_name` VARCHAR( 255 ) CHARACTER SET utf8 COLLATE utf8_general_ci NULL DEFAULT NULL COMMENT 'Full script name", + "UPDATE `ctracker_data` SET `script_name`=NULL WHERE `script_name`=''", + "ALTER TABLE `ctracker_data` CHANGE `server_name` `server_name` TINYTEXT CHARACTER SET utf8 COLLATE utf8_general_ci NULL DEFAULT NULL COMMENT 'Server''s host name'", + "UPDATE `ctracker_data` SET `server_name`=NULL WHERE `server_name`=''", ) ); }