From: Roland Haeder <roland@mxchange.org>
Date: Sun, 11 Aug 2013 12:02:25 +0000 (+0000)
Subject: server_name and script_name can now be NULL and set all empty strings to NULL, added... 
X-Git-Url: https://git.mxchange.org/?a=commitdiff_plain;h=c66ed34e09fa87f7c16c27f1428577a0437c12c4;p=ctracker.git

server_name and script_name can now be NULL and set all empty strings to NULL, added %3E%3C (><) which indicates an attempt to insert a HTML link into a badly secured URL
---

diff --git a/libs/lib_detector.php b/libs/lib_detector.php
index e08a497..a6f8435 100644
--- a/libs/lib_detector.php
+++ b/libs/lib_detector.php
@@ -123,6 +123,9 @@ function initCrackerTrackerArrays () {
 		// Windows XP (?) hacks
 		'xp_enumdsn', 'xp_availablemedia', 'xp_filelist', 'xp_cmdshell',
 
+		// Attempts to insert links into a badly secured URL
+		'%3E%3C',
+
 		// @TODO Misc/unsorted
 		'cgi-', '.eml', '$_request', '$_get', '$request', '$get', '.system',
 		'&aim', 'new_password', '&icq', '.conf', 'motd ', 'HTTP/1.',
diff --git a/libs/lib_updates.php b/libs/lib_updates.php
index 51e8ea2..1b8bcc9 100644
--- a/libs/lib_updates.php
+++ b/libs/lib_updates.php
@@ -52,6 +52,14 @@ FOREIGN KEY ( `ctracker_data_id` ) REFERENCES `' . $GLOBALS['ctracker_dbname'] .
 `id`
 ) ON DELETE CASCADE
 ) TYPE=InnoDB',
+		),
+
+		// NULL for missing values
+		1 => array(
+			"ALTER TABLE `ctracker_data` CHANGE `script_name` `script_name` VARCHAR( 255 ) CHARACTER SET utf8 COLLATE utf8_general_ci NULL DEFAULT NULL COMMENT 'Full script name",
+			"UPDATE `ctracker_data` SET `script_name`=NULL WHERE `script_name`=''",
+			"ALTER TABLE `ctracker_data` CHANGE `server_name` `server_name` TINYTEXT CHARACTER SET utf8 COLLATE utf8_general_ci NULL DEFAULT NULL COMMENT 'Server''s host name'",
+			"UPDATE `ctracker_data` SET `server_name`=NULL WHERE `server_name`=''",
 		)
 	);
 }