From 454878139fe80754870e9241268497f91e70d900 Mon Sep 17 00:00:00 2001
From: Roland Haeder <roland@mxchange.org>
Date: Thu, 18 Jul 2013 00:53:17 +0000
Subject: [PATCH] Fixes (opps) for bad check, blocked all

---
 libs/lib_detector.php | 18 +++++++++---------
 libs/lib_general.php  |  2 +-
 2 files changed, 10 insertions(+), 10 deletions(-)

diff --git a/libs/lib_detector.php b/libs/lib_detector.php
index 3fa9b4d..26da674 100644
--- a/libs/lib_detector.php
+++ b/libs/lib_detector.php
@@ -95,7 +95,7 @@ function initCrackerTrackerArrays () {
 // Checks for worms
 function isCrackerTrackerWormDetected () {
 	// Check against the whole list
-	$GLOBALS['ctracker_checkworm'] = str_ireplace($GLOBALS['ctracker_get_blacklist'], '*', urldecode(crackerTrackerQueryString()));
+	$GLOBALS['ctracker_checkworm'] = urldecode(str_ireplace($GLOBALS['ctracker_get_blacklist'], '*', crackerTrackerQueryString()));
 
 	// If it differs to original and the *whole* request string is not in whitelist
 	// then blog the attempt
@@ -105,7 +105,7 @@ function isCrackerTrackerWormDetected () {
 // Checks POST data
 function isCrackerTrackerPostAttackDetected () {
 	// Implode recursive the whole $_POST array
-	$GLOBALS['ctracker_post_track'] = implode_r('', $_POST);
+	$GLOBALS['ctracker_post_track'] = urldecode(implode_r('', $_POST));
 
 	// Check for suspicious POST data
 	$GLOBALS['ctracker_check_post'] = str_ireplace($GLOBALS['ctracker_post_blacklist'], '*', $GLOBALS['ctracker_post_track']);
@@ -122,13 +122,13 @@ function sendCrackerTrackerMail () {
 	// Mail content
 	$mail = "Attack detected:
 -----------------------------------------------------
-Remote-IP       : ".determineCrackerTrackerRealRemoteAddress()."
-User-Agent      : ".crackerTrackerUserAgent()."
-Request-string  : ".crackerTrackerQueryString()."
-Filtered string : ".$GLOBALS['ctracker_checkworm']."
-Server          : ".crackerTrackerServerName()."
-Script          : ".crackerTrackerScriptName()."
-Referrer        : ".crackerTrackerReferer()."
+Remote-IP       : " . determineCrackerTrackerRealRemoteAddress() . "
+User-Agent      : " . crackerTrackerUserAgent() . "
+Request-string  : " . crackerTrackerQueryString() . "
+Filtered string : " . $GLOBALS['ctracker_checkworm'] . "
+Server          : " . crackerTrackerServerName() . "
+Script          : " . crackerTrackerScriptName() . "
+Referrer        : " . crackerTrackerReferer() . "
 -----------------------------------------------------
 ";
 
diff --git a/libs/lib_general.php b/libs/lib_general.php
index fe382dc..33f15a0 100644
--- a/libs/lib_general.php
+++ b/libs/lib_general.php
@@ -151,7 +151,7 @@ function crackerTrackerQueryString () {
 	} // END - if
 
 	// Should always be there!
-	return crackerTrackerEscapeString($_SERVER['QUERY_STRING']);
+	return crackerTrackerEscapeString(urldecode($_SERVER['QUERY_STRING']));
 }
 
 // Detects the server's name
-- 
2.39.5