From 6115a2f0b510b4bc0f11bbd520b8b64defee4dd9 Mon Sep 17 00:00:00 2001
From: =?utf8?q?Roland=20H=C3=A4der?= <roland@mxchange.org>
Date: Mon, 9 Jun 2025 01:24:01 +0200
Subject: [PATCH] Continued: - sprintf() used - old array() turned to "new" []
 way - sorted detection arrays a bit better

---
 libs/lib_connect.php  | 12 ++++++++----
 libs/lib_detector.php | 27 ++++++++++++++++-----------
 libs/lib_general.php  | 26 +++++++++++++++++++++-----
 3 files changed, 45 insertions(+), 20 deletions(-)

diff --git a/libs/lib_connect.php b/libs/lib_connect.php
index 2690624..b6344a9 100644
--- a/libs/lib_connect.php
+++ b/libs/lib_connect.php
@@ -256,10 +256,13 @@ function crackerTrackerCreateTable (string $table, array $columns, array $keys)
 	runCrackerTrackerSql($sqlString);
 }
 
-// Inits a table by inserting 
+// Inits a table by inserting
 function crackerTrackerInitTable (string $table) {
 	// Prepare SQL and run it
-	runCrackerTrackerSql('INSERT INTO `' . $table . '` (`' . $table . '`) VALUES (NULL)');
+	runCrackerTrackerSql(sprintf("INSERT INTO `%s` (`%s`) VALUES (NULL)'",
+		$table,
+		$table
+	));
 }
 
 // Updates the database scheme automatically
@@ -273,13 +276,14 @@ function crackerTrackerUpdateDatabaseScheme () {
 	// Is the main config table there?
 	if (!isCrackerTrackerTableCreated('ctracker_config')) {
 		// Then do it for us
-		crackerTrackerCreateTable('ctracker_config', array(
+		crackerTrackerCreateTable('ctracker_config', [
 			'ctracker_db_version' => 'BIGINT ( 20 ) UNSIGNED NOT NULL DEFAULT 0',
 			'ctracker_min_sleep'  => 'SMALLINT ( 5 ) UNSIGNED NOT NULL DEFAULT 10',
 			'ctracker_max_sleep'  => 'SMALLINT ( 5 ) UNSIGNED NOT NULL DEFAULT 30',
 			'ctracker_alert_user' => "ENUM('Y','N') NOT NULL DEFAULT 'Y'",
 			'ctracker_language'   => "CHAR ( 2) NOT NULL DEFAULT 'en'"
-		), array());
+		], [
+		]);
 
 		// Init that table
 		crackerTrackerInitTable('ctracker_config');
diff --git a/libs/lib_detector.php b/libs/lib_detector.php
index 4266f18..92ffbbd 100644
--- a/libs/lib_detector.php
+++ b/libs/lib_detector.php
@@ -65,11 +65,11 @@ function initCrackerTrackerArrays () {
 
 		// Other Linux/FreeBSD/??? programs (sometimes with space)
 		'traceroute ', 'ping ', 'bin/xterm', 'bin/./xterm', 'lsof ',
-		'telnet ', 'wget ', 'bin/perl', 'bin/id', 'uname\x20', 'uname ',
-		'killall', 'diff ', 'kill ', 'locate ', 'grep ', 'vi ', 'mv ',
-		'rmdir ', 'mcd ', 'mrd ', 'rm ', ' mcd', ' mrd', ' rm',
+		'telnet ', 'wget ', ' wget', 'bin/perl', 'bin/id', 'uname\x20',
+		'uname ', 'killall', 'diff ', 'kill ', 'locate ', 'grep ', 'vi ',
+		'mv ', 'rmdir ', 'mcd ', 'mrd ', 'rm ', ' mcd', ' mrd', ' rm',
 		'passwd ', ' passwd', 'mdir ', ' mdir', 'cp ', ' cp',
-		'esystem ', 'chr ', ' chr', 'wget ', ' wget', ' cmd',
+		'esystem ', 'chr ', ' chr', ' cmd',
 		'cmd ', ' rush', 'rush ', ' echr', 'echr ', ' getenv',
 		'getenv', 'reboot ', 'halt ', 'powerdown ', 'invokefunction',
 
@@ -81,12 +81,17 @@ function initCrackerTrackerArrays () {
 		// Other Linux programs (+ equal)
 		'mcd=', 'mrd=', 'chmod=', 'chr=', 'rush=', 'echr=',
 
-		// Paths
-		'/etc/', '/bin/', '/sbin/', '/self/', '/proc/', '../../','..//', '././',
-		'/home/ftp', '/home/./ftp', '/home/./www', '/home/www', '/www/virtual/',
-		'/www/./virtual/',
+		// Generic Linux paths
+		'/etc/', '/bin/', '/sbin/', '/self/', '/proc/', '/sys/',
 
-		// Uni* commands:
+		// Dotted paths (to break out of DOCUMENT_ROOT)
+		'../../','..//', '././',
+
+		// Home paths and maybe common virtual hosting paths (ISCP)
+		'/home/ftp', '/home/./ftp', '/home/./www', '/home/www',
+		'/www/virtual/', '/www/./virtual/',
+
+		// User right, group and user changing
 		'/chgrp', '/chown', '/chmod', 'chown ', 'chmod ', 'chgrp ',
 
 		// Compiler/interpreter
@@ -137,7 +142,7 @@ function initCrackerTrackerArrays () {
 		'width:0px', 'width: 0px','width:1px', 'width: 1px',
 
 		// Uncommon user websites
-		'~root', '~ftp', '~nobody',
+		'~root', '~ftp', '~nobody', '~www-data',
 
 		// Windows XP (?) hacks
 		'xp_enumdsn', 'xp_availablemedia', 'xp_filelist', 'xp_cmdshell',
@@ -163,7 +168,7 @@ function initCrackerTrackerArrays () {
 		// @TODO Misc/unsorted
 		'cgi-', '.eml', '$_request', '$_get', '$request', '$get', '.system',
 		'&aim', 'new_password', '&icq', '.conf', 'motd ', 'HTTP/1.',
-		'window.open', 'img src', 'img src', '.jsp', 'servlet', 'org.apache',
+		'window.open', 'img src', '.jsp', 'servlet', 'org.apache',
 		'wwwacl', '/servlet/con', 'http_', 'secure_site, ok', 'chunked',
 		'<script', 'mod_gzip_status', '.system', 'uol.com', ',0x', '(0x',
 		'INSERT_RANDOM_NUMBER_HERE', '=passthru',
diff --git a/libs/lib_general.php b/libs/lib_general.php
index c7c6e93..1adec47 100644
--- a/libs/lib_general.php
+++ b/libs/lib_general.php
@@ -546,7 +546,7 @@ function unsetCtrackerData () {
 	//* DEBUG: */ error_log(__FUNCTION__ . ': CALLED!');
 
 	// Unset all ctracker data
-	foreach (array(
+	foreach ([
 			'ctracker_base_path',
 			'ctracker_host',
 			'ctracker_dbname',
@@ -570,7 +570,7 @@ function unsetCtrackerData () {
 			'ctracker_localized',
 			'ctracker_link',
 			'ctracker_blocked_methods',
-		) as $key) {
+		] as $key) {
 			// Unset it
 			unset($GLOBALS[$key]);
 	}
@@ -585,6 +585,7 @@ function crackerTrackerIsConsole () {
 	return (php_sapi_name() == 'cli');
 }
 
+// Add anti-spam field in contact form
 function ctrackerAntiSpamField () {
 	// Get all fields
 	$fields = ctrackerGetAntiSpamFields();
@@ -598,11 +599,19 @@ function ctrackerAntiSpamField () {
 
 function ctrackerGetAntiSpamFields () {
 	return [
+		// URLs
+		'ctracker_blog',
+		'ctracker_homepage',
 		'ctracker_url',
+		'ctracker_website',
+		// Chat services
 		'ctracker_aol',
-		'ctracker_yahoo',
 		'ctracker_icq',
 		'ctracker_jabber',
+		'ctracker_matrix',
+		'ctracker_utox',
+		'ctracker_xmpp',
+		'ctracker_yahoo',
 	];
 }
 
@@ -610,15 +619,22 @@ function ifCtrackerTrackerAntiSpamFieldGiven () {
 	// Is request method POST?
 	if (crackerTrackerRequestMethod() != 'POST') {
 		// Cannot be given
-		return false;
+		throw new BadFunctionCallException('Function should not be invoked');
 	}
 
+	// Default is not found
+	$isFound = false;
+
 	// Walk through all fields
 	foreach (ctrackerGetAntiSpamFields() as $fieldName) {
 		// Is one found?
 		if (in_array($fieldName, $_POST) && !empty($_POST[$fieldName])) {
 			// Filled out!
-			return true;
+			$isFound = true;
+			break;
 		}
 	}
+
+	// Return status
+	return $isFound;
 }
-- 
2.39.5