From 9fd795566b1d6582c6949a309b1d724160bff6c5 Mon Sep 17 00:00:00 2001
From: Roland Haeder <roland@mxchange.org>
Date: Thu, 7 Jan 2010 16:17:25 +0000
Subject: [PATCH] Renamed to bypass naming conflicts

---
 libs/lib_detector.php | 42 +++++++++++++++++++++---------------------
 libs/lib_general.php  |  4 ++--
 2 files changed, 23 insertions(+), 23 deletions(-)

diff --git a/libs/lib_detector.php b/libs/lib_detector.php
index 4459a58..7d7836e 100644
--- a/libs/lib_detector.php
+++ b/libs/lib_detector.php
@@ -34,14 +34,14 @@ function initCrackerTrackerArrays () {
 	}
 
 	// Whitelist some absolute query strings (see below)
-	$GLOBALS['whitelist'] = array(
+	$GLOBALS['ctracker_whitelist'] = array(
 		'cmd=new',   // LinPHA
 		'cmd=edit',  // LinPHA
 		'cmd=lostpw' // LinPHA
 	);
 
 	// Attacks we should detect and blok
-	$GLOBALS['wormprotector'] = array(
+	$GLOBALS['ctracker_wormprotector'] = array(
 		'chr(', 'chr=', 'chr%20', '%20chr', 'wget%20', '%20wget', 'wget(',
 		'cmd=', '%20cmd', 'cmd%20', 'rush=', '%20rush', 'rush%20',
 		'union%20', '%20union', 'union(', 'union=', 'echr(', '%20echr', 'echr%20', 'echr=',
@@ -70,7 +70,7 @@ function initCrackerTrackerArrays () {
 	);
 
 	// Block these words found in POST requests
-	$GLOBALS['post_blacklist'] = array(
+	$GLOBALS['ctracker_post_blacklist'] = array(
 		// These two lines are for detecting hidden link spam in wikis, forums, guestbooks, etc.
 		'div style=', 'overflow:auto', 'height:1px', 'width:1px', 'display:hidden',
 		'overflow: auto', 'height: 1px', 'display: hidden',
@@ -83,23 +83,23 @@ function initCrackerTrackerArrays () {
 // Checks for worms
 function isCrackerTrackerWormDetected () {
 	// Check against the whole list
-	$GLOBALS['checkworm'] = str_replace($GLOBALS['wormprotector'], '*', $_SERVER['QUERY_STRING']);
+	$GLOBALS['ctracker_checkworm'] = str_replace($GLOBALS['ctracker_wormprotector'], '*', $_SERVER['QUERY_STRING']);
 
 	// If it differs to original and the *whole* request string is not in whitelist
 	// then blog the attempt
-	return ($GLOBALS['checkworm'] != $_SERVER['QUERY_STRING'] && (!in_array($_SERVER['QUERY_STRING'], $GLOBALS['whitelist'])));
+	return ($GLOBALS['ctracker_checkworm'] != $_SERVER['QUERY_STRING'] && (!in_array($_SERVER['QUERY_STRING'], $GLOBALS['ctracker_whitelist'])));
 }
 
 // Checks POST data
 function isCrackerTrackerPostAttackDetected () {
 	// Implode recursive the whole $_POST array
-	$GLOBALS['post_track'] = implode_r('', $_POST);
+	$GLOBALS['ctracker_post_track'] = implode_r('', $_POST);
 
 	// Check for suspicious POST data
-	$GLOBALS['check_post'] = str_replace($GLOBALS['post_blacklist'], '*', $GLOBALS['post_track']);
+	$GLOBALS['ctracker_check_post'] = str_replace($GLOBALS['ctracker_post_blacklist'], '*', $GLOBALS['ctracker_post_track']);
 
 	// Is it detected?
-	return ((isCrackerTrackerWormDetected()) || ($GLOBALS['check_post'] != $GLOBALS['post_track']));
+	return ((isCrackerTrackerWormDetected()) || ($GLOBALS['ctracker_check_post'] != $GLOBALS['ctracker_post_track']));
 }
 
 // Prepares a mail and send it out
@@ -107,10 +107,10 @@ function sendCrackerTrackerMail () {
 	// Mail content
 	$mail = "Attack detected:
 -----------------------------------------------------
-Remote-IP       : ".determineRealRemoteAddress()."
+Remote-IP       : ".determineCrackerTrackerRealRemoteAddress()."
 User-Agent      : ".$_SERVER['HTTP_USER_AGENT']."
 Request-string  : ".$_SERVER['QUERY_STRING']."
-Filtered string : ".$GLOBALS['checkworm']."
+Filtered string : ".$GLOBALS['ctracker_checkworm']."
 Server          : ".$_SERVER['SERVER_NAME']."
 Script          : ".$_SERVER['SCRIPT_NAME']."
 Referrer        : ".$_SERVER['HTTP_REFERRER']."
@@ -131,8 +131,8 @@ Referrer        : ".$_SERVER['HTTP_REFERRER']."
 function crackerTrackerSendMail ($mail) {
 	// Construct dummy array
 	$rowData = array(
-		'remote_addr' => determineRealRemoteAddress(),
-		'check_worm'  => $GLOBALS['checkworm'],
+		'remote_addr' => determineCrackerTrackerRealRemoteAddress(),
+		'check_worm'  => $GLOBALS['ctracker_checkworm'],
 		'server_name' => $_SERVER['SERVER_NAME']
 	);
 
@@ -160,16 +160,16 @@ function sendCrackerTrackerPostMail () {
 	// Mail text
 	$mail = "POST-Attack detected:
 -----------------------------------------------------
-Remote-IP            : ".determineRealRemoteAddress()."
+Remote-IP            : ".determineCrackerTrackerRealRemoteAddress()."
 User-Agent           : ".$_SERVER['HTTP_USER_AGENT']."
 Request-string       : ".$_SERVER['QUERY_STRING']."
-Filtered string      : ".$GLOBALS['checkworm']."
+Filtered string      : ".$GLOBALS['ctracker_checkworm']."
 Server               : ".$_SERVER['SERVER_NAME']."
 Script               : ".$_SERVER['SCRIPT_NAME']."
 Referrer             : ".$_SERVER['HTTP_REFERRER']."
 -----------------------------------------------------
-POST string          : ".$GLOBALS['post_track']."
-Filtered POST string : ".$GLOBALS['check_post']."
+POST string          : ".$GLOBALS['ctracker_post_track']."
+Filtered POST string : ".$GLOBALS['ctracker_check_post']."
 -----------------------------------------------------
 ";
 
@@ -204,19 +204,19 @@ function crackerTrackerLogAttack () {
 	$proxyUsed = 'N';
 
 	// Did the attacker use a proxy?
-	if (isProxyUsed()) {
+	if (isCrackerTrackerProxyUsed()) {
 		// Set it
 		$proxyUsed = 'Y';
 	} // END - if
 
 	// Prepare array for database insert
 	$rowData = array(
-		'remote_addr' => determineRealRemoteAddress(),
+		'remote_addr' => determineCrackerTrackerRealRemoteAddress(),
 		'user_agent'  => $_SERVER['HTTP_USER_AGENT'],
 		'get_data'    => $_SERVER['QUERY_STRING'],
-		'post_data'   => $GLOBALS['post_track'],
-		'check_worm'  => $GLOBALS['checkworm'],
-		'check_post'  => $GLOBALS['check_post'],
+		'post_data'   => $GLOBALS['ctracker_post_track'],
+		'check_worm'  => $GLOBALS['ctracker_checkworm'],
+		'check_post'  => $GLOBALS['ctracker_check_post'],
 		'server_name' => $_SERVER['SERVER_NAME'],
 		'script_name' => $_SERVER['SCRIPT_NAME'],
 		'referer'     => $_SERVER['HTTP_REFERER'],
diff --git a/libs/lib_general.php b/libs/lib_general.php
index b3db3ef..85fed70 100644
--- a/libs/lib_general.php
+++ b/libs/lib_general.php
@@ -80,7 +80,7 @@ function isCrackerTrackerDebug () {
 }
 
 // Determines the real remote address
-function determineRealRemoteAddress () {
+function determineCrackerTrackerRealRemoteAddress () {
 	// Is a proxy in use?
 	if (isset($_SERVER['HTTP_X_FORWARDED_FOR'])) {
 		// Proxy was used
@@ -104,7 +104,7 @@ function determineRealRemoteAddress () {
 }
 
 // Determine if a proxy was used
-function isProxyUsed () {
+function isCrackerTrackerProxyUsed () {
 	// Check if specific entries are set
 	$proxyUsed = ((isset($_SERVER['HTTP_X_FORWARDED_FOR'])) || (isset($_SERVER['HTTP_CLIENT_IP'])));
 
-- 
2.39.5