From d5ca8f8c841b8ffee25a143c490ae0b5551c9243 Mon Sep 17 00:00:00 2001 From: =?utf8?q?Roland=20H=C3=A4der?= Date: Wed, 4 Nov 2020 13:30:43 +0100 Subject: [PATCH] Continued: - reduced local variables - fixed SQL (ops!) MIME-Version: 1.0 Content-Type: text/plain; charset=utf8 Content-Transfer-Encoding: 8bit Signed-off-by: Roland Häder --- libs/lib_connect.php | 2 +- libs/lib_detector.php | 13 ++----------- 2 files changed, 3 insertions(+), 12 deletions(-) diff --git a/libs/lib_connect.php b/libs/lib_connect.php index 9f90c5c..f3c0161 100644 --- a/libs/lib_connect.php +++ b/libs/lib_connect.php @@ -130,7 +130,7 @@ function updateCrackerTrackerEntry (array $rowData, $countColumn = 'count') { } // Run the SQL and check if we have one line - runCrackerTrackerSql(sprintf("UPDATE `ctracker_data` SET `%s`=`%s`+1 WHERE (`remote_addr`='%s' AND `proxy_addr`=' . ') LIMIT 1", + runCrackerTrackerSql(sprintf("UPDATE `ctracker_data` SET `%s`=`%s`+1 WHERE (`remote_addr`='%s' AND `proxy_addr`='%s') LIMIT 1", $countColumn, $countColumn, crackerTrackerEscapeString($rowData['remote_addr']), diff --git a/libs/lib_detector.php b/libs/lib_detector.php index 65062c7..d0cf25d 100644 --- a/libs/lib_detector.php +++ b/libs/lib_detector.php @@ -407,15 +407,6 @@ function crackerTrackerLogAttack () { // Aquire database link aquireCrackerTrackerDatabaseLink(); - // By default no proxy is used - $proxyUsed = 'N'; - - // Did the attacker use a proxy? - if (isCrackerTrackerProxyUsed()) { - // Set it - $proxyUsed = 'Y'; - } - // Prepare array for database insert $rowData = [ 'remote_addr' => determineCrackerTrackerRealRemoteAddress(), @@ -430,8 +421,8 @@ function crackerTrackerLogAttack () { 'script_name' => crackerTrackerScriptName(), 'referer' => crackerTrackerReferer(), 'request_method' => crackerTrackerRequestMethod(), - 'proxy_used' => $proxyUsed, - 'first_attempt' => 'NOW()' + 'proxy_used' => (isCrackerTrackerProxyUsed() ? 'Y' : 'N'), + 'first_attempt' => 'NOW()', ]; // Insert the array in database -- 2.39.5