Added some php.ini settings to block

[ctracker.git] / libs / lib_detector.php

diff --git a/libs/lib_detector.php b/libs/lib_detector.php
index a6f8435897fea393f852eb40a24a0b9f5bbeab54..3511de9896a5d03023dd82d99a9ffc08765c17bb 100644 (file)
--- a/libs/lib_detector.php
+++ b/libs/lib_detector.php
@@ -126,6 +126,9 @@ function initCrackerTrackerArrays () {
                // Attempts to insert links into a badly secured URL
                '%3E%3C',
 
+               // php.ini settings
+               'allow_url_fopen', 'allow_url_include', 'auto_prepend_file', 'disable_functions',
+
                // @TODO Misc/unsorted
                'cgi-', '.eml', '$_request', '$_get', '$request', '$get', '.system',
                '&aim', 'new_password', '&icq', '.conf', 'motd ', 'HTTP/1.',
@@ -221,6 +224,7 @@ function crackerTrackerSendMail ($mail, $recipient = NULL, $subject = NULL) {
        // Construct dummy array
        $rowData = array(
                'remote_addr' => determineCrackerTrackerRealRemoteAddress(),
+               'proxy_addr'  => getenv('REMOTE_ADDR'),
                'check_worm'  => $GLOBALS['ctracker_checkworm'],
                'server_name' => crackerTrackerServerName()
        );
@@ -321,6 +325,7 @@ function crackerTrackerLogAttack () {
        // Prepare array for database insert
        $rowData = array(
                'remote_addr'   => determineCrackerTrackerRealRemoteAddress(),
+               'proxy_addr'    => getenv('REMOTE_ADDR'),
                'user_agent'    => crackerTrackerUserAgent(),
                'get_data'      => crackerTrackerQueryString(),
                'post_data'     => $GLOBALS['ctracker_post_track'],