Experimental commit:

[ctracker.git] / libs / lib_detector.php

diff --git a/libs/lib_detector.php b/libs/lib_detector.php
index 68d00794ffb5a8b84f88755b15dc80dae4f18da8..3fa9b4da9ea0fb83545fba330c6698fd5d655520 100644 (file)
--- a/libs/lib_detector.php
+++ b/libs/lib_detector.php
@@ -35,9 +35,10 @@ function initCrackerTrackerArrays () {
 
        // Whitelist some absolute query strings (see below)
        $GLOBALS['ctracker_whitelist'] = array(
-               'cmd=new',   // LinPHA
-               'cmd=edit',  // LinPHA
-               'cmd=lostpw' // LinPHA
+               'cmd=new',          // LinPHA
+               'cmd=edit',         // LinPHA
+               'cmd=lostpw',       // LinPHA
+               'secure_session=1', // Mantis Bug Tracker
        );
 
        // Attacks we should detect and block
@@ -94,7 +95,7 @@ function initCrackerTrackerArrays () {
 // Checks for worms
 function isCrackerTrackerWormDetected () {
        // Check against the whole list
-       $GLOBALS['ctracker_checkworm'] = str_ireplace($GLOBALS['ctracker_get_blacklist'], '*', crackerTrackerQueryString());
+       $GLOBALS['ctracker_checkworm'] = str_ireplace($GLOBALS['ctracker_get_blacklist'], '*', urldecode(crackerTrackerQueryString()));
 
        // If it differs to original and the *whole* request string is not in whitelist
        // then blog the attempt