Don't continue if the cookie has been set + ticket has created. 'unknown' was found...

[ctracker.git] / libs / lib_general.php

diff --git a/libs/lib_general.php b/libs/lib_general.php
index 33f15a0d09da790b55ecc9aa581457dd0167331f..62062d7b2586bf4d094520b762cd11d0ac40ef6a 100644 (file)
--- a/libs/lib_general.php
+++ b/libs/lib_general.php
@@ -76,7 +76,7 @@ if (!function_exists('implode_secure')) {
 // Getter for ctracker_debug_enabled
 function isCrackerTrackerDebug () {
        // Is it set?
-       return ((isset($GLOBALS['ctracker_debug_enabled'])) && ($GLOBALS['ctracker_debug_enabled'] === true));
+       return ((isset($GLOBALS['ctracker_debug_enabled'])) && ($GLOBALS['ctracker_debug_enabled'] === TRUE));
 }
 
 // Determines the real remote address
@@ -87,20 +87,23 @@ function determineCrackerTrackerRealRemoteAddress () {
        // Is a proxy in use?
        if (isset($_SERVER['HTTP_X_FORWARDED_FOR'])) {
                // Proxy was used
-               $address = $_SERVER['HTTP_X_FORWARDED_FOR'];
+               $address = trim($_SERVER['HTTP_X_FORWARDED_FOR']);
        } elseif (isset($_SERVER['HTTP_CLIENT_IP'])) {
                // Yet, another proxy
-               $address = $_SERVER['HTTP_CLIENT_IP'];
+               $address = trim($_SERVER['HTTP_CLIENT_IP']);
        } elseif (isset($_SERVER['REMOTE_ADDR'])) {
                // The regular address when no proxy was used
-               $address = getenv('REMOTE_ADDR');
+               $address = trim(getenv('REMOTE_ADDR'));
        }
 
-       // This strips out the real address from proxy output
-       if (strstr($address, ',')) {
+       if ($address == 'unknown') {
+               // Invalid IP somehow given
+               $address = '0.0.0.0';
+       elseif (strstr($address, ',')) {
+               // This strips out the real address from proxy output
                $addressArray = explode(',', $address);
                $address = $addressArray[0];
-       } // END - if
+       }
 
        // Return the result
        return $address;
@@ -174,7 +177,7 @@ function crackerTrackerReferer () {
        // Is it there?
        if (isset($_SERVER['HTTP_REFERER'])) {
                // Then use it securely
-               $referer = crackerTrackerSecureString($_SERVER['HTTP_REFERER']);
+               $referer = crackerTrackerSecureString(urldecode($_SERVER['HTTP_REFERER']));
        } // END - if
 
        // Return it
@@ -220,7 +223,7 @@ function isCrackerTrackerFileFound ($FQFN) {
 // Loads a given "template" (this is more an include file)
 function crackerTrackerLoadTemplate ($template) {
        // Create the full-qualified filename (FQFN)
-       $FQFN = sprintf("%s/templates/%s.tpl.php",
+       $FQFN = sprintf('%s/templates/%s.tpl.php',
                dirname(__FILE__),
                $template
        );
@@ -241,7 +244,7 @@ function crackerTrackerLoadTemplate ($template) {
 // Loads a given "template" (this is more an include file)
 function crackerTrackerLoadLocalizedTemplate ($template) {
        // Create the full-qualified filename (FQFN)
-       $FQFN = sprintf("%s/templates/%s/%s.tpl.php",
+       $FQFN = sprintf('%s/templates/%s/%s.tpl.php',
                dirname(__FILE__),
                getCrackerTrackerLanguage(),
                $template
@@ -280,7 +283,7 @@ function crackerTrackerLanguage () {
        } // END - if
 
        // Construct FQFN
-       $FQFN = sprintf("%s/language/%s.php",
+       $FQFN = sprintf('%s/language/%s.php',
                dirname(__FILE__),
                getCrackerTrackerLanguage()
        );
@@ -291,9 +294,7 @@ function crackerTrackerLanguage () {
                $GLOBALS['ctracker_language'] = 'en';
 
                // Construct FQFN again
-               $FQFN = sprintf("%s/language/en.php",
-                       dirname(__FILE__)
-               );
+               $FQFN = sprintf('%s/language/en.php', dirname(__FILE__));
        } // END - if
 
        // Load the language file
@@ -301,12 +302,12 @@ function crackerTrackerLanguage () {
 }
 
 // Loads a given email template and passes through $content
-function crackerTrackerLoadEmailTemplate ($template, array $content = array(), $language = null) {
+function crackerTrackerLoadEmailTemplate ($template, array $content = array(), $language = NULL) {
        // Init language
        crackerTrackerLanguage();
 
        // Generate the FQFN
-       $FQFN = sprintf("%s/mails/%s/%s.tpl",
+       $FQFN = sprintf('%s/mails/%s/%s.tpl',
                dirname(__FILE__),
                getCrackerTrackerLanguage($language),
                $template
@@ -374,7 +375,7 @@ function crackerTrackerCompileCode ($code) {
 }
 
 // "Getter" for language
-function getCrackerTrackerLanguage ($lang = null) {
+function getCrackerTrackerLanguage ($lang = NULL) {
        // Default is from browser
        $language = $GLOBALS['ctracker_language'];
 
@@ -407,7 +408,7 @@ function getCrackerTrackerTicketId () {
 function sendCrackerTrackerCookie () {
        // Set the cookie
        // @TODO Why can't domain be set to value from crackerTrackerServerName() ?
-       setcookie('ctracker_ticket', getCrackerTrackerTicketId(), (time() + 60*60*24), '/', '', crackerTrackerSecured(), true);
+       setcookie('ctracker_ticket', getCrackerTrackerTicketId(), (time() + 60*60*24), '/', '', crackerTrackerSecured(), TRUE);
        $_COOKIE['ctracker_ticket'] = getCrackerTrackerTicketId();
 }
 
@@ -457,7 +458,7 @@ function crackerTrackerSendRawRedirect ($url) {
 
        // check if running on IIS < 6 with CGI-PHP
        if ((isset($_SERVER['SERVER_SOFTWARE'])) && (isset($_SERVER['GATEWAY_INTERFACE'])) &&
-               (strpos($_SERVER['GATEWAY_INTERFACE'],'CGI') !== false) &&
+               (strpos($_SERVER['GATEWAY_INTERFACE'],'CGI') !== FALSE) &&
                (preg_match('|^Microsoft-IIS/(\d)\.\d$|', trim($_SERVER['SERVER_SOFTWARE']), $matches)) &&
                ($matches[1] < 6)) {
                // Send the IIS header