*
* @author Roland Haeder <webmaster@shipsimu.org>
* @version 3.0.0
- * @copyright Copyright (c) 2009 - 2011 Cracker Tracker Team
+ * @copyright Copyright (c) 2009 - 2017 Cracker Tracker Team
* @license GNU GPL 3.0 or any newer version
* @link http://www.shipsimu.org
*
if (!function_exists('implode_r')) {
// Implode recursive a multi-dimension array, taken from www.php.net
function implode_r ($glue, $array, $array_name = NULL) {
- $return = array();
- while(list($key,$value) = @each($array)) {
- if(is_array($value)) {
+ $return = [];
+ while (list($key,$value) = @each($array)) {
+ if (is_array($value)) {
// Is an array again, so call recursive
$return[] = implode_r($glue, $value, (string) $key);
} else {
- if($array_name != NULL) {
+ if ($array_name != NULL) {
$return[] = $array_name . '[' . (string) $key . ']=' . $value . "\n";
} else {
$return[] = $key . '=' . $value."\n";
} // END - while
// Return resulting array
- return(implode($glue, $return));
+ return implode($glue, $return);
} // END - function
} // END - if
if (!function_exists('implode_secure')) {
// Implode a simple array with a 'call-back' to our escaper function
- function implode_secure ($array) {
+ function implode_secure (array $array) {
// Return string
$return = '';
} // END - if
// Load it
- require($fqfn);
+ require $fqfn;
// Load email header
$GLOBALS['ctracker_header'] = crackerTrackerLoadEmailTemplate('header');
}
// Detects the user-agent string
-function crackerTrackerUserAgent () {
+function crackerTrackerUserAgent ($sanitize = FALSE) {
// Default is 'unknown'
$ua = 'unknown';
// Is the entry there?
if (isset($_SERVER['HTTP_USER_AGENT'])) {
// Then use it securely
- $ua = crackerTrackerSecureString($_SERVER['HTTP_USER_AGENT']);
+ $ua = crackerTrackerSecureString(urldecode($_SERVER['HTTP_USER_AGENT']));
+ } // END - if
+
+ // Sanitize it?
+ if ($sanitize === TRUE) {
+ // Sanitize ...
+ $ua = crackerTrackerSanitize($ua);
} // END - if
// Return it
}
// Detects the script name
-function crackerTrackerScriptName () {
+function crackerTrackerScriptName ($sanitize = FALSE) {
+ // Default is NULL
+ $scriptName = NULL;
+
// Is it there?
- if (!isset($_SERVER['SCRIPT_NAME'])) {
+ if (!empty($_SERVER['SCRIPT_NAME'])) {
// Return NULL
- return NULL;
+ $scriptName = crackerTrackerSecureString($_SERVER['SCRIPT_NAME']);
} // END - if
- // Should always be there!
- return crackerTrackerSecureString($_SERVER['SCRIPT_NAME']);
+ // Sanitize it?
+ if ($sanitize === TRUE) {
+ // Sanitize ...
+ $scriptName = crackerTrackerSanitize($scriptName);
+ } // END - if
+
+ // Return
+ return $scriptName;
}
// Detects the query string
-function crackerTrackerQueryString () {
+function crackerTrackerQueryString ($sanitize = FALSE) {
+ // Default is NULL
+ $query = NULL;
+
// Is it there?
- if (!isset($_SERVER['QUERY_STRING'])) {
- // Return NULL
- return NULL;
+ if (!empty($_SERVER['QUERY_STRING'])) {
+ // Get string escaped
+ $query = crackerTrackerEscapeString(urldecode($_SERVER['QUERY_STRING']));
+ } elseif (!empty($_SERVER['REQUEST_URI'])) {
+ // Get string escaped
+ $query = crackerTrackerEscapeString(urldecode($_SERVER['REQUEST_URI']));
+ }
+
+ // Sanitize it?
+ if ((!empty($query)) && ($sanitize === TRUE)) {
+ // Sanitize ...
+ $query = crackerTrackerSanitize($query);
} // END - if
- // Should always be there!
- return crackerTrackerEscapeString(urldecode($_SERVER['QUERY_STRING']));
+ // Return it
+ return $query;
}
// Detects the server's name
-function crackerTrackerServerName () {
+function crackerTrackerServerName ($sanitize = FALSE) {
+ // Default is NULL
+ $serverName = NULL;
+
// Is it there?
- if (!isset($_SERVER['SERVER_NAME'])) {
+ if (!empty($_SERVER['SERVER_NAME'])) {
// Return NULL
- return NULL;
+ $serverName = crackerTrackerSecureString($_SERVER['SERVER_NAME']);
} // END - if
- // Should always be there!
- return crackerTrackerSecureString($_SERVER['SERVER_NAME']);
+ // Sanitize it?
+ if ($sanitize === TRUE) {
+ // Sanitize ...
+ $serverName = crackerTrackerSanitize($serverName);
+ } // END - if
+
+ // Return it
+ return $serverName;
}
// Detects the referer
-function crackerTrackerReferer () {
+function crackerTrackerReferer ($sanitize = FALSE) {
// Default is a dash
$referer = '-';
// Is it there?
- if (isset($_SERVER['HTTP_REFERER'])) {
+ if (!empty($_SERVER['HTTP_REFERER'])) {
// Then use it securely
$referer = crackerTrackerSecureString(urldecode($_SERVER['HTTP_REFERER']));
} // END - if
+ // Sanitize it?
+ if ($sanitize === TRUE) {
+ // Sanitize ...
+ $referer = crackerTrackerSanitize($referer);
+ } // END - if
+
// Return it
return $referer;
}
+// Detects request method
+function crackerTrackerRequestMethod () {
+ // Default is NULL
+ $method = NULL;
+
+ // Is it set?
+ if (!empty($_SERVER['REQUEST_METHOD'])) {
+ // Then use it
+ $method = $_SERVER['REQUEST_METHOD'];
+ } // END - if
+
+ // Return it
+ return $method;
+}
+
// Detects the scripts path
function crackerTrackerScriptPath () {
// Should always be there!
}
// Loads a given email template and passes through $content
-function crackerTrackerLoadEmailTemplate ($template, array $content = array(), $language = NULL) {
+function crackerTrackerLoadEmailTemplate ($template, array $content = [], $language = NULL) {
// Init language
crackerTrackerLanguage();
'ctracker_post_blacklist',
'ctracker_header',
'ctracker_post_track',
- 'ctracker_checkworm',
- 'ctracker_check_post',
+ 'ctracker_checked_get',
+ 'ctracker_checked_post',
+ 'ctracker_checked_ua',
'ctracker_last_sql',
'ctracker_last_result',
'ctracker_config',
'ctracker_language',
'ctracker_localized',
'ctracker_link',
+ 'ctracker_blocked_methods',
) as $key) {
// Unset it
unset($GLOBALS[$key]);
} // END - foreach
}
-// [EOF]
-?>
+// Sanitizes string
+function crackerTrackerSanitize ($str) {
+ return str_replace(array('//', '/./'), array('/', '/'), $str);
+}
projects / ctracker.git / blobdiff