From: Roland Haeder <roland@mxchange.org>
Date: Thu, 18 Jul 2013 00:07:58 +0000 (+0000)
Subject: Experimental commit:
X-Git-Url: https://git.mxchange.org/?p=ctracker.git;a=commitdiff_plain;h=405e14dad137dced353b1ac5b0389291e3f1a984

Experimental commit:
decode URL before checking to avoid something like this: q=%2FopenFooBar which
would be converted to q=%2fopenfoobar and then blocked as 'fopen' is then found.

This happens with StatusNet 1.1.1
---

diff --git a/libs/lib_detector.php b/libs/lib_detector.php
index 11d5c07..3fa9b4d 100644
--- a/libs/lib_detector.php
+++ b/libs/lib_detector.php
@@ -95,7 +95,7 @@ function initCrackerTrackerArrays () {
 // Checks for worms
 function isCrackerTrackerWormDetected () {
 	// Check against the whole list
-	$GLOBALS['ctracker_checkworm'] = str_ireplace($GLOBALS['ctracker_get_blacklist'], '*', crackerTrackerQueryString());
+	$GLOBALS['ctracker_checkworm'] = str_ireplace($GLOBALS['ctracker_get_blacklist'], '*', urldecode(crackerTrackerQueryString()));
 
 	// If it differs to original and the *whole* request string is not in whitelist
 	// then blog the attempt
diff --git a/libs/lib_general.php b/libs/lib_general.php
index 64bc6a7..fe382dc 100644
--- a/libs/lib_general.php
+++ b/libs/lib_general.php
@@ -93,7 +93,7 @@ function determineCrackerTrackerRealRemoteAddress () {
 		$address = $_SERVER['HTTP_CLIENT_IP'];
 	} elseif (isset($_SERVER['REMOTE_ADDR'])) {
 		// The regular address when no proxy was used
-		$address = $_SERVER['REMOTE_ADDR'];
+		$address = getenv('REMOTE_ADDR');
 	}
 
 	// This strips out the real address from proxy output