2020-08-11 Roland HäderContinued: master
2020-06-06 Roland HäderContinued:
2019-08-13 Roland HäderContinued:
2019-07-11 Roland HäderContinued:
2019-05-16 Roland HäderContinued:
2019-04-03 Roland HäderContinued:
2019-04-01 Roland HäderContinued:
2019-04-01 Roland HäderContinued:
2019-04-01 Roland HäderContinued:
2019-04-01 Roland HäderContinued:
2019-04-01 Roland HäderContinued:
2019-04-01 Roland HäderAlso __CALLBACKPARAM needs blocking
2019-04-01 Roland HäderChecking against GET parameters is for the user-agent...
2018-08-28 Roland HäderContinued:
2018-08-28 Roland HäderContinued:
2018-08-28 Roland HäderCRLF->LF
2018-08-28 Roland HäderMerge branch 'master' of mx:/var/cache/git/repos/ctracker
2018-08-22 Roland HäderContinued:
2018-08-22 Roland HäderContinued:
2017-07-18 Roland Häderproject name set
2017-07-18 Roland Häderupdated (c)
2017-07-18 Roland HäderIt is okay to have this NetBeans project around + ignor...
2016-09-23 Roland HäderMantisBT need these being white-listed.
2016-08-31 Roland HäderMust be id to have NULL counted, too.
2016-08-31 Roland HäderAdded view for request methods
2016-08-30 Roland HäderAdded "detection" of open_basedir and php:// protocol:
2016-08-22 Roland HäderFixed parser error
2016-08-22 Roland HäderSorted a bit + removed '.js' as this was to much and...
2016-08-10 Roland HäderSome fixes:
2016-08-05 Roland HäderAlso block request methods such as CONNECT as they...
2016-07-28 Roland HäderAlso __CALLBACKPARAM needs blocking
2016-07-28 Roland HäderChecking against GET parameters is for the user-agent...
2016-07-28 Roland HäderOnly for testing purposes the string is being sanitized...
2016-07-28 Roland HäderUpdated database
2016-07-28 Roland HäderRenaming season has started:
2016-07-28 Roland HäderSanitize request strings (also serialized POST data...
2016-07-28 Roland HäderContinued:
2016-07-28 Roland HäderContinued improving:
2016-07-27 Roland HäderUpdated a lot:
2016-07-26 Roland HäderIndex on count column to improve SUM queries
2016-07-26 Roland HäderThis column should be after remote_addr to have both...
2016-07-26 Roland HäderCan be combined and makes code look nicer.
2016-07-25 Roland HäderAdded MySQL internal-use-only function
2016-07-25 Roland HäderAlso log request method
2016-07-20 Roland HäderOne to much ...
2016-07-20 Roland HäderMore PHP function calls (I don't like such RPCs) blocked
2016-02-13 Roland HaederAdded .gitattributes
2015-09-12 Roland HaederOpps ...
2015-09-12 Roland HaederRewrote to MySQLi
2014-11-03 Roland HäderFixed
2014-11-01 Roland HaederAdded proc/self/environ
2014-11-01 Roland HaederAdded 'safe_mode' (php.ini setting).
2014-11-01 Roland HaederDon't continue if the cookie has been set + ticket...
2013-10-18 Roland HaederAdded some php.ini settings to block
2013-08-12 Roland HaederOpps, did forget the fetch :(
2013-08-12 Roland HaederNo more ORDER BY required, cool.
2013-08-12 Roland HaederAdded index + optimized query
2013-08-11 Roland HaederReverted removal, maybe now working?
2013-08-11 Roland HaederOpps :(
2013-08-11 Roland Haeder:( Not good enough
2013-08-11 Roland HaederAdded logging/detection of proxy IP address
2013-08-11 Roland Haederserver_name and script_name can now be NULL and set...
2013-08-09 Roland Haeder%20 was to much here
2013-07-26 Roland HaederJust '/group' was to restrictive (e.g. breaks StatusNet)
2013-07-25 Roland HaederAdded 'Autocomplete' as known-incompatible plugin
2013-07-20 Roland HaederUpdated TODOs.txt
2013-07-20 Roland HaederFix for parser error :(
2013-07-20 Roland HaederResorted almost all pattern checks + used more single...
2013-07-20 Roland HaederWrappers like data://, tcp:// et cetera now blacklisted
2013-07-20 Roland HaederUse constants instead of keywords
2013-07-18 Roland HaederFixes (opps) for bad check, blocked all
2013-07-18 Roland HaederExperimental commit:
2013-06-27 Roland HaederAdded incompatible notice
2013-06-04 Roland HaederExcluded secure_session=1 from mantis
2013-04-18 Roland HaederNow use str_ireplace()
2013-03-30 Roland HaederBetter use this?
2013-03-11 Roland HaederExtended is correct
2013-02-26 Roland HaederRemove even more
2013-02-26 Roland HaederunsetCtrackerData() introduced
2012-12-20 Roland HaederDocu updated, detection array resorted a little
2012-10-24 Roland HaederBlocked also %27 (')
2012-10-24 Roland HaederDetection of attempt of SQL injections added
2012-09-29 Roland HaederTaken care of possible missing elements
2011-09-27 Roland Haeder'cmd=' broke to many legtime requests, cmd.exe should...
2011-09-14 Roland Haeder.pl harms also legitime requests
2011-08-27 Roland HaederNow all forms of '0x' are detected
2011-08-27 Roland HaederDOCUMENT_ROOT and _SERVER added (avoid these things...
2011-07-29 Roland HaederBlock also these
2011-07-29 Roland Haederinit also this
2011-07-29 Roland HaederFix for missing 'ctracker_post_track'
2011-06-24 Roland HaederDetection of hexa-decimal encoded (0xXXXXX) strings...
2011-04-20 Roland Haedersvn:eol-style set to 'native'
2011-04-10 Roland HaederDuplicate entries removed, typo fixed
2011-03-06 Roland HaederCopyright updated
2011-03-06 Roland HaederSome obsolete comment removed
2011-02-09 Roland HaederFixed error reporting for debug mode
2010-11-26 Roland HaederDefault value of 'count' needs to be 1
2010-10-05 Roland HaederConfiguration entry 'ctracker_debug' renamed to 'ctrack...
2010-09-23 Roland HaederSome code blocks moved, detection of '..//' added,...
2010-09-14 Roland HaederSVN properties globally set