XOOPS /
XoopsCore25
@@ -126,7 +126,7 @@ discard block |
||
| 126 | 126 | $this->_safe_contami = false; |
| 127 | 127 | $this->last_error_type = 'CONTAMI'; |
| 128 | 128 | } |
| 129 | - $this->_initial_recursive($subval, $key . '_' . base64_encode($subkey)); |
|
| 129 | + $this->_initial_recursive($subval, $key.'_'.base64_encode($subkey)); |
|
| 130 | 130 | } |
| 131 | 131 | } else { |
| 132 | 132 | // check nullbyte attack |
@@ -163,13 +163,13 @@ discard block |
||
| 163 | 163 | */ |
| 164 | 164 | public function updateConfFromDb() |
| 165 | 165 | { |
| 166 | - $constpref = '_MI_' . strtoupper($this->mydirname); |
|
| 166 | + $constpref = '_MI_'.strtoupper($this->mydirname); |
|
| 167 | 167 | |
| 168 | 168 | if (empty($this->_conn)) { |
| 169 | 169 | return false; |
| 170 | 170 | } |
| 171 | 171 | |
| 172 | - $result = @mysqli_query($this->_conn, 'SELECT conf_name,conf_value FROM ' . XOOPS_DB_PREFIX . "_config WHERE conf_title like '" . $constpref . "%'"); |
|
| 172 | + $result = @mysqli_query($this->_conn, 'SELECT conf_name,conf_value FROM '.XOOPS_DB_PREFIX."_config WHERE conf_title like '".$constpref."%'"); |
|
| 173 | 173 | if (!$result || mysqli_num_rows($result) < 5) { |
| 174 | 174 | return false; |
| 175 | 175 | } |
@@ -214,7 +214,7 @@ discard block |
||
| 214 | 214 | $this->purgeNoExit(); |
| 215 | 215 | |
| 216 | 216 | if ($redirect_to_top) { |
| 217 | - header('Location: ' . XOOPS_URL . '/'); |
|
| 217 | + header('Location: '.XOOPS_URL.'/'); |
|
| 218 | 218 | exit; |
| 219 | 219 | } else { |
| 220 | 220 | $ret = $this->call_filter('prepurge_exit'); |
@@ -240,7 +240,7 @@ discard block |
||
| 240 | 240 | public function purgeCookies() |
| 241 | 241 | { |
| 242 | 242 | if (!headers_sent()) { |
| 243 | - $domain = defined(XOOPS_COOKIE_DOMAIN) ? XOOPS_COOKIE_DOMAIN : ''; |
|
| 243 | + $domain = defined(XOOPS_COOKIE_DOMAIN) ? XOOPS_COOKIE_DOMAIN : ''; |
|
| 244 | 244 | $past = time() - 3600; |
| 245 | 245 | foreach ($_COOKIE as $key => $value) { |
| 246 | 246 | setcookie($key, '', $past, '', $domain); |
@@ -303,7 +303,7 @@ discard block |
||
| 303 | 303 | $agent = @$_SERVER['HTTP_USER_AGENT']; |
| 304 | 304 | |
| 305 | 305 | if ($unique_check) { |
| 306 | - $result = mysqli_query($this->_conn, 'SELECT ip,type FROM ' . XOOPS_DB_PREFIX . '_' . $this->mydirname . '_log ORDER BY timestamp DESC LIMIT 1'); |
|
| 306 | + $result = mysqli_query($this->_conn, 'SELECT ip,type FROM '.XOOPS_DB_PREFIX.'_'.$this->mydirname.'_log ORDER BY timestamp DESC LIMIT 1'); |
|
| 307 | 307 | list($last_ip, $last_type) = mysqli_fetch_row($result); |
| 308 | 308 | if ($last_ip == $ip && $last_type == $type) { |
| 309 | 309 | $this->_logged = true; |
@@ -314,12 +314,12 @@ discard block |
||
| 314 | 314 | |
| 315 | 315 | mysqli_query( |
| 316 | 316 | $this->_conn, |
| 317 | - 'INSERT INTO ' . XOOPS_DB_PREFIX . '_' . $this->mydirname . "_log SET ip='" |
|
| 318 | - . mysqli_real_escape_string($this->_conn, $ip) . "',agent='" |
|
| 319 | - . mysqli_real_escape_string($this->_conn, $agent) . "',type='" |
|
| 320 | - . mysqli_real_escape_string($this->_conn, $type) . "',description='" |
|
| 321 | - . mysqli_real_escape_string($this->_conn, $this->message) . "',uid='" |
|
| 322 | - . (int)$uid . "',timestamp=NOW()" |
|
| 317 | + 'INSERT INTO '.XOOPS_DB_PREFIX.'_'.$this->mydirname."_log SET ip='" |
|
| 318 | + . mysqli_real_escape_string($this->_conn, $ip)."',agent='" |
|
| 319 | + . mysqli_real_escape_string($this->_conn, $agent)."',type='" |
|
| 320 | + . mysqli_real_escape_string($this->_conn, $type)."',description='" |
|
| 321 | + . mysqli_real_escape_string($this->_conn, $this->message)."',uid='" |
|
| 322 | + . (int)$uid."',timestamp=NOW()" |
|
| 323 | 323 | ); |
| 324 | 324 | $this->_logged = true; |
| 325 | 325 | |
@@ -338,7 +338,7 @@ discard block |
||
| 338 | 338 | $fp = @fopen($this->get_filepath4bwlimit(), 'w'); |
| 339 | 339 | if ($fp) { |
| 340 | 340 | @flock($fp, LOCK_EX); |
| 341 | - fwrite($fp, $expire . "\n"); |
|
| 341 | + fwrite($fp, $expire."\n"); |
|
| 342 | 342 | @flock($fp, LOCK_UN); |
| 343 | 343 | fclose($fp); |
| 344 | 344 | |
@@ -364,7 +364,7 @@ discard block |
||
| 364 | 364 | */ |
| 365 | 365 | public static function get_filepath4bwlimit() |
| 366 | 366 | { |
| 367 | - return XOOPS_VAR_PATH . '/protector/bwlimit' . substr(md5(XOOPS_ROOT_PATH . XOOPS_DB_USER . XOOPS_DB_PREFIX), 0, 6); |
|
| 367 | + return XOOPS_VAR_PATH.'/protector/bwlimit'.substr(md5(XOOPS_ROOT_PATH.XOOPS_DB_USER.XOOPS_DB_PREFIX), 0, 6); |
|
| 368 | 368 | } |
| 369 | 369 | |
| 370 | 370 | /** |
@@ -379,7 +379,7 @@ discard block |
||
| 379 | 379 | $fp = @fopen($this->get_filepath4badips(), 'w'); |
| 380 | 380 | if ($fp) { |
| 381 | 381 | @flock($fp, LOCK_EX); |
| 382 | - fwrite($fp, serialize($bad_ips) . "\n"); |
|
| 382 | + fwrite($fp, serialize($bad_ips)."\n"); |
|
| 383 | 383 | @flock($fp, LOCK_UN); |
| 384 | 384 | fclose($fp); |
| 385 | 385 | |
@@ -445,7 +445,7 @@ discard block |
||
| 445 | 445 | */ |
| 446 | 446 | public static function get_filepath4badips() |
| 447 | 447 | { |
| 448 | - return XOOPS_VAR_PATH . '/protector/badips' . substr(md5(XOOPS_ROOT_PATH . XOOPS_DB_USER . XOOPS_DB_PREFIX), 0, 6); |
|
| 448 | + return XOOPS_VAR_PATH.'/protector/badips'.substr(md5(XOOPS_ROOT_PATH.XOOPS_DB_USER.XOOPS_DB_PREFIX), 0, 6); |
|
| 449 | 449 | } |
| 450 | 450 | |
| 451 | 451 | /** |
@@ -473,7 +473,7 @@ discard block |
||
| 473 | 473 | */ |
| 474 | 474 | public static function get_filepath4group1ips() |
| 475 | 475 | { |
| 476 | - return XOOPS_VAR_PATH . '/protector/group1ips' . substr(md5(XOOPS_ROOT_PATH . XOOPS_DB_USER . XOOPS_DB_PREFIX), 0, 6); |
|
| 476 | + return XOOPS_VAR_PATH.'/protector/group1ips'.substr(md5(XOOPS_ROOT_PATH.XOOPS_DB_USER.XOOPS_DB_PREFIX), 0, 6); |
|
| 477 | 477 | } |
| 478 | 478 | |
| 479 | 479 | /** |
@@ -481,7 +481,7 @@ discard block |
||
| 481 | 481 | */ |
| 482 | 482 | public function get_filepath4confighcache() |
| 483 | 483 | { |
| 484 | - return XOOPS_VAR_PATH . '/protector/configcache' . substr(md5(XOOPS_ROOT_PATH . XOOPS_DB_USER . XOOPS_DB_PREFIX), 0, 6); |
|
| 484 | + return XOOPS_VAR_PATH.'/protector/configcache'.substr(md5(XOOPS_ROOT_PATH.XOOPS_DB_USER.XOOPS_DB_PREFIX), 0, 6); |
|
| 485 | 485 | } |
| 486 | 486 | |
| 487 | 487 | /** |
@@ -560,8 +560,8 @@ discard block |
||
| 560 | 560 | return false; |
| 561 | 561 | } |
| 562 | 562 | |
| 563 | - $target_htaccess = XOOPS_ROOT_PATH . '/.htaccess'; |
|
| 564 | - $backup_htaccess = XOOPS_ROOT_PATH . '/uploads/.htaccess.bak'; |
|
| 563 | + $target_htaccess = XOOPS_ROOT_PATH.'/.htaccess'; |
|
| 564 | + $backup_htaccess = XOOPS_ROOT_PATH.'/uploads/.htaccess.bak'; |
|
| 565 | 565 | |
| 566 | 566 | $ht_body = file_get_contents($target_htaccess); |
| 567 | 567 | |
@@ -586,9 +586,9 @@ discard block |
||
| 586 | 586 | if (substr($regs[2], -strlen($ip)) == $ip) { |
| 587 | 587 | return true; |
| 588 | 588 | } |
| 589 | - $new_ht_body = $regs[1] . "#PROTECTOR#\n" . $regs[2] . " $ip\n#PROTECTOR#\n" . $regs[3]; |
|
| 589 | + $new_ht_body = $regs[1]."#PROTECTOR#\n".$regs[2]." $ip\n#PROTECTOR#\n".$regs[3]; |
|
| 590 | 590 | } else { |
| 591 | - $new_ht_body = "#PROTECTOR#\nDENY FROM $ip\n#PROTECTOR#\n" . $ht_body; |
|
| 591 | + $new_ht_body = "#PROTECTOR#\nDENY FROM $ip\n#PROTECTOR#\n".$ht_body; |
|
| 592 | 592 | } |
| 593 | 593 | |
| 594 | 594 | // error_log( "$new_ht_body\n" , 3 , "/tmp/error_log" ) ; |
@@ -653,7 +653,7 @@ discard block |
||
| 653 | 653 | |
| 654 | 654 | if (!empty($this->_dblayertrap_doubtfuls) || $force_override) { |
| 655 | 655 | @define('XOOPS_DB_ALTERNATIVE', 'ProtectorMysqlDatabase'); |
| 656 | - require_once dirname(__DIR__) . '/class/ProtectorMysqlDatabase.class.php'; |
|
| 656 | + require_once dirname(__DIR__).'/class/ProtectorMysqlDatabase.class.php'; |
|
| 657 | 657 | } |
| 658 | 658 | } |
| 659 | 659 | |
@@ -837,7 +837,7 @@ discard block |
||
| 837 | 837 | if (!is_array($current)) { |
| 838 | 838 | return false; |
| 839 | 839 | } |
| 840 | - $current =& $current[$index]; |
|
| 840 | + $current = & $current[$index]; |
|
| 841 | 841 | } |
| 842 | 842 | |
| 843 | 843 | return $current; |
@@ -857,16 +857,16 @@ discard block |
||
| 857 | 857 | |
| 858 | 858 | switch ($base_array) { |
| 859 | 859 | case 'G' : |
| 860 | - $main_ref =& $this->get_ref_from_base64index($_GET, $indexes); |
|
| 861 | - $legacy_ref =& $this->get_ref_from_base64index($HTTP_GET_VARS, $indexes); |
|
| 860 | + $main_ref = & $this->get_ref_from_base64index($_GET, $indexes); |
|
| 861 | + $legacy_ref = & $this->get_ref_from_base64index($HTTP_GET_VARS, $indexes); |
|
| 862 | 862 | break; |
| 863 | 863 | case 'P' : |
| 864 | - $main_ref =& $this->get_ref_from_base64index($_POST, $indexes); |
|
| 865 | - $legacy_ref =& $this->get_ref_from_base64index($HTTP_POST_VARS, $indexes); |
|
| 864 | + $main_ref = & $this->get_ref_from_base64index($_POST, $indexes); |
|
| 865 | + $legacy_ref = & $this->get_ref_from_base64index($HTTP_POST_VARS, $indexes); |
|
| 866 | 866 | break; |
| 867 | 867 | case 'C' : |
| 868 | - $main_ref =& $this->get_ref_from_base64index($_COOKIE, $indexes); |
|
| 869 | - $legacy_ref =& $this->get_ref_from_base64index($HTTP_COOKIE_VARS, $indexes); |
|
| 868 | + $main_ref = & $this->get_ref_from_base64index($_COOKIE, $indexes); |
|
| 869 | + $legacy_ref = & $this->get_ref_from_base64index($HTTP_COOKIE_VARS, $indexes); |
|
| 870 | 870 | break; |
| 871 | 871 | default : |
| 872 | 872 | exit; |
@@ -874,7 +874,7 @@ discard block |
||
| 874 | 874 | if (!isset($main_ref)) { |
| 875 | 875 | exit; |
| 876 | 876 | } |
| 877 | - $request_ref =& $this->get_ref_from_base64index($_REQUEST, $indexes); |
|
| 877 | + $request_ref = & $this->get_ref_from_base64index($_REQUEST, $indexes); |
|
| 878 | 878 | if ($request_ref !== false && $main_ref == $request_ref) { |
| 879 | 879 | $request_ref = $val; |
| 880 | 880 | } |
@@ -945,7 +945,7 @@ discard block |
||
| 945 | 945 | $image_attributes = @getimagesize($_file['tmp_name']); |
| 946 | 946 | if ($image_attributes === false && is_uploaded_file($_file['tmp_name'])) { |
| 947 | 947 | // open_basedir restriction |
| 948 | - $temp_file = XOOPS_ROOT_PATH . '/uploads/protector_upload_temporary' . md5(time()); |
|
| 948 | + $temp_file = XOOPS_ROOT_PATH.'/uploads/protector_upload_temporary'.md5(time()); |
|
| 949 | 949 | move_uploaded_file($_file['tmp_name'], $temp_file); |
| 950 | 950 | $image_attributes = @getimagesize($temp_file); |
| 951 | 951 | @unlink($temp_file); |
@@ -1002,7 +1002,7 @@ discard block |
||
| 1002 | 1002 | if ($str === false) { |
| 1003 | 1003 | $this->message .= "Isolated comment-in found. ($val)\n"; |
| 1004 | 1004 | if ($sanitize) { |
| 1005 | - $this->replace_doubtful($key, $val . '*/'); |
|
| 1005 | + $this->replace_doubtful($key, $val.'*/'); |
|
| 1006 | 1006 | } |
| 1007 | 1007 | $this->_safe_isocom = false; |
| 1008 | 1008 | $this->last_error_type = 'ISOCOM'; |
@@ -1089,16 +1089,16 @@ discard block |
||
| 1089 | 1089 | break; |
| 1090 | 1090 | case 'san' : |
| 1091 | 1091 | $_POST = array(); |
| 1092 | - $this->message .= 'POST deleted for IP:' . $_SERVER['REMOTE_ADDR']; |
|
| 1092 | + $this->message .= 'POST deleted for IP:'.$_SERVER['REMOTE_ADDR']; |
|
| 1093 | 1093 | break; |
| 1094 | 1094 | case 'biptime0' : |
| 1095 | 1095 | $_POST = array(); |
| 1096 | - $this->message .= 'BAN and POST deleted for IP:' . $_SERVER['REMOTE_ADDR']; |
|
| 1096 | + $this->message .= 'BAN and POST deleted for IP:'.$_SERVER['REMOTE_ADDR']; |
|
| 1097 | 1097 | $this->_should_be_banned_time0 = true; |
| 1098 | 1098 | break; |
| 1099 | 1099 | case 'bip' : |
| 1100 | 1100 | $_POST = array(); |
| 1101 | - $this->message .= 'Ban and POST deleted for IP:' . $_SERVER['REMOTE_ADDR']; |
|
| 1101 | + $this->message .= 'Ban and POST deleted for IP:'.$_SERVER['REMOTE_ADDR']; |
|
| 1102 | 1102 | $this->_should_be_banned = true; |
| 1103 | 1103 | break; |
| 1104 | 1104 | } |
@@ -1115,15 +1115,15 @@ discard block |
||
| 1115 | 1115 | } |
| 1116 | 1116 | |
| 1117 | 1117 | $query = ''; |
| 1118 | - $query .= (empty($ip)) ? '' : '&ip=' . $ip; |
|
| 1119 | - $query .= (empty($email)) ? '' : '&email=' . $email; |
|
| 1120 | - $query .= (empty($username)) ? '' : '&username=' . $username; |
|
| 1118 | + $query .= (empty($ip)) ? '' : '&ip='.$ip; |
|
| 1119 | + $query .= (empty($email)) ? '' : '&email='.$email; |
|
| 1120 | + $query .= (empty($username)) ? '' : '&username='.$username; |
|
| 1121 | 1121 | |
| 1122 | 1122 | if (empty($query)) { |
| 1123 | 1123 | return false; |
| 1124 | 1124 | } |
| 1125 | 1125 | |
| 1126 | - $url = 'http://www.stopforumspam.com/api?f=json' . $query; |
|
| 1126 | + $url = 'http://www.stopforumspam.com/api?f=json'.$query; |
|
| 1127 | 1127 | $ch = curl_init(); |
| 1128 | 1128 | curl_setopt($ch, CURLOPT_URL, $url); |
| 1129 | 1129 | curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); |
@@ -1153,7 +1153,7 @@ discard block |
||
| 1153 | 1153 | return true; |
| 1154 | 1154 | } |
| 1155 | 1155 | |
| 1156 | - $ip = \Xmf\IPAddress::fromRequest(); |
|
| 1156 | + $ip = \Xmf\IPAddress::fromRequest(); |
|
| 1157 | 1157 | if (false === $ip->asReadable()) { |
| 1158 | 1158 | return true; |
| 1159 | 1159 | } |
@@ -1164,7 +1164,7 @@ discard block |
||
| 1164 | 1164 | |
| 1165 | 1165 | // gargage collection |
| 1166 | 1166 | $result = $xoopsDB->queryF( |
| 1167 | - 'DELETE FROM ' . $xoopsDB->prefix($this->mydirname . '_access') |
|
| 1167 | + 'DELETE FROM '.$xoopsDB->prefix($this->mydirname.'_access') |
|
| 1168 | 1168 | . ' WHERE expire < UNIX_TIMESTAMP()' |
| 1169 | 1169 | ); |
| 1170 | 1170 | |
@@ -1176,13 +1176,13 @@ discard block |
||
| 1176 | 1176 | } |
| 1177 | 1177 | |
| 1178 | 1178 | // sql for recording access log (INSERT should be placed after SELECT) |
| 1179 | - $sql4insertlog = 'INSERT INTO ' . $xoopsDB->prefix($this->mydirname . '_access') |
|
| 1179 | + $sql4insertlog = 'INSERT INTO '.$xoopsDB->prefix($this->mydirname.'_access') |
|
| 1180 | 1180 | . " SET ip={$ip4sql}, request_uri={$uri4sql}," |
| 1181 | - . " expire=UNIX_TIMESTAMP()+'" . (int)$this->_conf['dos_expire'] . "'"; |
|
| 1181 | + . " expire=UNIX_TIMESTAMP()+'".(int)$this->_conf['dos_expire']."'"; |
|
| 1182 | 1182 | |
| 1183 | 1183 | // bandwidth limitation |
| 1184 | 1184 | if (@$this->_conf['bwlimit_count'] >= 10) { |
| 1185 | - $result = $xoopsDB->query('SELECT COUNT(*) FROM ' . $xoopsDB->prefix($this->mydirname . '_access')); |
|
| 1185 | + $result = $xoopsDB->query('SELECT COUNT(*) FROM '.$xoopsDB->prefix($this->mydirname.'_access')); |
|
| 1186 | 1186 | list($bw_count) = $xoopsDB->fetchRow($result); |
| 1187 | 1187 | if ($bw_count > $this->_conf['bwlimit_count']) { |
| 1188 | 1188 | $this->write_file_bwlimit(time() + $this->_conf['dos_expire']); |
@@ -1191,7 +1191,7 @@ discard block |
||
| 1191 | 1191 | |
| 1192 | 1192 | // F5 attack check (High load & same URI) |
| 1193 | 1193 | $result = $xoopsDB->query( |
| 1194 | - 'SELECT COUNT(*) FROM ' . $xoopsDB->prefix($this->mydirname . '_access') |
|
| 1194 | + 'SELECT COUNT(*) FROM '.$xoopsDB->prefix($this->mydirname.'_access') |
|
| 1195 | 1195 | . " WHERE ip={$ip4sql} AND request_uri={$uri4sql}"); |
| 1196 | 1196 | list($f5_count) = $xoopsDB->fetchRow($result); |
| 1197 | 1197 | if ($f5_count > $this->_conf['dos_f5count']) { |
@@ -1250,7 +1250,7 @@ discard block |
||
| 1250 | 1250 | |
| 1251 | 1251 | // Crawler check (High load & different URI) |
| 1252 | 1252 | $result = $xoopsDB->query( |
| 1253 | - 'SELECT COUNT(*) FROM ' . $xoopsDB->prefix($this->mydirname . '_access') . " WHERE ip={$ip4sql}" |
|
| 1253 | + 'SELECT COUNT(*) FROM '.$xoopsDB->prefix($this->mydirname.'_access')." WHERE ip={$ip4sql}" |
|
| 1254 | 1254 | ); |
| 1255 | 1255 | list($crawler_count) = $xoopsDB->fetchRow($result); |
| 1256 | 1256 | |
@@ -1308,7 +1308,7 @@ discard block |
||
| 1308 | 1308 | { |
| 1309 | 1309 | global $xoopsDB; |
| 1310 | 1310 | |
| 1311 | - $ip = \Xmf\IPAddress::fromRequest(); |
|
| 1311 | + $ip = \Xmf\IPAddress::fromRequest(); |
|
| 1312 | 1312 | if (false === $ip->asReadable()) { |
| 1313 | 1313 | return true; |
| 1314 | 1314 | } |
@@ -1325,23 +1325,23 @@ discard block |
||
| 1325 | 1325 | |
| 1326 | 1326 | // gargage collection |
| 1327 | 1327 | $result = $xoopsDB->queryF( |
| 1328 | - 'DELETE FROM ' . $xoopsDB->prefix($this->mydirname . '_access') . ' WHERE expire < UNIX_TIMESTAMP()' |
|
| 1328 | + 'DELETE FROM '.$xoopsDB->prefix($this->mydirname.'_access').' WHERE expire < UNIX_TIMESTAMP()' |
|
| 1329 | 1329 | ); |
| 1330 | 1330 | |
| 1331 | 1331 | // sql for recording access log (INSERT should be placed after SELECT) |
| 1332 | - $sql4insertlog = 'INSERT INTO ' . $xoopsDB->prefix($this->mydirname . '_access') |
|
| 1332 | + $sql4insertlog = 'INSERT INTO '.$xoopsDB->prefix($this->mydirname.'_access') |
|
| 1333 | 1333 | . " SET ip={$ip4sql}, request_uri={$uri4sql}, malicious_actions={$mal4sql}, expire=UNIX_TIMESTAMP()+600"; |
| 1334 | 1334 | |
| 1335 | 1335 | // count check |
| 1336 | 1336 | $result = $xoopsDB->query( |
| 1337 | - 'SELECT COUNT(*) FROM ' . $xoopsDB->prefix($this->mydirname . '_access') |
|
| 1337 | + 'SELECT COUNT(*) FROM '.$xoopsDB->prefix($this->mydirname.'_access') |
|
| 1338 | 1338 | . " WHERE ip={$ip4sql} AND malicious_actions like 'BRUTE FORCE:%'" |
| 1339 | 1339 | ); |
| 1340 | 1340 | list($bf_count) = $xoopsDB->fetchRow($result); |
| 1341 | 1341 | if ($bf_count > $this->_conf['bf_count']) { |
| 1342 | 1342 | $this->register_bad_ips(time() + $this->_conf['banip_time0']); |
| 1343 | 1343 | $this->last_error_type = 'BruteForce'; |
| 1344 | - $this->message .= "Trying to login as '" . addslashes($victim_uname) . "' found.\n"; |
|
| 1344 | + $this->message .= "Trying to login as '".addslashes($victim_uname)."' found.\n"; |
|
| 1345 | 1345 | $this->output_log('BRUTE FORCE', 0, true, 1); |
| 1346 | 1346 | $ret = $this->call_filter('bruteforce_overrun'); |
| 1347 | 1347 | if ($ret == false) { |
@@ -1379,7 +1379,7 @@ discard block |
||
| 1379 | 1379 | } |
| 1380 | 1380 | |
| 1381 | 1381 | // count BBCode likd [url=www....] up (without [url=http://...]) |
| 1382 | - $this->_spamcount_uri += count(preg_split('/\[url=(?!http|\\"http|\\\'http|' . $http_host . ')/i', $val)) - 1; |
|
| 1382 | + $this->_spamcount_uri += count(preg_split('/\[url=(?!http|\\"http|\\\'http|'.$http_host.')/i', $val)) - 1; |
|
| 1383 | 1383 | } |
| 1384 | 1384 | } |
| 1385 | 1385 | |
@@ -1393,7 +1393,7 @@ discard block |
||
| 1393 | 1393 | $this->_spam_check_point_recursive($_POST); |
| 1394 | 1394 | |
| 1395 | 1395 | if ($this->_spamcount_uri >= $points4deny) { |
| 1396 | - $this->message .= @$_SERVER['REQUEST_URI'] . " SPAM POINT: $this->_spamcount_uri\n"; |
|
| 1396 | + $this->message .= @$_SERVER['REQUEST_URI']." SPAM POINT: $this->_spamcount_uri\n"; |
|
| 1397 | 1397 | $this->output_log('URI SPAM', $uid, false, 128); |
| 1398 | 1398 | $ret = $this->call_filter('spamcheck_overrun'); |
| 1399 | 1399 | if ($ret == false) { |
@@ -1467,11 +1467,11 @@ discard block |
||
| 1467 | 1467 | |
| 1468 | 1468 | // preview CSRF zx 2004/12/14 |
| 1469 | 1469 | // news submit.php |
| 1470 | - if (substr(@$_SERVER['SCRIPT_NAME'], -23) === 'modules/news/submit.php' && isset($_POST['preview']) && strpos(@$_SERVER['HTTP_REFERER'], XOOPS_URL . '/modules/news/submit.php') !== 0) { |
|
| 1470 | + if (substr(@$_SERVER['SCRIPT_NAME'], -23) === 'modules/news/submit.php' && isset($_POST['preview']) && strpos(@$_SERVER['HTTP_REFERER'], XOOPS_URL.'/modules/news/submit.php') !== 0) { |
|
| 1471 | 1471 | $HTTP_POST_VARS['nohtml'] = $_POST['nohtml'] = 1; |
| 1472 | 1472 | } |
| 1473 | 1473 | // news admin/index.php |
| 1474 | - if (substr(@$_SERVER['SCRIPT_NAME'], -28) === 'modules/news/admin/index.php' && ($_POST['op'] === 'preview' || $_GET['op'] === 'preview') && strpos(@$_SERVER['HTTP_REFERER'], XOOPS_URL . '/modules/news/admin/index.php') !== 0) { |
|
| 1474 | + if (substr(@$_SERVER['SCRIPT_NAME'], -28) === 'modules/news/admin/index.php' && ($_POST['op'] === 'preview' || $_GET['op'] === 'preview') && strpos(@$_SERVER['HTTP_REFERER'], XOOPS_URL.'/modules/news/admin/index.php') !== 0) { |
|
| 1475 | 1475 | $HTTP_POST_VARS['nohtml'] = $_POST['nohtml'] = 1; |
| 1476 | 1476 | } |
| 1477 | 1477 | // comment comment_post.php |
@@ -1502,7 +1502,7 @@ discard block |
||
| 1502 | 1502 | */ |
| 1503 | 1503 | public function call_filter($type, $dying_message = '') |
| 1504 | 1504 | { |
| 1505 | - require_once __DIR__ . '/ProtectorFilter.php'; |
|
| 1505 | + require_once __DIR__.'/ProtectorFilter.php'; |
|
| 1506 | 1506 | $filter_handler = ProtectorFilterHandler::getInstance(); |
| 1507 | 1507 | $ret = $filter_handler->execute($type); |
| 1508 | 1508 | if ($ret == false && $dying_message) { |
@@ -57,10 +57,10 @@ discard block |
||
| 57 | 57 | * SOFTWARE. |
| 58 | 58 | */ |
| 59 | 59 | |
| 60 | -if(isset($_POST['Authorization'])) { |
|
| 60 | +if (isset($_POST['Authorization'])) { |
|
| 61 | 61 | define('PROTECTOR_SKIP_DOS_CHECK', 1); |
| 62 | 62 | } |
| 63 | -include __DIR__ . '/mainfile.php'; |
|
| 63 | +include __DIR__.'/mainfile.php'; |
|
| 64 | 64 | $xoopsLogger->activated = false; |
| 65 | 65 | |
| 66 | 66 | /** |
@@ -91,11 +91,11 @@ discard block |
||
| 91 | 91 | XoopsLoad::load('fineuploadhandler', 'system'); |
| 92 | 92 | |
| 93 | 93 | $handler = (property_exists($claims, 'handler')) ? $claims->handler : 'fineuploadhandler'; |
| 94 | -$moddir = (property_exists($claims, 'moddir')) ? $claims->moddir : 'system'; |
|
| 94 | +$moddir = (property_exists($claims, 'moddir')) ? $claims->moddir : 'system'; |
|
| 95 | 95 | |
| 96 | 96 | XoopsLoad::load($handler, $moddir); |
| 97 | 97 | |
| 98 | -$className = $moddir . $handler; |
|
| 98 | +$className = $moddir.$handler; |
|
| 99 | 99 | /* $uploader XoopsFineUploadHandler */ |
| 100 | 100 | $uploader = new $className($claims); |
| 101 | 101 | |
@@ -119,10 +119,10 @@ discard block |
||
| 119 | 119 | // Assumes you have a chunking.success.endpoint set to point here with a query parameter of "done". |
| 120 | 120 | // For example: /myserver/handlers/endpoint.php?done |
| 121 | 121 | if (isset($_GET["done"])) { |
| 122 | - $result = $uploader->combineChunks(XOOPS_ROOT_PATH . "/uploads"); |
|
| 122 | + $result = $uploader->combineChunks(XOOPS_ROOT_PATH."/uploads"); |
|
| 123 | 123 | } else { // Handle upload requests |
| 124 | 124 | // Call handleUpload() with the name of the folder, relative to PHP's getcwd() |
| 125 | - $result = $uploader->handleUpload(XOOPS_ROOT_PATH . "/uploads"); |
|
| 125 | + $result = $uploader->handleUpload(XOOPS_ROOT_PATH."/uploads"); |
|
| 126 | 126 | |
| 127 | 127 | // To return a name used for uploaded file you can use the following line. |
| 128 | 128 | $result["uploadName"] = $uploader->getUploadName(); |
