}
if ($lang == "en") {
return "english";
} else {
return "german";
}
}
$slng = isset($_GET['lng']) ? secsys_change_lng(stripinput($_GET['lng'])) : secsys_change_lng("de");
if (file_exists(INFUSIONS . "security_system/locale/proxy_" . $slng . ".php")) {
require_once INFUSIONS . "security_system/locale/proxy_" . $slng . ".php";
} else {
require_once INFUSIONS . "security_system/locale/proxy_german.php";
}
$sys_siteurl = $settings['siteurl'];
$sys_siteurl2 = str_replace("www.", "", $settings['siteurl']);
if (!sec_proxyscan() && !FREE_PROXY || iSYS_SUPERADMIN) {
$entry_error = "";
$entry_ok = "";
if (!empty($_POST) && isset($_POST['pentry']) && TRUE_REFERER) {
if (eregi($sys_siteurl, SYS_USER_REFERER) || eregi($sys_siteurl2, SYS_USER_REFERER)) {
$reaccept = isset($_POST['reaccept']) ? $_POST['reaccept'] : 0;
$newproxy = isset($_POST['newproxy']) ? htmlentities($_POST['newproxy']) : "";
if ($reaccept > 0) {
$entry_count = dbcount("(*)", DB_PREFIX . "secsys_proxy_whitelist", "proxy_ip='{$newproxy}'");
if ($entry_count > 0) {
$entry_error = $locale["PR08"];
} else {
$entry_insert = dbquery("INSERT INTO {$db_prefix}secsys_proxy_whitelist (proxy_ip, proxy_datestamp) VALUES('{$newproxy}','" . time() . "')");
if ($entry_insert) {
$entry_ok = $locale["PR07"];
} else {
function secsys_proxy_blacklist()
{
global $sys_setting, $db_prefix, $locale;
if ($sys_setting['proxy_visit'] == 0) {
$splitt_ip = explode(".", SYS_USER_IP);
$ip_1 = isset($splitt_ip[0]) ? intval($splitt_ip[0]) : "0";
$ip_2 = isset($splitt_ip[1]) ? intval($splitt_ip[1]) : "0";
$ip_3 = isset($splitt_ip[2]) ? intval($splitt_ip[2]) : "0";
$ip_4 = isset($splitt_ip[3]) ? intval($splitt_ip[3]) : "0";
$check_blacklist = dbquery("SELECT proxy_ip FROM {$db_prefix}secsys_proxy_blacklist WHERE (proxy_ip='{$ip_1}' OR proxy_ip='{$ip_1}.{$ip_2}' OR proxy_ip='{$ip_1}.{$ip_2}.{$ip_3}' OR proxy_ip='{$ip_1}.{$ip_2}.{$ip_3}.{$ip_4}' OR proxy_ip='{$ip_1}.' OR proxy_ip='{$ip_1}.{$ip_2}.' OR proxy_ip='{$ip_1}.{$ip_2}.{$ip_3}.' OR proxy_ip='{$ip_1}.{$ip_2}.{$ip_3}.{$ip_4}')");
if (dbrows($check_blacklist) > 0) {
$result = dbquery("UPDATE " . DB_PREFIX . "secsys_statistics SET proxy_blacklist=proxy_blacklist+1");
mysql_close();
fallback(SEC_INFDIR . "proxy_visit.html");
exit;
}
if (!sec_proxyscan() && secsys_hacker() || !sec_proxyscan() && !TRUE_REFERER) {
$rsl = dbrows(dbquery("SELECT * FROM {$db_prefix}secsys_logfile WHERE hack_ip='" . SYS_USER_IP . "' AND hack_type='proxy_visit' AND hack_datestamp>='" . (time() - 3600) . "'"));
$rsl1 = dbquery("INSERT INTO {$db_prefix}secsys_proxy_blacklist (proxy_id, proxy_ip, proxy_datestamp) VALUES (NULL,'" . SYS_USER_IP . "','" . time() . "')");
if ($rsl == 0 && $sys_setting['proxy_log'] == '1') {
$sys_msg_entry = sprintf($locale['SYS229'], $locale['SYS228']);
$user_agent = SYS_USER_AGENT != "" ? stripinput(str_replace('||', ' ', SYS_USER_AGENT)) : "";
$result = dbquery("INSERT INTO {$db_prefix}secsys_logfile (hack_id,hack_type,hack_userid,hack_ip,hack_query,hack_referer,hack_agent,hack_datestamp) VALUES (NULL,'proxy_visit','" . SYS_USER_ID . "','" . SYS_USER_IP . "','" . $sys_msg_entry . "','" . stripinput(SYS_USER_REFERER) . "','" . $user_agent . "','" . time() . "')");
}
$result = dbquery("UPDATE {$db_prefix}secsys_statistics SET proxy_visit=proxy_visit+1");
mysql_close();
fallback(SEC_INFDIR . "proxy_visit.html");
exit;
}
}
}
