/** * <b>create_footer_layout</b> * Generates the CrackerTracker Footer with or without the Counter value. * * @param $ct_gfn (Integer) Footer Layout Identification Number * @return $ctracker_footer_template (String) HTML Code for the footer Template output */ function create_footer_layout($ct_gfn) { // Globals we need global $images, $lang; // Reset used vars $counter_value_now = 0; $ctracker_footer_template = ''; // Secure $ct_gfn $ct_gfn = intval($ct_gfn); /* * Do we need a counter for the footer? */ if ($ct_gfn == 3 || $ct_gfn == 4 || $ct_gfn == 6 || $ct_gfn == 7 || $ct_gfn == 8) { include_once IP_ROOT_PATH . 'includes/ctracker/classes/class_log_manager.' . PHP_EXT; $footer_mgr = new log_manager(); $footer_mgr->get_counter_value(); $counter_value_now = $footer_mgr->ct_counter_value; unset($footer_mgr); } $footer_mini = '<a href="http://www.cback.de" target="_blank"><img src="' . $images['ctracker_footer_s'] . '" title="' . $lang['ctracker_fdisplay_imgdesc'] . '" alt="' . $lang['ctracker_fdisplay_imgdesc'] . '" align="middle" /></a>'; $footer_big = '<a href="http://www.cback.de" target="_blank"><img src="' . $images['ctracker_footer_b'] . '" title="' . $lang['ctracker_fdisplay_imgdesc'] . '" alt="' . $lang['ctracker_fdisplay_imgdesc'] . '" align="middle" /></a>'; switch ($ct_gfn) { case 1: $ctracker_footer_template = $footer_mini; break; case 2: $ctracker_footer_template = $footer_big; break; //case 3: $ctracker_footer_template = $footer_mini . ' ' . sprintf($lang['ctracker_fdisplay_g'], $counter_value_now); //case 3: $ctracker_footer_template = $footer_mini . '<br />' . sprintf($lang['ctracker_fdisplay_g'], $counter_value_now); //case 3: $ctracker_footer_template = $footer_mini . ' ' . sprintf($lang['ctracker_fdisplay_g'], $counter_value_now); //case 3: $ctracker_footer_template = $footer_mini . '<br />' . sprintf($lang['ctracker_fdisplay_g'], $counter_value_now); case 3: $ctracker_footer_template = sprintf($lang['ctracker_fdisplay_g'], $counter_value_now) . '<br />' . $footer_mini; break; case 4: $ctracker_footer_template = $footer_big . '<br />' . sprintf($lang['ctracker_fdisplay_g'], $counter_value_now); break; case 5: $ctracker_footer_template = $lang['ctracker_fdisplay_n']; break; case 6: $ctracker_footer_template = sprintf($lang['ctracker_fdisplay_c'], $counter_value_now); break; case 7: $ctracker_footer_template = 'CrackerTracker © 2004 - ' . gmdate('Y') . ' <a href="http://www.cback.de" target="_blank">CBACK.de</a>'; break; case 8: $ctracker_footer_template = '<a href="http://www.cback.de" target="_blank">' . sprintf($lang['ctracker_fdisplay_g'], $counter_value_now) . '</a>'; break; default: $ctracker_footer_template = $footer_mini . '<br />CrackerTracker © 2004 - ' . gmdate('Y') . ' <a href="http://www.cback.de" target="_blank">CBACK.de</a>'; break; } return $ctracker_footer_template; }
/* * For easyer handling we write the current Blocklist Value * into a new var and do a preg_quote. Because we WANT to allow * Joker sing "*" we str_replace the "\*" in a correct preg_match * layout. */ $current_value = preg_quote($ctracker_config->blocklist[$i]); $current_value = str_replace('\\*', '.*?', $current_value); /* * Now lets check if we have matches in the blocklist */ if (preg_match('/^' . $current_value . '$/is', $ct_client_ip) || preg_match('/^' . $current_value . '$/is', $ct_user_agent) || preg_match('/^' . $current_value . '$/is', $ct_remote_host)) { // We have a match, so write the log include_once IP_ROOT_PATH . 'includes/ctracker/classes/class_log_manager.' . PHP_EXT; // write data into logfile $logfile = new log_manager(); $logfile->write_general_logfile($config['ctracker_ipblock_logsize'], 3); unset($logfile); // generate HTML output $htmloutput = '<html> <head><title>CBACK CrackerTracker :: Security Alert</title></head> <body> <br /> <div align="center"> <table style="border:2px solid #000000" border="0" width="600" cellpadding="10" cellspacing="0"> <tr> <td align="left" bgcolor="#000000"><font face="Tahoma, Arial, Helvetica" size="4" color="#ffffff"><b>SECURITY ALERT » » » »</b></font></td> </tr> <tr> <td bgcolor="#fff2cf" align="left"> <font face="Tahoma, Arial, Helvetica" size="2" color="#000000"><b>CBACK CrackerTracker</b> blocked you because the Admin blocked your IP range, useragent or hostname from this board.<br /><br />
/** * <b>block_handler</b> * Blocks a user if required */ function block_handler() { global $db, $config, $user, $lang; if ($user->data['user_id'] == ANONYMOUS) { return; } if (intval($config['ctracker_spammer_blockmode']) == 1 && $user->data['user_id'] != ANONYMOUS) { // Ban user $sql = "INSERT INTO " . BANLIST_TABLE . "(`ban_id` , `ban_userid` , `ban_ip` , `ban_email`) VALUES ('', '" . $user->data['user_id'] . "', '', NULL);"; if (!$db->sql_query($sql)) { message_die(CRITICAL_ERROR, $lang['ctracker_error_updating_userdata'], '', __LINE__, __FILE__, $sql); } $db->clear_cache('ban_', USERS_CACHE_FOLDER); } elseif (intval($config['ctracker_spammer_blockmode']) == 2) { // Block user $sql = 'UPDATE ' . USERS_TABLE . ' SET user_active = 0 WHERE user_id = ' . $user->data['user_id']; if (!($result = $db->sql_query($sql))) { message_die(GENERAL_ERROR, $lang['ctracker_error_updating_userdata'], '', __LINE__, __FILE__, $sql); } // Mighty Gorgon: Remove all notifications... if (!function_exists('user_clear_notifications')) { include_once IP_ROOT_PATH . 'includes/functions_users_delete.' . PHP_EXT; } $clear_notification = user_clear_notifications($user->data['user_id']); } // Remove Profile data // Removed user_email = '*****@*****.**' $sql = "UPDATE " . USERS_TABLE . " SET user_allowavatar = 0, user_icq = '', user_website = '', user_from = '', user_sig = '', user_aim = '', user_yim = '', user_msnm = '', user_occ = '', user_interests = '' WHERE user_id = " . $user->data['user_id']; if (!($result = $db->sql_query($sql))) { message_die(GENERAL_ERROR, $lang['ctracker_error_updating_userdata'], '', __LINE__, __FILE__, $sql); } // Log it include_once IP_ROOT_PATH . 'includes/ctracker/classes/class_log_manager.' . PHP_EXT; $logfile = new log_manager(); $logfile->prepare_log($user->data['username']); $logfile->write_general_logfile($config['ctracker_logsize_spammer'], 5); unset($logfile); // Log out user if ($user->data['session_logged_in']) { $user->session_kill(); } // Output Info Message message_die(GENERAL_MESSAGE, $lang['ctracker_binf_sban']); }
message_die(CRITICAL_ERROR, "Couldn't start session: login", "", __LINE__, __FILE__); } } } else { if (($login_result['status'] === LOGIN_ERROR_USERNAME) || ($login_result['status'] === LOGIN_ERROR_PASSWORD) || ($login_result['status'] === LOGIN_ERROR_ACTIVE)) { if ($login_result['error_msg'] === 'LOGIN_ERROR_PASSWORD') { // CrackerTracker v5.x if (!class_exists('log_manager')) { include(IP_ROOT_PATH . 'includes/ctracker/classes/class_log_manager.' . PHP_EXT); } $logfile = new log_manager(); $logfile->prepare_log($login_result['user_row']['username']); $logfile->write_general_logfile($config['ctracker_logsize_logins'], 4); unset($logfile); // CrackerTracker v5.x } $error_message = ($login_result['error_msg'] === 'NO_PASSWORD_SUPPLIED') ? $lang[$login_result['error_msg']] : sprintf($lang[$login_result['error_msg']], '<a href="' . append_sid(CMS_PAGE_CONTACT_US) . '">', '</a>'); message_die(GENERAL_MESSAGE, $error_message); } meta_refresh(3, (CMS_PAGE_LOGIN . '?redirect=' . htmlspecialchars($redirect_url))); $message = $lang['Error_login'] . '<br /><br />' . sprintf($lang['Click_return_login'], '<a href="' . CMS_PAGE_LOGIN . '?redirect=' . htmlspecialchars($redirect_url) . '">', '</a>') . '<br /><br />' . sprintf($lang['Click_return_index'], '<a href="' . append_sid(CMS_PAGE_FORUM) . '">', '</a>'); message_die(GENERAL_MESSAGE, $message); }
$ct_attack_detection = true; // Attack found so we can leave the foreach loop break; } } } } } } } if ($ct_attack_detection) { if (CT_DEBUG_MODE !== true) { // include class for Logfile Management include_once IP_ROOT_PATH . 'includes/ctracker/classes/class_log_manager.' . PHP_EXT; // write data into logfile $logfile = new log_manager(); $logfile->write_worm(); unset($logfile); } if ($disable_ct_warning == false) { // generate HTML Message $htmloutput = <<<EOM <html> <head><title>CBACK CrackerTracker :: Security Alert</title></head> <body> <br /> <div align="center"> <table style="border:2px solid #000000" border="0" width="600" cellpadding="10" cellspacing="0"> <tr> \t<td align="left" bgcolor="#000000"><font face="Tahoma, Arial, Helvetica" size="4" color="#FFFFFF"><b>SECURITY ALERT » » » »</b></font></td> </tr>
$latest_version = str_replace('rc', 'RC', strtolower(trim($latest_version_info[0]))); $current_version = str_replace('rc', 'RC', strtolower($config['ip_version'])); $version_up_to_date = version_compare($current_version, $latest_version, '<') ? false : true; } /* * Template file association */ $template->set_filenames(array('ct_body' => ADM_TPL . 'acp_maintenance.tpl')); // First we look wich mode the user has selected $mode = request_var('mode', ''); // Reset used vars $uplink_values = array(); $chmod_values = array(); $chmod_path = array(); $testvalue = array(); $logmanager = new log_manager(); $operation_err = false; $mode_selected = false; $error_message = ''; // Lets test if chmod was set correctly on the logfiles for ($i = 1; $i <= 6; $i++) { $chmod_path[$i] = $logmanager->create_ct_path($i); if (is_writeable($chmod_path[$i]) && is_readable($chmod_path[$i])) { $chmod_values[$i] = true; } else { $chmod_values[$i] = false; } $chmod_path[$i] = str_replace('./../', '', $chmod_path[$i]); } // We don't need the logmanager any longer unset($logmanager);
* @author Christian Knerr (cback) and Tekin Birdüzen (cYbercOsmOnauT) * @package ctracker * @version 5.0.6 * @since 26.07.2006 - 13:29:09 * @copyright (c) 2006 www.cback.de * */ // Constant check if (!defined('IN_ICYPHOENIX') || !defined('CTRACKER_ACP')) { die('Hacking attempt!'); } /* * Template assignment */ $template->set_filenames(array('ct_body' => ADM_TPL . 'acp_logmanager.tpl')); $logmanager = new log_manager(); $mode = request_var('mode', ''); $logid = request_var('logid', ''); if ($mode == 'delete') { if ($logid != 6) { // Do not increment the counter for debug entrys $logmanager->increment_counter($logmanager->check_log_size($logid)); } $logmanager->delete_logfile($logid); $template->assign_block_vars('infobox', array('L_MESSAGE_TEXT' => $lang['ctracker_log_manager_deleted'])); } elseif ($mode == 'delete_all') { for ($i = 2; $i <= 6; $i++) { if ($i != 6) { // Do not increment the counter for debug entrys $logmanager->increment_counter($logmanager->check_log_size($i)); }