Skip to content
Permalink
Browse files Browse the repository at this point in the history
Tweaked the initial module selection code to block out potential atta…
…cks and notify administrators when this happens.
  • Loading branch information
Arthmoor committed Apr 29, 2019
1 parent b109e68 commit ea4f61e
Show file tree
Hide file tree
Showing 2 changed files with 51 additions and 13 deletions.
1 change: 1 addition & 0 deletions docs/ChangeLog.txt
Expand Up @@ -38,6 +38,7 @@ Changes for 2.0:
* The forum for news posts is now settable in the ACP instead of being hardcoded in the PHP files.
* The AdminCP has new icons for decoration.
* The custom logo section of the CSS has been separated into its own file which should not need to be updated during upgrades.
* Tweaked the initial module selection code to block out potential attacks and notify administrators when this happens.

Removed:

Expand Down
63 changes: 50 additions & 13 deletions index.php
Expand Up @@ -30,10 +30,32 @@
die( 'PHP version does not meet minimum requirements. Contact your system administrator.' );
}

function log_hostile_action( $set, $qstring )
{
if( isset( $set['admin_email'] ) ) {
$https = isset( $_SERVER['HTTPS'] ) ? 'https://' : 'http://';

$headers = "From: Your QSF Portal Site <{$set['admin_email']}>\r\n" . "X-Mailer: PHP/" . phpversion();

$agent = isset( $_SERVER['HTTP_USER_AGENT'] ) ? $_SERVER['HTTP_USER_AGENT'] : 'N/A';
$ip = isset( $_SERVER['REMOTE_ADDR'] ) ? $_SERVER['REMOTE_ADDR'] : '127.0.0.1';

$error_report = "QSF Portal has intercepted a possible attack!\n";
$error_report .= "The details are as follows:\n\nURL: $https" . $_SERVER['SERVER_NAME'] . $_SERVER['PHP_SELF'] . "?" . $qstring . "\n";
$error_report .= "Querying user agent: " . $agent . "\n";
$error_report .= "Querying IP: " . $ip . "\n\n";
$error_report = str_replace( "&nbsp;", " ", html_entity_decode( $error_report ) );

@mail( $set['admin_email'], "[QSF Portal] Potential Attack Intercepted", $error_report, $headers );
}
}

define( 'QUICKSILVERFORUMS', true );

date_default_timezone_set( 'UTC' );

session_start();

$time_now = explode( ' ', microtime() );
$time_start = $time_now[1] + $time_now[0];

Expand Down Expand Up @@ -92,23 +114,40 @@

$missing = true;
}
} elseif( !file_exists( 'func/' . $_GET['a'] . '.php' ) ) {
$module = 'main';

if( $_GET['a'] != 'forum_rules' && $_GET['a'] != 'upload_rules' ) {
$qstring = $_SERVER['REQUEST_URI'];
} elseif( !empty( $_GET['a'] ) ) {
if( strstr( $_GET['a'], '/' ) || strstr( $_GET['a'], '\\' ) || strstr( $_GET['a'], '.' ) ) {
if( isset( $_SERVER['QUERY_STRING'] ) && !empty( $_SERVER['QUERY_STRING'] ) ) {
$qstring = $_SERVER['QUERY_STRING'];
}

$missing = true;

$_SESSION = array();

session_destroy();

log_hostile_action( $set, $qstring );

header( 'Clear-Site-Data: "*"' );
} elseif( !file_exists( 'func/' . $_GET['a'] . '.php' ) ) {
$module = 'main';

if( $_GET['a'] != 'forum_rules' && $_GET['a'] != 'upload_rules' ) {
$qstring = $_SERVER['REQUEST_URI'];

$missing = true;
} else {
$terms_module = $_GET['a'];
}
} else {
$terms_module = $_GET['a'];
$module = $_GET['a'];
}
} else {
$module = $_GET['a'];
}
if( isset( $_SERVER['QUERY_STRING'] ) && !empty( $_SERVER['QUERY_STRING'] ) ) {
$qstring = $_SERVER['QUERY_STRING'];

if( strstr( $module, '/' ) || strstr( $module, '\\' ) ) {
header( 'HTTP/1.0 403 Forbidden' );
exit( 'You have been banned from this site.' );
$missing = true;
}
}

// I know this looks corny and all but it mimics the output from a real 404 page.
Expand Down Expand Up @@ -136,8 +175,6 @@
$qsf->sets = $qsf->get_settings( $set );
$qsf->site = $qsf->sets['loc_of_board']; // Will eventually replace $qsf->self once the SEO URL changes are done.

session_start();

$qsf->user_cl = new user( $qsf );
$qsf->user = $qsf->user_cl->login();
$qsf->lang = $qsf->get_lang( $qsf->user['user_language'], $qsf->get['a'] );
Expand Down

0 comments on commit ea4f61e

Please sign in to comment.