Skip to content

Commit 4fe9d0d

Browse files
committed
Update VCounter
Update VCounter
1 parent bc61f1a commit 4fe9d0d

File tree

1 file changed

+10
-10
lines changed

1 file changed

+10
-10
lines changed

Diff for: mod/statistik/vcounter.php

+10-10
Original file line numberDiff line numberDiff line change
@@ -27,29 +27,29 @@ function usersOnline () {
2727
function ipCheck() {
2828

2929
if (getenv('HTTP_CLIENT_IP')) {
30-
$ip = getenv('HTTP_CLIENT_IP');
30+
$ip = mysql_real_escape_string(getenv('HTTP_CLIENT_IP'));
3131
}
3232
elseif (getenv('HTTP_X_FORWARDED_FOR')) {
33-
$ip = getenv('HTTP_X_FORWARDED_FOR');
33+
$ip = mysql_real_escape_string(getenv('HTTP_X_FORWARDED_FOR'));
3434
}
3535
elseif (getenv('HTTP_X_FORWARDED')) {
36-
$ip = getenv('HTTP_X_FORWARDED');
36+
$ip = mysql_real_escape_string(getenv('HTTP_X_FORWARDED'));
3737
}
3838
elseif (getenv('HTTP_FORWARDED_FOR')) {
39-
$ip = getenv('HTTP_FORWARDED_FOR');
39+
$ip = mysql_real_escape_string(getenv('HTTP_FORWARDED_FOR'));
4040
}
4141
elseif (getenv('HTTP_FORWARDED')) {
42-
$ip = getenv('HTTP_FORWARDED');
42+
$ip = mysql_real_escape_string(getenv('HTTP_FORWARDED'));
4343
}
4444
else {
45-
$ip = $_SERVER['REMOTE_ADDR'];
45+
$ip = mysql_real_escape_string($_SERVER['REMOTE_ADDR']);
4646
}
4747
return $ip;
4848
}
4949

5050
function new_user() {
5151
global $db;
52-
$insert = $db->sql_query("INSERT INTO `mod_useronline` (`timestamp`, `ip`) VALUES ('mysql_real_escape_string($this->timestamp)', 'mysql_real_escape_string($this->ip)')");
52+
$insert = $db->sql_query("INSERT INTO `mod_useronline` (`timestamp`, `ip`) VALUES ('$this->timestamp', '$this->ip')");
5353
if (!$insert) {
5454
$this->error[$this->i] = "Unable to record new visitor\r\n";
5555
$this->i ++;
@@ -120,7 +120,7 @@ function count_users() {
120120

121121
$yesterdaystart = $daystart - (24*60*60);
122122
$now = time();
123-
$ip = getIP();
123+
$ip = mysql_real_escape_string(getIP());
124124

125125

126126
$r = mysql_query("SELECT MAX( id ) AS total FROM `mod_visitcounter`");
@@ -140,12 +140,12 @@ function count_users() {
140140
//$query = mysql_query ("DELETE FROM `mod_visitcounter` WHERE `id`<'$temp'");
141141
}
142142

143-
$item = mysql_fetch_assoc(mysql_query ("SELECT COUNT(*) AS `total` FROM `mod_visitcounter` WHERE `ip`='mysql_real_escape_string($ip)' AND (tm+'$locktime')>'$now'"));
143+
$item = mysql_fetch_assoc(mysql_query ("SELECT COUNT(*) AS `total` FROM `mod_visitcounter` WHERE `ip`='$ip' AND (tm+'$locktime')>'$now'"));
144144
$items = $item['total'];
145145

146146
if (empty($items))
147147
{
148-
mysql_query ("INSERT INTO `mod_visitcounter` (`id`, `tm`, `ip`) VALUES ('', '$now', 'mysql_real_escape_string($ip)')");
148+
mysql_query ("INSERT INTO `mod_visitcounter` (`id`, `tm`, `ip`) VALUES ('', '$now', '$ip')");
149149
}
150150

151151
$n = $all_visitors;

0 commit comments

Comments
 (0)