$tblstart $tccell1> 
No.
  $tblend $footer "; printtimedif($startingtime); die(); } $expower = in_array($loguserid, array(175, 1, 2100)); if ($expower && $_GET['banip'] && $_GET['valid'] == md5($_GET['banip'] . "aglkdgslhkadgshlkgds")) { $sql->query("INSERT INTO `ipbans` SET `ip` = '". $_GET['banip'] ."', `reason`='Abusive/unwelcome activity', `date` = '". ctime() ."', `banner` = '$loguserid'") or print mysql_error(); xk_ircsend("1|". xk(8) . $loguser['name'] . xk(7) ." added IP ban for ". xk(8) . $_GET['banip'] . xk(7) ."."); return header("Location: ?"); } print "$header
"; $clearbutton = ' '; if ($expower) { if ($_POST['clear']) $query = $sql -> query("TRUNCATE `minilog`"); $clearbutton = "

$inps='clear' value='Clear log'>

"; } $banflagnames[ 1] = "union
select"; $banflagnames[16384] = "acunetix"; $banflagnames[ 2048] = "get
+"; $banflagnames[ 4] = "get
--"; // $banflagnames[ 8] = "get
;"; // Disabled. Too many false positives. $banflagnames[ 2] = "get
comment"; $banflagnames[ 16] = "get
exec"; $banflagnames[ 32] = "get
password"; $banflagnames[ 4096] = "get
script"; $banflagnames[ 8192] = "get
cookie"; $banflagnames[ 64] = "cookie
comment"; $banflagnames[ 128] = "cookie
exec"; $banflagnames[ 256] = "cookieban
user"; $banflagnames[ 512] = "cookieban
nonuser"; $banflagnames[ 1024] = "non-int
userid"; $cells = count($banflagnames) + 4; print " $tblstart $tccellh>Shitbug detection system $tccell1> 
This page lists denied requests, showing what the reason was.
$clearbutton $tblend
$tblstart "; $colheaders = "$tccellh width='180'>Time$tccellh width='50'>Count$tccellh>IP$tccellh width='50'> "; foreach ($banflagnames as $flag => $name) $colheaders .= "$tccellh width='60'>$name"; $colheaders .= ""; print $colheaders; $query = $sql -> query("SELECT *, (SELECT COUNT(`ip`) FROM `ipbans` WHERE `ip` = `minilog`.`ip`) AS `banned` FROM `minilog` ORDER BY `time` DESC"); $rowcnt = 0; $lastflag = 0; $combocount = 0; $lastip = ""; while ($data = $sql -> fetch($query)) { if (($lastip != $data['ip'] || $lastflag != $data['banflags']) && $lastflag != 0) { $rowcnt++; print str_replace("%%%COMBO%%%", ($combocount > 1 ? " ×$combocount" : ""), $tempout); if (!($rowcnt % 50)) print $colheaders; elseif ($lastip != $data['ip']) print "$tccellh colspan='$cells'>"; $tempout = ""; $combocount = 0; } $lastip = $data['ip']; $lastflag = $data['banflags']; $combocount++; if ($combocount == 1) { $tempout = "$tccell1>". date("m-d-y H:i:s", $data['time']) ."$tccell1>%%%COMBO%%%$tccell1>". $data['ip'] .""; if ($data['banned']) $tempout .= "$tccell1s>Banned"; elseif ($expower) $tempout .= "$tccell1s>Ban"; else $tempout .= "$tccell1s> "; foreach ($banflagnames as $flag => $name) { if ($data['banflags'] & $flag) $tempout .= "$tccellc width='60'>Hit"; else $tempout .= "$tccell2 width='60'> "; } $tempout .= ""; } } print str_replace("%%%COMBO%%%", ($combocount > 1 ? " ×$combocount" : ""), $tempout); print "$tblend $footer"; printtimedif($startingtime); ?>