Index: auth.php --- auth.php 2008-06-06 17:25:00 +++ auth.php 2008-06-07 00:12:00 @@ -118,12 +118,37 @@ if (!empty($top_message)) { $smarty->assign("top_message", $top_message); $top_message = ""; x_session_save("top_message"); } +## +## Added for security purposes! +## +$stop_user = false; +$_qs = explode('&',$_SERVER['QUERY_STRING']); +if($_qs) { + foreach($_qs AS $v) { + if(strpos($v, 'http://')!==false) { + if(!empty($active_modules["Stop_List"])) { + func_add_ip_to_slist($REMOTE_ADDR, 'H'); + } + $stop_user = true; + } + } +} +if(!$stop_user && !empty($active_modules["Stop_List"])) { + if($stop_list = func_query("SELECT * FROM $sql_tbl[stop_list] WHERE ip LIKE '$REMOTE_ADDR' AND reason = 'H'")) { + $stop_user = true; + } +} +if($stop_user) { + die('

You have been banned for illegal activity.

If you feel this is in error, please contact ' . $config['Company']['site_administrator']); +} + + $current_area="C"; $cat = intval(@$cat); $page = intval(@$page); if(!empty($active_modules['XAffiliate'])) {