Index: admin/stop_list.php
===================================================================
--- admin/stop_list.php	(revision 259)
+++ admin/stop_list.php	(working copy)
@@ -146,7 +146,7 @@
 	foreach ($stop_list as $k => $v) {
 		if ($v['reason'] == 'M') {
 			$stop_list[$k]['reason_text'] = func_get_langvar_by_name("lbl_added_by_admin");
-		} elseif (in_array($v['reason'], array('T','P','S','F','A'))) {
+		} elseif (in_array($v['reason'], array('T','P','S','F','A','H'))) {
 			$stop_list[$k]['reason_text'] = func_get_langvar_by_name("lbl_slist_reason_".strtolower($v['reason']));
 		} else {
 			$stop_list[$k]['reason_text'] = func_get_langvar_by_name("lbl_unknown");
Index: auth.php
===================================================================
--- auth.php	(revision 259)
+++ auth.php	(working copy)
@@ -43,6 +43,30 @@
 
 include_once $xcart_dir."/init.php";
 
+##
+## Added for security purposes!
+##
+$stop_user = false;
+parse_str($_SERVER['QUERY_STRING'], $_qs);
+if($_qs) {
+	foreach($_qs AS $k=>$v) {
+		if(substr($v, 0, 4)=='http' || substr($v, 0, 3)=='ftp') {
+			if(!empty($active_modules["Stop_List"])) {
+				func_add_ip_to_slist($REMOTE_ADDR, 'H');
+			}
+			$stop_user = true;
+		}
+	}
+}
+if(!$stop_user && !empty($active_modules["Stop_List"])) {
+	if($stop_list = func_query("SELECT * FROM $sql_tbl[stop_list] WHERE ip LIKE '$REMOTE_ADDR' AND reason = 'H'")) {
+		$stop_user = true;
+	}
+}
+if($stop_user) {
+	die('<h2>You have been banned for illegal activity.</h2><br /><br />If you feel this is in error, please contact ' . $config['Company']['site_administrator']);
+}
+
 $current_area="C";
 
 x_load('files');