php warning removed

[mirrors/Kyberia-bloodline.git] / wwwroot / inc / database.inc

diff --git a/wwwroot/inc/database.inc b/wwwroot/inc/database.inc
index 53f698d5588c649bc8a6b65644ba3ec369cff10d..8fcef4eda017d344ca0b7bba3f6e2f3337c6a3d9 100644 (file)
--- a/wwwroot/inc/database.inc
+++ b/wwwroot/inc/database.inc
@@ -63,38 +63,44 @@ function closeMysql() {
 
 function query($sql) {
 
-//             if (preg_match("/^select/i",$sql) && (rand(0,1000)>MASTER2SLAVE) && $this->Master) {
-// every select query goes to onyx + opraveny regexp, aby matchoval vnorene selecty (br)
-               if (preg_match('/^\(?select/i',$sql) && $this->Master) {
-                       $this->_linkId = false;
-                       $this->connect(SLAVE_HOST,SLAVE_USER,SLAVE_PASS,SLAVE_DATABASE);
-                       $this->Master = false;
-
-               }
-
-               elseif (!preg_match("/^select/i",$sql) && !$this->Master) {
-                       $this->_linkId = false;
-                       $this->connect(DB_HOST,DB_USER,DB_PASS,DB_DATABASE);
-                       $this->Master = true;
-               }
+       $this->_linkId = false;
+       $this->connect(DB_HOST,DB_USER,DB_PASS,DB_DATABASE);
+       $this->Master = true;
+
+       // Simple IDS, against automats
+       // When possible attack is detected, 
+       // query & session information is stored into log
+       // Looking for following string in SQL query:
+       // - "user()" (get cur. user)
+       // - "@@version" (get mysql version)
+       // - "AND 1=1" (blind sqli) (too many false positives?)
+       // - "information_schema" (for listing of tables, columns...)
+
+       // - "/*" (comment) (too many false positives?)
+       // - "--" (comment) (too many false positives?)
+
+       if (preg_match('/user\(\)/',$sql) || preg_match('/@@version/',$sql)
+       || preg_match('/information_schema/',$sql)|| preg_match('/AND 1=1/',$sql)
+       ) {
+               logger::log('SQL ALARM',$sql);
+               
+       }
 
-               $this->_queryId = mysql_query($sql,$this->_linkId);
+       $this->_queryId = mysql_query($sql,$this->_linkId);
 
-               if ($_SESSION['debugging']) {
-                       if ($this->Master) echo "Master::";
-                       else echo "Slave::";
-                       echo $sql;
-                       global $timer_start;
-                       echo "<BR>".SubStr((Time()+SubStr(MicroTime(),0,8)-$timer_start),0,7);
-               }
-
-               if ($this->_queryId == false) {
-                       $this->exception("query failed ::$sql::");
-               }
+       if ((isset($_SESSION['debugging']) && $_SESSION['debugging'])) {
+               echo $sql;
+               global $timer_start;
+               echo "<BR>".SubStr((Time()+SubStr(MicroTime(),0,8)-$timer_start),0,7);
+       }
 
-               return new result($this->_queryId, $sql);
+       if ($this->_queryId == false) {
+               $this->exception("query failed ::$sql::");
        }
 
+       return new result($this->_queryId, $sql);
+}
+
 
 function executequery($sql) {
        return($this->query($sql));