##############################################################
## MOD Title: Update CrackerTracker Professional v5.0.3 to v5.0.4
## MOD Author: cback < webmaster@cback.de > (Christian Knerr) http://www.cback.de
##############################################################
## Before Adding This MOD To Your Forum, You Should Back Up All Files Related To This MOD 
##############################################################
## No database Update required!
##############################################################
#
#-----[ OPEN ]------------------------------------------
#
ctracker/engines/ct_security.php

#
#-----[ FIND ]------------------------------------------
#
'onunload', 'onreadystatechange', 'xmlhttp', 'uname%20', 'uname ',

#
#-----[ IN-LINE AFTER ADD ]------------------------------------------
#
'%2C', 'union+', 'select+', 'delete+', 'create+', 'bulk+', 'or+', 'and+',
'into+', 'kill+', '+echr', '+chr', 'cmd+', '+1', 'user_password',


#
#-----[ OPEN ]------------------------------------------
#
ctracker/classes/class_ct_adminfunctions.php

#
#-----[ FIND ]------------------------------------------
#
			if( !get_magic_quotes_gpc() )
      {
        $row['config_name'] = addslashes($row['config_name']);
        $row['config_value'] = addslashes($row['config_value']);
      }
	  
#
#-----[ REPLACE WITH ]------------------------------------------
#
			$row['config_name'] = addslashes($row['config_name']);
			$row['config_value'] = addslashes($row['config_value']);
			
			
#
#-----[ OPEN ]------------------------------------------
#
ctracker/classes/class_ct_userfunctions.php

#
#-----[ FIND ]------------------------------------------
#
	function block_handler()
	{
		global $db, $lang, $ctracker_config, $userdata, $phpbb_root_path, $phpEx;
		
#
#-----[ AFTER ADD ]------------------------------------------
#
		if ( $userdata['user_id'] == ANONYMOUS )
		{
			return;
		}
		
#
#-----[ FIND ]------------------------------------------
#
		// Log it
		include_once($phpbb_root_path . 'ctracker/classes/class_log_manager.' . $phpEx);
		$logfile = new log_manager();
		$logfile->prepare_log($userdata['username']);
		$logfile->write_general_logfile($ctracker_config->settings['logsize_spammer'], 5);

#
#-----[ BEFORE ADD ]------------------------------------------
#
		// Remove Profile data
		$sql = 'UPDATE ' . USERS_TABLE . ' SET user_allowavatar = 0, user_email=\'info@example.com\', user_icq = \'\', user_website=\'\', user_from=\'\', user_sig=\'\', user_aim=\'\', user_yim=\'\', user_msnm=\'\', user_occ=\'\', user_interests=\'\' WHERE user_id = ' . $userdata['user_id'];
		if ( !$result = $db->sql_query($sql) )
		{
			message_die(GENERAL_ERROR, $lang['ctracker_error_updating_userdata'], '', __LINE__, __FILE__, $sql);
		}
		
#
#-----[ OPEN ]------------------------------------------
#
ctracker/constants.php

#
#-----[ FIND ]------------------------------------------
#
define('CTRACKER_VERSION', '5.0.3');		// CrackerTracker Version

#
#-----[ REPLACE WITH ]------------------------------------------
#
define('CTRACKER_VERSION', '5.0.4');		// CrackerTracker Version

#
#-----[ COPY ]------------------------------------------
#
root/ctracker/logfiles/.htaccess 		> ctracker/logfiles/.htaccess

#
# INFO: You have to download the Debug Logfile over FTP then, but your Logfiles will be secured from external access!
#

#
#-----[ SAVE/CLOSE ALL FILES ]------------------------------------------
#
# EoM
