X-Git-Url: http://mop.ddnsfree.com/gitweb/?a=blobdiff_plain;f=web%2FObj%2Fcurl-de-brisk.phh;h=47244fb2aa564a4c47ab6d80338a45880ae053fa;hb=7f81ae823b3a5d1a0a50ec2eebe31c752871c800;hp=3c6696b89e417a413cb0de94827b1fc2e2f7ad72;hpb=6928afe91102eca663992247d3459065fd87d849;p=curl-de-sac.git

diff --git a/web/Obj/curl-de-brisk.phh b/web/Obj/curl-de-brisk.phh
index 3c6696b..47244fb 100755
--- a/web/Obj/curl-de-brisk.phh
+++ b/web/Obj/curl-de-brisk.phh
@@ -165,47 +165,34 @@ class Proxy_chk_cmd_cls extends CDS_cmd_cls {
         parent::__construct("proxy_chk", 10);
 
         $this->scan_headers = array(
-                                    'HTTP_VIA',
-                                    'HTTP_X_FORWARDED_FOR',
-                                    'HTTP_FORWARDED_FOR',
-                                    'HTTP_X_FORWARDED',
-                                    'HTTP_FORWARDED',
-                                    'HTTP_CLIENT_IP',
-                                    'HTTP_FORWARDED_FOR_IP',
-                                    'VIA',
-                                    'X_FORWARDED_FOR',
-                                    'FORWARDED_FOR',
-                                    'X_FORWARDED',
-                                    'FORWARDED',
-                                    'CLIENT_IP',
-                                    'FORWARDED_FOR_IP',
-                                    'HTTP_PROXY_CONNECTION'
+                                    'Http-Via',
+                                    'Http-X-Forwarded-For',
+                                    'Http-Forwarded-For',
+                                    'Http-X-Forwarded',
+                                    'Http-Forwarded',
+                                    'Http-Client-Ip',
+                                    'Http-Forwarded-For-Ip',
+                                    'Via',
+                                    'X-Forwarded-For',
+                                    'Forwarded-For',
+                                    'X-Forwarded',
+                                    'Forwarded',
+                                    'Client-Ip',
+                                    'Forwarded-For-Ip',
+                                    'Http-Proxy-Connection'
                                     );
     }
 
     function create($cds, $ctx, $user_idx, $user_sess, $conn_ip, $is_auth, $headers)
     {
         if ($cds->dbg_get() > 0) {
-            printf("'proxy_chk'::create url:[%s]\n", 'PROXY_CHK_URL');
+            fprintf(STDERR, "'proxy_chk'::create url:[%s]\n", 'PROXY_CHK_URL');
         }
 
         foreach($this->scan_headers as $key){
             //proxy detected? lets log...
             if(array_key_exists($key, $headers)) {
                 // we already are behind a PROXY, this are our headers
-                if ($key == 'X-Proxy-ID') {
-                    if ($headers[$key] == '860705422')
-                        continue;
-                }
-                else if ($key == 'X-Forwarded-For') {
-                    if ($headers[$key] == '172.16.9.66')
-                        continue;
-                }
-                else if ($key == 'Via') {
-                    if ($headers[$key] == '1.1 172.16.8.1 (Mikrotik HttpProxy)')
-                        continue;
-                }
-
                 proxy_chk_postprocess($ctx, $user_idx, $user_sess, $conn_ip, $is_auth, TRUE);
                 return TRUE;
             }
@@ -289,7 +276,7 @@ function proxy_chk_postprocess($brisk, $user_idx, $user_sess, $conn_ip, $is_auth
 {
     log_cds(sprintf("proxy: user_idx: %d, user_sess: %s, conn_ip: %s, is_auth: %s, is_proxy: %s",
                     $user_idx, $user_sess, $conn_ip, ($is_auth ? "YES" : "NO"), ($is_proxy ? "YES" : "NO")));
-    if (FALSE && $is_proxy) {
+    if (!$brisk->user[$user_idx]->is_auth() && $is_proxy) {
         $brisk->kickuser_by_sess($user_sess, 5); // GHOST_SESS_REAS_ANON
     }
     $brisk->user[$user_idx]->pend_async--;