| 
<?php
 /**
 * @return bool
 */
 function protector_prepare()
 {
 // check the access is from install/index.php
 if (defined('_INSTALL_CHARSET') && !is_writable(XOOPS_ROOT_PATH . '/mainfile.php')) {
 die('To use installer, remove protector\'s lines from mainfile.php first.');
 }
 
 // Protector class
 require_once dirname(__DIR__) . '/class/protector.php';
 
 // Protector object
 $protector = Protector::getInstance();
 $conf      = $protector->getConf();
 
 // bandwidth limitation
 if (@$conf['bwlimit_count'] >= 10) {
 $bwexpire = $protector->get_bwlimit();
 if ($bwexpire > time()) {
 header('HTTP/1.0 503 Service unavailable');
 $protector->call_filter('precommon_bwlimit', 'This website is very busy now. Please try later.');
 }
 }
 
 // bad_ips
 $bad_ips      = $protector->get_bad_ips(true);
 $bad_ip_match = $protector->ip_match($bad_ips);
 if ($bad_ip_match) {
 $protector->call_filter('precommon_badip', 'You are registered as BAD_IP by Protector.');
 }
 
 // global enabled or disabled
 if (!empty($conf['global_disabled'])) {
 return true;
 }
 
 // reliable ips
 $reliable_ips = @unserialize(@$conf['reliable_ips']);
 if (!is_array($reliable_ips)) {
 // for the environment of (buggy core version && magic_quotes_gpc)
 $reliable_ips = @unserialize(stripslashes(@$conf['reliable_ips']));
 if (!is_array($reliable_ips)) {
 $reliable_ips = array();
 }
 }
 $is_reliable = false;
 foreach ($reliable_ips as $reliable_ip) {
 if (!empty($reliable_ip) && preg_match('/' . $reliable_ip . '/', $_SERVER['REMOTE_ADDR'])) {
 $is_reliable = true;
 }
 }
 
 // "DB Layer Trapper"
 $force_override = strstr(@$_SERVER['REQUEST_URI'], 'protector/admin/index.php?page=advisory') ? true : false;
 // $force_override = true ;
 if ($force_override || !empty($conf['enable_dblayertrap'])) {
 @define('PROTECTOR_ENABLED_ANTI_SQL_INJECTION', 1);
 $protector->dblayertrap_init($force_override);
 }
 
 // "Big Umbrella" subset version
 if (!empty($conf['enable_bigumbrella'])) {
 @define('PROTECTOR_ENABLED_ANTI_XSS', 1);
 $protector->bigumbrella_init();
 }
 
 // force intval variables whose name is *id
 if (!empty($conf['id_forceintval'])) {
 $protector->intval_allrequestsendid();
 }
 
 // eliminate '..' from requests looks like file specifications
 if (!$is_reliable && !empty($conf['file_dotdot'])) {
 $protector->eliminate_dotdot();
 }
 
 // Check uploaded files
 if (!$is_reliable && !empty($_FILES) && !empty($conf['die_badext']) && !defined('PROTECTOR_SKIP_FILESCHECKER') && !$protector->check_uploaded_files()) {
 $protector->output_log($protector->last_error_type);
 $protector->purge();
 }
 
 // Variables contamination
 if (!$protector->check_contami_systemglobals()) {
 if (@$conf['contami_action'] & 4) {
 if (@$conf['contami_action'] & 8) {
 $protector->_should_be_banned = true;
 } else {
 $protector->_should_be_banned_time0 = true;
 }
 $_GET = $_POST = array();
 }
 
 $protector->output_log($protector->last_error_type);
 if (@$conf['contami_action'] & 2) {
 $protector->purge();
 }
 }
 
 // prepare for DoS
 //if ( ! $protector->check_dos_attack_prepare() ) {
 //    $protector->output_log( $protector->last_error_type , 0 , true ) ;
 //}
 
 if (!empty($conf['disable_features'])) {
 $protector->disable_features();
 }
 return null;
 }
 
 |