[FS#455] SlimStat problems

Quote from: TobyL at Jul 11, 2006, 02:13 PM

Are you sure? I just tried die($_SERVER[’HTTP_REFERER’]); on line 50 if index.php and the colon was in it’s usual place. However when placing it in a snippet somewhere the colon is missing. So presumably it is being garbled by MODx along the way somewhere. do not have Slimstat installed by the way.

When using [tt]die()[/tt] I get the same result as you, but I was using a log file:

[tt]file_put_contents("log.txt", $_SERVER[’HTTP_REFERER’]);[/tt]

Now the colon is missing.. why?

Thanks for the responses on this problem, much appreciated! I’ll try the regex fix now.

I’m certain that the problem is with the regex and have been talking to the core team about it. In the interim, here’s a replacement regex that will let referrers through, but is probably not nearly as secure. In other words, use it at your own risk:

Line 54 (or thereabouts) of the main index.php file, change to:

Ok Ryan that works fine, referrers and search strings now show up correctly in the db and website.

Concerning security, limiting header data in size (buffer overflows) should be sufficient I guess, but I’m no expert. Filtering $_POST and $_GET are much more prone to malicious ’manipulation’, so extra filtering is surely needed.

Thanks for the quick fix, regular modx stats now look fine as well.

rnd

My apologises for the dumb question.
I’ve searched through the whole slimstat source(not by hand hoppefully  ) but can’t find the line where the regexp  is supposed to be .
I’m using slimstat 0.9.4

Could you please tell me where find the right file ?

thx


:-)

EDIT: Forget about it, I had misunderstood which file you were talking about ;-)