function send_email()
{
$adminmail = pnConfigGetVar('adminmail');
$subject = "" . _ERROR404_MAILSUBJECT . "";
$sitename = pnConfigGetVar('sitename');
$remote_addr = pnServerGetVar('REMOTE_ADDR');
$http_referer = pnServerGetVar('HTTP_REFERER');
$redirect_url = pnServerGetVar('REDIRECT_URL');
$server = pnServerGetVar('HTTP_HOST');
$errordoc = "http://{$server}{$redirect_url}";
$errortime = ml_ftime(_DATETIMEBRIEF, date(time()));
$message = "{$subject}\n\n";
$message .= "TIME: {$errortime}\n";
$message .= "REMOTE_ADDR: {$remote_addr}\n";
$message .= "ERRORDOC: " . pnVarPrepForDisplay($errordoc) . "\n";
$message .= "HTTP_REFERER: {$http_referer}\n";
pnMail($adminmail, $subject, $message, "From: \"{$sitename}\" <{$adminmail}>\nX-Mailer: PHP/" . phpversion());
echo "<br /><br /><strong>" . _ERROR404_MAILED . "</strong>\n";
}
function pnMailHackAttempt($detecting_file = "(no filename available)", $detecting_line = "(no line number available)", $hack_type = "(no type given)", $message = "(no message given)")
{
# Backwards compatibility fix with php 4.0.x and 4.1.x or greater Neo
if (phpversion() >= "4.2.0") {
$_pv = $_POST;
$_gv = $_GET;
$_rv = $_REQUEST;
$_sv = $_SERVER;
$_ev = $_ENV;
$_cv = $_COOKIE;
$_fv = $_FILES;
$_snv = $_SESSION;
} else {
global $HTTP_POST_VARS, $HTTP_GET_VARS, $HTTP_SERVER_VARS, $HTTP_ENV_VARS, $HTTP_COOKIE_VARS, $HTTP_POST_FILES, $HTTP_SESSION_VARS;
$_pv = $HTTP_POST_VARS;
$_gv = $HTTP_GET_VARS;
$_rv = array();
$_sv = $HTTP_SERVER_VARS;
$_ev = $HTTP_ENV_VARS;
$_cv = $HTTP_COOKIE_VARS;
$_fv = $HTTP_POST_FILES;
$_snv = $HTTP_SESSION_VARS;
}
$output = "Attention site admin of " . pnConfigGetVar('sitename') . ",\n";
$output .= "On " . ml_ftime(_DATEBRIEF, GetUserTime(time()));
$output .= " at " . ml_ftime(_TIMEBRIEF, GetUserTime(time()));
$output .= " the Postnuke code has detected that somebody tried to" . " send information to your site that may have been intended" . " as a hack. Do not panic, it may be harmless: maybe this" . " detection was triggered by something you did! Anyway, it" . " was detected and blocked. \n";
$output .= "The suspicious activity was recognized in {$detecting_file} " . "on line {$detecting_line}, and is of the type {$hack_type}. \n";
$output .= "Additional information given by the code which detected this: " . $message;
$output .= "\n\nBelow you will find a lot of information obtained about " . "this attempt, that may help you to find what happened and " . "maybe who did it.\n\n";
$output .= "\n=====================================\n";
$output .= "Information about this user:\n";
$output .= "=====================================\n";
if (!pnUserLoggedIn()) {
$output .= "This person is not logged in.\n";
} else {
$output .= "Postnuke username: "******"\n" . "Registered email of this Postnuke user: "******"\n" . "Registered real name of this Postnuke user: "******"\n";
}
$output .= "IP numbers: [note: when you are dealing with a real cracker " . "these IP numbers might not be from the actual computer he is " . "working on]" . "\n\t IP according to HTTP_CLIENT_IP: " . getenv('HTTP_CLIENT_IP') . "\n\t IP according to REMOTE_ADDR: " . getenv('REMOTE_ADDR') . "\n\t IP according to GetHostByName(\$REMOTE_ADDR): " . GetHostByName($REMOTE_ADDR) . "\n\n";
$output .= "\n=====================================\n";
$output .= "Information in the \$_REQUEST array\n";
$output .= "=====================================\n";
while (list($key, $value) = each($_rv)) {
$output .= "REQUEST * {$key} : {$value}\n";
}
$output .= "\n=====================================\n";
$output .= "Information in the \$_GET array\n";
$output .= "This is about variables that may have been ";
$output .= "in the URL string or in a 'GET' type form.\n";
$output .= "=====================================\n";
while (list($key, $value) = each($_gv)) {
$output .= "GET * {$key} : {$value}\n";
}
$output .= "\n=====================================\n";
$output .= "Information in the \$_POST array\n";
$output .= "This is about visible and invisible form elements.\n";
$output .= "=====================================\n";
while (list($key, $value) = each($_pv)) {
$output .= "POST * {$key} : {$value}\n";
}
$output .= "\n=====================================\n";
$output .= "Browser information\n";
$output .= "=====================================\n";
global $HTTP_USER_AGENT;
$output .= "HTTP_USER_AGENT: " . $HTTP_USER_AGENT . "\n";
$browser = (array) get_browser();
while (list($key, $value) = each($browser)) {
$output .= "BROWSER * {$key} : {$value}\n";
}
$output .= "\n=====================================\n";
$output .= "Information in the \$_SERVER array\n";
$output .= "=====================================\n";
while (list($key, $value) = each($_sv)) {
$output .= "SERVER * {$key} : {$value}\n";
}
$output .= "\n=====================================\n";
$output .= "Information in the \$_ENV array\n";
$output .= "=====================================\n";
while (list($key, $value) = each($_ev)) {
$output .= "ENV * {$key} : {$value}\n";
}
$output .= "\n=====================================\n";
$output .= "Information in the \$_COOKIE array\n";
$output .= "=====================================\n";
while (list($key, $value) = each($_cv)) {
$output .= "COOKIE * {$key} : {$value}\n";
}
$output .= "\n=====================================\n";
$output .= "Information in the \$_FILES array\n";
$output .= "=====================================\n";
while (list($key, $value) = each($_fv)) {
$output .= "FILES * {$key} : {$value}\n";
}
$output .= "\n=====================================\n";
$output .= "Information in the \$_SESSION array\n";
$output .= "This is session info. The variables\n";
$output .= " starting with PNSV are PostNukeSessionVariables.\n";
$output .= "=====================================\n";
while (list($key, $value) = each($_snv)) {
$output .= "SESSION * {$key} : {$value}\n";
}
$sitename = pnConfigGetVar('sitename');
$adminmail = pnConfigGetVar('adminmail');
$headers = "From: {$sitename} <{$adminmail}>\n" . "X-Priority: 1 (Highest)\n";
pnMail($adminmail, 'Attempted hack on your site? (type: ' . $hack_type . ')', $output, $headers);
return;
}
/**
* Let the client email his
* banner statistics
*/
function EmailStats()
{
list($login, $cid, $bid, $pass) = pnVarCleanFromInput('login', 'cid', 'bid', 'pass');
list($dbconn) = pnDBGetConn();
$pntable = pnDBGetTables();
$column =& $pntable['bannerclient_column'];
$result2 = $dbconn->Execute("SELECT {$column['name']}, {$column['email']}\n FROM {$pntable['bannerclient']}\n WHERE {$column['cid']}='" . pnVarPrepForStore($cid) . "'");
list($name, $email) = $result2->fields;
if ($email == "") {
include 'header.php';
OpenTable();
echo "<font class=\"pn-normal\">" . _BAN_STATSFORBAN . ";\n echo " . pnVarPrepForDisplay($bid) . "";
echo "" . _BAN_CANTSEND . "" . " " . pnVarPrepForDisplay($name) . "<br>" . "" . _BAN_CONTACTADMIN . "<br><br>" . "<a href=\"javascript:history.go(-1)\">" . _BAN_BACK . "</a>";
CloseTable();
include 'footer.php';
} else {
$column =& $pntable['banner_column'];
$result = $dbconn->Execute("SELECT {$column['bid']}, {$column['imptotal']}, {$column['impmade']}, {$column['clicks']}, {$column['imageurl']}, {$column['clickurl']}, {$column['date']}\n FROM {$pntable['banner']}\n WHERE {$column['bid']}='" . pnVarPrepForStore($bid) . "' AND {$column['cid']}='" . pnVarPrepForStore($cid) . "'");
list($bid, $imptotal, $impmade, $clicks, $imageurl, $clickurl, $date) = $result->fields;
if ($impmade == 0) {
$percent = 0;
} else {
$percent = substr(100 * $clicks / $impmade, 0, 5);
}
if ($imptotal == 0) {
$left = _BAN_UNLIMITED;
$imptotal = _BAN_UNLIMITED;
} else {
$left = $imptotal - $impmade;
}
$sitename = pnConfigGetVar('sitename');
$fecha = date("F jS Y, h:iA.");
$subject = "" . _BAN_YOURSTATS . " {$sitename}";
$message = "" . _BAN_FORMAIL . " {$sitename}:\n\n\n" . _BAN_CLIENTNAME . ": {$name}\n" . _BAN_ID . ": {$bid}\n" . _BAN_IMAGE . ": {$imageurl}\n" . _BAN_URL . ": {$clickurl}\n\n" . _BAN_IMPPURCHASED . ": {$imptotal}\n" . _BAN_IMP_MADE . ": {$impmade}\n" . _BAN_IMP_LEFT . ": {$left}\n" . _BAN_CLICKS . ": {$clicks}\n" . _BAN_PERCENTCLICKS . ": {$percent}%\n\n\n" . _BAN_REPORTMADEON . ": {$fecha}";
$from = "{$sitename}";
pnMail($email, $subject, $message, "" . _BAN_FROM . ": {$from}\nX-Mailer: PHP/" . phpversion());
include 'header.php';
OpenTable();
echo "<font class=\"pn-normal\">" . _BAN_STATSFORBAN . " " . pnVarPrepForDisplay($bid) . " " . _BAN_SENTTO . "<br>" . "<i>" . pnVarPrepForDisplay($email) . "</i> for " . pnVarPrepForDisplay($name) . "<br><br>" . "<a href=\"javascript:history.go(-1)\">" . _BAN_BACK . "</a>";
CloseTable();
}
}
function send_email()
{
/* send error reporting email to admin */
global $REQUEST_URI, $HTTP_REFERER, $REMOTE_ADDR;
$reportlevel = pnConfigGetVar('reportlevel');
$adminmail = pnConfigGetVar('adminmail');
$notify_from = pnConfigGetVar('notify_from');
$errortime = date("m/j/Y at g:i a");
$message .= "" . _ERR404 . "\n\n" . _ERRMAIL404 . " {$REMOTE_ADDR}";
$message .= "" . _ERRMAILON . " {$errortime}.\n\n";
$message .= "" . _ERRMAILURI . " \n" . pnGetBaseURL() . "{$REQUEST_URI}\n\n";
$message .= "" . _ERRMAILREF . "\n{$HTTP_REFERER}\n\n";
# Send the mail message. This assumes mail() will work on your system!
// 11-09-01 eugeniobaldi not compliant with PHP < 4.0.5
// pnMail($adminmail, _ERR404REP, $message, "From: $notify_from");
pnMail($adminmail, _ERR404REP, $message);
}
