public function getHits($hitType, $type, $afterTime, $limit = 50, $IP = false) { $serverTime = $this->getDB()->querySingle("select unix_timestamp()"); $IPSQL = ""; if ($IP) { $IPSQL = " and IP=%s "; $sqlArgs = array($afterTime, wfUtils::inet_pton($IP), $limit); } else { $sqlArgs = array($afterTime, $limit); } if ($hitType == 'hits') { if ($type == 'hit') { $typeSQL = " "; } else { if ($type == 'crawler') { $now = time(); $typeSQL = " and jsRun = 0 and {$now} - ctime > 30 "; } else { if ($type == 'gCrawler') { $typeSQL = " and isGoogle = 1 "; } else { if ($type == '404') { $typeSQL = " and is404 = 1 "; } else { if ($type == 'human') { $typeSQL = " and jsRun = 1 "; } else { if ($type == 'ruser') { $typeSQL = " and userID > 0 "; } else { wordfence::status(1, 'error', "Invalid log type to wfLog: {$type}"); return false; } } } } } } array_unshift($sqlArgs, "select * from " . $this->hitsTable . " where ctime > %f {$IPSQL} {$typeSQL} order by ctime desc limit %d"); $results = call_user_func_array(array($this->getDB(), 'querySelect'), $sqlArgs); } else { if ($hitType == 'logins') { array_unshift($sqlArgs, "select * from " . $this->loginsTable . " where ctime > %f {$IPSQL} order by ctime desc limit %d"); $results = call_user_func_array(array($this->getDB(), 'querySelect'), $sqlArgs); } else { wordfence::status(1, 'error', "getHits got invalid hitType: {$hitType}"); return false; } } $this->resolveIPs($results); $ourURL = parse_url(site_url()); $ourHost = strtolower($ourURL['host']); $ourHost = preg_replace('/^www\\./i', '', $ourHost); $browscap = new wfBrowscap(); $advanced_blocking_results = $this->getDB()->querySelect('SELECT * FROM ' . $this->ipRangesTable); $advanced_blocking = array(); foreach ($advanced_blocking_results as $advanced_blocking_row) { list($blocked_range) = explode('|', $advanced_blocking_row['blockString']); $blocked_range = explode('-', $blocked_range); if (count($blocked_range) == 2) { // Still using v5 32 bit int style format. if (!preg_match('/[\\.:]/', $blocked_range[0])) { $blocked_range[0] = long2ip($blocked_range[0]); $blocked_range[1] = long2ip($blocked_range[1]); } $advanced_blocking[] = array(wfUtils::inet_pton($blocked_range[0]), wfUtils::inet_pton($blocked_range[1]), $advanced_blocking_row['id']); } } foreach ($results as &$res) { $res['type'] = $type; $res['timeAgo'] = wfUtils::makeTimeAgo($serverTime - $res['ctime']); $res['blocked'] = $this->getDB()->querySingle("select blockedTime from " . $this->blocksTable . " where IP=%s and (permanent = 1 OR (blockedTime + %s > unix_timestamp()))", $res['IP'], wfConfig::get('blockedTime')); $res['rangeBlocked'] = false; $res['ipRangeID'] = -1; foreach ($advanced_blocking as $advanced_blocking_row) { if (strcmp($res['IP'], $advanced_blocking_row[0]) >= 0 && strcmp($res['IP'], $advanced_blocking_row[1]) <= 0) { $res['rangeBlocked'] = true; $res['ipRangeID'] = $advanced_blocking_row[2]; break; } } $res['IP'] = wfUtils::inet_ntop($res['IP']); $res['extReferer'] = false; if (isset($res['referer']) && $res['referer']) { if (wfUtils::hasXSS($res['referer'])) { //filtering out XSS $res['referer'] = ''; } } if (isset($res['referer']) && $res['referer']) { $refURL = parse_url($res['referer']); if (is_array($refURL) && isset($refURL['host']) && $refURL['host']) { $refHost = strtolower(preg_replace('/^www\\./i', '', $refURL['host'])); if ($refHost != $ourHost) { $res['extReferer'] = true; //now extract search terms $q = false; if (preg_match('/(?:google|bing|alltheweb|aol|ask)\\./i', $refURL['host'])) { $q = 'q'; } else { if (stristr($refURL['host'], 'yahoo.')) { $q = 'p'; } else { if (stristr($refURL['host'], 'baidu.')) { $q = 'wd'; } } } if ($q) { $queryVars = array(); if (isset($refURL['query'])) { parse_str($refURL['query'], $queryVars); if (isset($queryVars[$q])) { $res['searchTerms'] = $queryVars[$q]; } } } } } if ($res['extReferer']) { if (isset($referringPage) && stristr($referringPage['host'], 'google.')) { parse_str($referringPage['query'], $queryVars); echo $queryVars['q']; // This is the search term used } } } $res['browser'] = false; if ($res['UA']) { $b = $browscap->getBrowser($res['UA']); if ($b) { $res['browser'] = array('browser' => !empty($b['Browser']) ? $b['Browser'] : "", 'version' => !empty($b['Version']) ? $b['Version'] : "", 'platform' => !empty($b['Platform']) ? $b['Platform'] : "", 'isMobile' => !empty($b['isMobileDevice']) ? $b['isMobileDevice'] : "", 'isCrawler' => !empty($b['Crawler']) ? $b['Crawler'] : ""); } } if ($res['userID']) { $ud = get_userdata($res['userID']); if ($ud) { $res['user'] = array('editLink' => wfUtils::editUserLink($res['userID']), 'display_name' => $ud->display_name, 'ID' => $res['userID']); $res['user']['avatar'] = get_avatar($res['userID'], 16); } } else { $res['user'] = false; } } return $results; }
?> <tr><th>Time:</th><td><?php echo $v['timeAgo']; ?> ago -- <?php echo date(DATE_RFC822, $v['ctime']); ?> -- <?php echo $v['ctime']; ?> in Unixtime</td></tr> <?php if ($v['timeSinceLastHit']) { echo '<th>Secs since last hit:</th><td>' . $v['timeSinceLastHit'] . '</td></tr>'; } if (wfUtils::hasXSS($v['URL'])) { ?> <tr><th>URL:</th><td><span style="color: #F00;">Possible XSS code filtered out for your security</span></td></tr> <?php } else { ?> <tr><th>URL:</th><td><a href="<?php echo wp_kses($v['URL'], array()); ?> " target="_blank"><?php echo $v['URL']; ?> </a></td></tr> <?php } ?>
/** * @param string $type * @param array $results * @throws Exception */ public function processGetHitsResults($type, &$results) { $serverTime = $this->getDB()->querySingle("select unix_timestamp()"); $this->resolveIPs($results); $ourURL = parse_url(site_url()); $ourHost = strtolower($ourURL['host']); $ourHost = preg_replace('/^www\\./i', '', $ourHost); $browscap = new wfBrowscap(); $advanced_blocking_results = $this->getDB()->querySelect('SELECT * FROM ' . $this->ipRangesTable); $advanced_blocking = array(); foreach ($advanced_blocking_results as $advanced_blocking_row) { list($blocked_range) = explode('|', $advanced_blocking_row['blockString']); $blocked_range = explode('-', $blocked_range); if (count($blocked_range) == 2) { // Still using v5 32 bit int style format. if (!preg_match('/[\\.:]/', $blocked_range[0])) { $blocked_range[0] = long2ip($blocked_range[0]); $blocked_range[1] = long2ip($blocked_range[1]); } $advanced_blocking[] = array(wfUtils::inet_pton($blocked_range[0]), wfUtils::inet_pton($blocked_range[1]), $advanced_blocking_row['id']); } } foreach ($results as &$res) { $res['type'] = $type; $res['timeAgo'] = wfUtils::makeTimeAgo($serverTime - $res['ctime']); $res['blocked'] = $this->getDB()->querySingle("select blockedTime from " . $this->blocksTable . " where IP=%s and (permanent = 1 OR (blockedTime + %s > unix_timestamp()))", $res['IP'], wfConfig::get('blockedTime')); $res['rangeBlocked'] = false; $res['ipRangeID'] = -1; foreach ($advanced_blocking as $advanced_blocking_row) { if (strcmp($res['IP'], $advanced_blocking_row[0]) >= 0 && strcmp($res['IP'], $advanced_blocking_row[1]) <= 0) { $res['rangeBlocked'] = true; $res['ipRangeID'] = $advanced_blocking_row[2]; break; } } $res['IP'] = wfUtils::inet_ntop($res['IP']); $res['extReferer'] = false; if (isset($res['referer']) && $res['referer']) { if (wfUtils::hasXSS($res['referer'])) { //filtering out XSS $res['referer'] = ''; } } if (isset($res['referer']) && $res['referer']) { $refURL = parse_url($res['referer']); if (is_array($refURL) && isset($refURL['host']) && $refURL['host']) { $refHost = strtolower(preg_replace('/^www\\./i', '', $refURL['host'])); if ($refHost != $ourHost) { $res['extReferer'] = true; //now extract search terms $q = false; if (preg_match('/(?:google|bing|alltheweb|aol|ask)\\./i', $refURL['host'])) { $q = 'q'; } else { if (stristr($refURL['host'], 'yahoo.')) { $q = 'p'; } else { if (stristr($refURL['host'], 'baidu.')) { $q = 'wd'; } } } if ($q) { $queryVars = array(); if (isset($refURL['query'])) { parse_str($refURL['query'], $queryVars); if (isset($queryVars[$q])) { $res['searchTerms'] = urlencode($queryVars[$q]); } } } } } if ($res['extReferer']) { if (isset($referringPage) && stristr($referringPage['host'], 'google.')) { parse_str($referringPage['query'], $queryVars); // echo $queryVars['q']; // This is the search term used } } } $res['browser'] = false; if ($res['UA']) { $b = $browscap->getBrowser($res['UA']); if ($b) { $res['browser'] = array('browser' => !empty($b['Browser']) ? $b['Browser'] : "", 'version' => !empty($b['Version']) ? $b['Version'] : "", 'platform' => !empty($b['Platform']) ? $b['Platform'] : "", 'isMobile' => !empty($b['isMobileDevice']) ? $b['isMobileDevice'] : "", 'isCrawler' => !empty($b['Crawler']) ? $b['Crawler'] : ""); } } if ($res['userID']) { $ud = get_userdata($res['userID']); if ($ud) { $res['user'] = array('editLink' => wfUtils::editUserLink($res['userID']), 'display_name' => $res['display_name'], 'ID' => $res['userID']); $res['user']['avatar'] = get_avatar($res['userID'], 16); } } else { $res['user'] = false; } } }
public function getHits($hitType /* 'hits' or 'logins' */, $type, $afterTime, $limit = 50, $IP = false){ $serverTime = $this->getDB()->querySingle("select unix_timestamp()"); $IPSQL = ""; if($IP){ $IPSQL = " and IP=INET_ATON(%s) "; $sqlArgs = array($afterTime, $IP, $limit); } else { $sqlArgs = array($afterTime, $limit); } if($hitType == 'hits'){ if($type == 'hit'){ $typeSQL = " "; } else if($type == 'crawler'){ $now = time(); $typeSQL = " and jsRun = 0 and $now - ctime > 30 "; } else if($type == 'gCrawler'){ $typeSQL = " and isGoogle = 1 "; } else if($type == '404'){ $typeSQL = " and is404 = 1 "; } else if($type == 'human'){ $typeSQL = " and jsRun = 1 "; } else if($type == 'ruser'){ $typeSQL = " and userID > 0 "; } else { wordfence::status(1, 'error', "Invalid log type to wfLog: $type"); return false; } array_unshift($sqlArgs, "select * from " . $this->hitsTable . " where ctime > %f $IPSQL $typeSQL order by ctime desc limit %d"); $results = call_user_func_array(array($this->getDB(), 'querySelect'), $sqlArgs); } else if($hitType == 'logins'){ array_unshift($sqlArgs, "select * from " . $this->loginsTable . " where ctime > %f $IPSQL order by ctime desc limit %d"); $results = call_user_func_array(array($this->getDB(), 'querySelect'), $sqlArgs ); } else { wordfence::status(1, 'error', "getHits got invalid hitType: $hitType"); return false; } $this->resolveIPs($results); $ourURL = parse_url(site_url()); $ourHost = strtolower($ourURL['host']); $ourHost = preg_replace('/^www\./i', '', $ourHost); $browscap = new wfBrowscap(); foreach($results as &$res){ $res['type'] = $type; $res['timeAgo'] = wfUtils::makeTimeAgo($serverTime - $res['ctime']); $res['blocked'] = $this->getDB()->querySingle("select blockedTime from " . $this->blocksTable . " where IP=%s and (permanent = 1 OR (blockedTime + %s > unix_timestamp()))", $res['IP'], wfConfig::get('blockedTime')); $res['IP'] = wfUtils::inet_ntoa($res['IP']); $res['extReferer'] = false; if(isset( $res['referer'] ) && $res['referer']){ if(wfUtils::hasXSS($res['referer'] )){ //filtering out XSS $res['referer'] = ''; } } if( isset( $res['referer'] ) && $res['referer']){ $refURL = parse_url($res['referer']); if(is_array($refURL) && isset($refURL['host']) && $refURL['host']){ $refHost = strtolower(preg_replace('/^www\./i', '', $refURL['host'])); if($refHost != $ourHost){ $res['extReferer'] = true; //now extract search terms $q = false; if(preg_match('/(?:google|bing|alltheweb|aol|ask)\./i', $refURL['host'])){ $q = 'q'; } else if(stristr($refURL['host'], 'yahoo.')){ $q = 'p'; } else if(stristr($refURL['host'], 'baidu.')){ $q = 'wd'; } if($q){ $queryVars = array(); if( isset( $refURL['query'] ) ) { parse_str($refURL['query'], $queryVars); if(isset($queryVars[$q])){ $res['searchTerms'] = $queryVars[$q]; } } } } } if($res['extReferer']){ if ( isset( $referringPage ) && stristr( $referringPage['host'], 'google.' ) ) { parse_str( $referringPage['query'], $queryVars ); echo $queryVars['q']; // This is the search term used } } } $res['browser'] = false; if($res['UA']){ $b = $browscap->getBrowser($res['UA']); if($b){ $res['browser'] = array( 'browser' => $b['Browser'], 'version' => $b['Version'], 'platform' => $b['Platform'], 'isMobile' => $b['isMobileDevice'], 'isCrawler' => $b['Crawler'] ); } } if($res['userID']){ $ud = get_userdata($res['userID']); if($ud){ $res['user'] = array( 'editLink' => wfUtils::editUserLink($res['userID']), 'display_name' => $ud->display_name, 'ID' => $res['userID'] ); $res['user']['avatar'] = get_avatar($res['userID'], 16); } } else { $res['user'] = false; } } return $results; }