public function getHits($hitType, $type, $afterTime, $limit = 50, $IP = false)
{
$serverTime = $this->getDB()->querySingle("select unix_timestamp()");
$IPSQL = "";
if ($IP) {
$IPSQL = " and IP=%s ";
$sqlArgs = array($afterTime, wfUtils::inet_pton($IP), $limit);
} else {
$sqlArgs = array($afterTime, $limit);
}
if ($hitType == 'hits') {
if ($type == 'hit') {
$typeSQL = " ";
} else {
if ($type == 'crawler') {
$now = time();
$typeSQL = " and jsRun = 0 and {$now} - ctime > 30 ";
} else {
if ($type == 'gCrawler') {
$typeSQL = " and isGoogle = 1 ";
} else {
if ($type == '404') {
$typeSQL = " and is404 = 1 ";
} else {
if ($type == 'human') {
$typeSQL = " and jsRun = 1 ";
} else {
if ($type == 'ruser') {
$typeSQL = " and userID > 0 ";
} else {
wordfence::status(1, 'error', "Invalid log type to wfLog: {$type}");
return false;
}
}
}
}
}
}
array_unshift($sqlArgs, "select * from " . $this->hitsTable . " where ctime > %f {$IPSQL} {$typeSQL} order by ctime desc limit %d");
$results = call_user_func_array(array($this->getDB(), 'querySelect'), $sqlArgs);
} else {
if ($hitType == 'logins') {
array_unshift($sqlArgs, "select * from " . $this->loginsTable . " where ctime > %f {$IPSQL} order by ctime desc limit %d");
$results = call_user_func_array(array($this->getDB(), 'querySelect'), $sqlArgs);
} else {
wordfence::status(1, 'error', "getHits got invalid hitType: {$hitType}");
return false;
}
}
$this->resolveIPs($results);
$ourURL = parse_url(site_url());
$ourHost = strtolower($ourURL['host']);
$ourHost = preg_replace('/^www\\./i', '', $ourHost);
$browscap = new wfBrowscap();
$advanced_blocking_results = $this->getDB()->querySelect('SELECT * FROM ' . $this->ipRangesTable);
$advanced_blocking = array();
foreach ($advanced_blocking_results as $advanced_blocking_row) {
list($blocked_range) = explode('|', $advanced_blocking_row['blockString']);
$blocked_range = explode('-', $blocked_range);
if (count($blocked_range) == 2) {
// Still using v5 32 bit int style format.
if (!preg_match('/[\\.:]/', $blocked_range[0])) {
$blocked_range[0] = long2ip($blocked_range[0]);
$blocked_range[1] = long2ip($blocked_range[1]);
}
$advanced_blocking[] = array(wfUtils::inet_pton($blocked_range[0]), wfUtils::inet_pton($blocked_range[1]), $advanced_blocking_row['id']);
}
}
foreach ($results as &$res) {
$res['type'] = $type;
$res['timeAgo'] = wfUtils::makeTimeAgo($serverTime - $res['ctime']);
$res['blocked'] = $this->getDB()->querySingle("select blockedTime from " . $this->blocksTable . " where IP=%s and (permanent = 1 OR (blockedTime + %s > unix_timestamp()))", $res['IP'], wfConfig::get('blockedTime'));
$res['rangeBlocked'] = false;
$res['ipRangeID'] = -1;
foreach ($advanced_blocking as $advanced_blocking_row) {
if (strcmp($res['IP'], $advanced_blocking_row[0]) >= 0 && strcmp($res['IP'], $advanced_blocking_row[1]) <= 0) {
$res['rangeBlocked'] = true;
$res['ipRangeID'] = $advanced_blocking_row[2];
break;
}
}
$res['IP'] = wfUtils::inet_ntop($res['IP']);
$res['extReferer'] = false;
if (isset($res['referer']) && $res['referer']) {
if (wfUtils::hasXSS($res['referer'])) {
//filtering out XSS
$res['referer'] = '';
}
}
if (isset($res['referer']) && $res['referer']) {
$refURL = parse_url($res['referer']);
if (is_array($refURL) && isset($refURL['host']) && $refURL['host']) {
$refHost = strtolower(preg_replace('/^www\\./i', '', $refURL['host']));
if ($refHost != $ourHost) {
$res['extReferer'] = true;
//now extract search terms
$q = false;
if (preg_match('/(?:google|bing|alltheweb|aol|ask)\\./i', $refURL['host'])) {
$q = 'q';
} else {
if (stristr($refURL['host'], 'yahoo.')) {
$q = 'p';
} else {
if (stristr($refURL['host'], 'baidu.')) {
$q = 'wd';
}
}
}
if ($q) {
$queryVars = array();
if (isset($refURL['query'])) {
parse_str($refURL['query'], $queryVars);
if (isset($queryVars[$q])) {
$res['searchTerms'] = $queryVars[$q];
}
}
}
}
}
if ($res['extReferer']) {
if (isset($referringPage) && stristr($referringPage['host'], 'google.')) {
parse_str($referringPage['query'], $queryVars);
echo $queryVars['q'];
// This is the search term used
}
}
}
$res['browser'] = false;
if ($res['UA']) {
$b = $browscap->getBrowser($res['UA']);
if ($b) {
$res['browser'] = array('browser' => !empty($b['Browser']) ? $b['Browser'] : "", 'version' => !empty($b['Version']) ? $b['Version'] : "", 'platform' => !empty($b['Platform']) ? $b['Platform'] : "", 'isMobile' => !empty($b['isMobileDevice']) ? $b['isMobileDevice'] : "", 'isCrawler' => !empty($b['Crawler']) ? $b['Crawler'] : "");
}
}
if ($res['userID']) {
$ud = get_userdata($res['userID']);
if ($ud) {
$res['user'] = array('editLink' => wfUtils::editUserLink($res['userID']), 'display_name' => $ud->display_name, 'ID' => $res['userID']);
$res['user']['avatar'] = get_avatar($res['userID'], 16);
}
} else {
$res['user'] = false;
}
}
return $results;
}
?>
<tr><th>Time:</th><td><?php
echo $v['timeAgo'];
?>
ago -- <?php
echo date(DATE_RFC822, $v['ctime']);
?>
-- <?php
echo $v['ctime'];
?>
in Unixtime</td></tr>
<?php
if ($v['timeSinceLastHit']) {
echo '<th>Secs since last hit:</th><td>' . $v['timeSinceLastHit'] . '</td></tr>';
}
if (wfUtils::hasXSS($v['URL'])) {
?>
<tr><th>URL:</th><td><span style="color: #F00;">Possible XSS code filtered out for your security</span></td></tr>
<?php
} else {
?>
<tr><th>URL:</th><td><a href="<?php
echo wp_kses($v['URL'], array());
?>
" target="_blank"><?php
echo $v['URL'];
?>
</a></td></tr>
<?php
}
?>
/**
* @param string $type
* @param array $results
* @throws Exception
*/
public function processGetHitsResults($type, &$results)
{
$serverTime = $this->getDB()->querySingle("select unix_timestamp()");
$this->resolveIPs($results);
$ourURL = parse_url(site_url());
$ourHost = strtolower($ourURL['host']);
$ourHost = preg_replace('/^www\\./i', '', $ourHost);
$browscap = new wfBrowscap();
$advanced_blocking_results = $this->getDB()->querySelect('SELECT * FROM ' . $this->ipRangesTable);
$advanced_blocking = array();
foreach ($advanced_blocking_results as $advanced_blocking_row) {
list($blocked_range) = explode('|', $advanced_blocking_row['blockString']);
$blocked_range = explode('-', $blocked_range);
if (count($blocked_range) == 2) {
// Still using v5 32 bit int style format.
if (!preg_match('/[\\.:]/', $blocked_range[0])) {
$blocked_range[0] = long2ip($blocked_range[0]);
$blocked_range[1] = long2ip($blocked_range[1]);
}
$advanced_blocking[] = array(wfUtils::inet_pton($blocked_range[0]), wfUtils::inet_pton($blocked_range[1]), $advanced_blocking_row['id']);
}
}
foreach ($results as &$res) {
$res['type'] = $type;
$res['timeAgo'] = wfUtils::makeTimeAgo($serverTime - $res['ctime']);
$res['blocked'] = $this->getDB()->querySingle("select blockedTime from " . $this->blocksTable . " where IP=%s and (permanent = 1 OR (blockedTime + %s > unix_timestamp()))", $res['IP'], wfConfig::get('blockedTime'));
$res['rangeBlocked'] = false;
$res['ipRangeID'] = -1;
foreach ($advanced_blocking as $advanced_blocking_row) {
if (strcmp($res['IP'], $advanced_blocking_row[0]) >= 0 && strcmp($res['IP'], $advanced_blocking_row[1]) <= 0) {
$res['rangeBlocked'] = true;
$res['ipRangeID'] = $advanced_blocking_row[2];
break;
}
}
$res['IP'] = wfUtils::inet_ntop($res['IP']);
$res['extReferer'] = false;
if (isset($res['referer']) && $res['referer']) {
if (wfUtils::hasXSS($res['referer'])) {
//filtering out XSS
$res['referer'] = '';
}
}
if (isset($res['referer']) && $res['referer']) {
$refURL = parse_url($res['referer']);
if (is_array($refURL) && isset($refURL['host']) && $refURL['host']) {
$refHost = strtolower(preg_replace('/^www\\./i', '', $refURL['host']));
if ($refHost != $ourHost) {
$res['extReferer'] = true;
//now extract search terms
$q = false;
if (preg_match('/(?:google|bing|alltheweb|aol|ask)\\./i', $refURL['host'])) {
$q = 'q';
} else {
if (stristr($refURL['host'], 'yahoo.')) {
$q = 'p';
} else {
if (stristr($refURL['host'], 'baidu.')) {
$q = 'wd';
}
}
}
if ($q) {
$queryVars = array();
if (isset($refURL['query'])) {
parse_str($refURL['query'], $queryVars);
if (isset($queryVars[$q])) {
$res['searchTerms'] = urlencode($queryVars[$q]);
}
}
}
}
}
if ($res['extReferer']) {
if (isset($referringPage) && stristr($referringPage['host'], 'google.')) {
parse_str($referringPage['query'], $queryVars);
// echo $queryVars['q']; // This is the search term used
}
}
}
$res['browser'] = false;
if ($res['UA']) {
$b = $browscap->getBrowser($res['UA']);
if ($b) {
$res['browser'] = array('browser' => !empty($b['Browser']) ? $b['Browser'] : "", 'version' => !empty($b['Version']) ? $b['Version'] : "", 'platform' => !empty($b['Platform']) ? $b['Platform'] : "", 'isMobile' => !empty($b['isMobileDevice']) ? $b['isMobileDevice'] : "", 'isCrawler' => !empty($b['Crawler']) ? $b['Crawler'] : "");
}
}
if ($res['userID']) {
$ud = get_userdata($res['userID']);
if ($ud) {
$res['user'] = array('editLink' => wfUtils::editUserLink($res['userID']), 'display_name' => $res['display_name'], 'ID' => $res['userID']);
$res['user']['avatar'] = get_avatar($res['userID'], 16);
}
} else {
$res['user'] = false;
}
}
}
public function getHits($hitType /* 'hits' or 'logins' */, $type, $afterTime, $limit = 50, $IP = false){
$serverTime = $this->getDB()->querySingle("select unix_timestamp()");
$IPSQL = "";
if($IP){
$IPSQL = " and IP=INET_ATON(%s) ";
$sqlArgs = array($afterTime, $IP, $limit);
} else {
$sqlArgs = array($afterTime, $limit);
}
if($hitType == 'hits'){
if($type == 'hit'){
$typeSQL = " ";
} else if($type == 'crawler'){
$now = time();
$typeSQL = " and jsRun = 0 and $now - ctime > 30 ";
} else if($type == 'gCrawler'){
$typeSQL = " and isGoogle = 1 ";
} else if($type == '404'){
$typeSQL = " and is404 = 1 ";
} else if($type == 'human'){
$typeSQL = " and jsRun = 1 ";
} else if($type == 'ruser'){
$typeSQL = " and userID > 0 ";
} else {
wordfence::status(1, 'error', "Invalid log type to wfLog: $type");
return false;
}
array_unshift($sqlArgs, "select * from " . $this->hitsTable . " where ctime > %f $IPSQL $typeSQL order by ctime desc limit %d");
$results = call_user_func_array(array($this->getDB(), 'querySelect'), $sqlArgs);
} else if($hitType == 'logins'){
array_unshift($sqlArgs, "select * from " . $this->loginsTable . " where ctime > %f $IPSQL order by ctime desc limit %d");
$results = call_user_func_array(array($this->getDB(), 'querySelect'), $sqlArgs );
} else {
wordfence::status(1, 'error', "getHits got invalid hitType: $hitType");
return false;
}
$this->resolveIPs($results);
$ourURL = parse_url(site_url());
$ourHost = strtolower($ourURL['host']);
$ourHost = preg_replace('/^www\./i', '', $ourHost);
$browscap = new wfBrowscap();
foreach($results as &$res){
$res['type'] = $type;
$res['timeAgo'] = wfUtils::makeTimeAgo($serverTime - $res['ctime']);
$res['blocked'] = $this->getDB()->querySingle("select blockedTime from " . $this->blocksTable . " where IP=%s and (permanent = 1 OR (blockedTime + %s > unix_timestamp()))", $res['IP'], wfConfig::get('blockedTime'));
$res['IP'] = wfUtils::inet_ntoa($res['IP']);
$res['extReferer'] = false;
if(isset( $res['referer'] ) && $res['referer']){
if(wfUtils::hasXSS($res['referer'] )){ //filtering out XSS
$res['referer'] = '';
}
}
if( isset( $res['referer'] ) && $res['referer']){
$refURL = parse_url($res['referer']);
if(is_array($refURL) && isset($refURL['host']) && $refURL['host']){
$refHost = strtolower(preg_replace('/^www\./i', '', $refURL['host']));
if($refHost != $ourHost){
$res['extReferer'] = true;
//now extract search terms
$q = false;
if(preg_match('/(?:google|bing|alltheweb|aol|ask)\./i', $refURL['host'])){
$q = 'q';
} else if(stristr($refURL['host'], 'yahoo.')){
$q = 'p';
} else if(stristr($refURL['host'], 'baidu.')){
$q = 'wd';
}
if($q){
$queryVars = array();
if( isset( $refURL['query'] ) ) {
parse_str($refURL['query'], $queryVars);
if(isset($queryVars[$q])){
$res['searchTerms'] = $queryVars[$q];
}
}
}
}
}
if($res['extReferer']){
if ( isset( $referringPage ) && stristr( $referringPage['host'], 'google.' ) )
{
parse_str( $referringPage['query'], $queryVars );
echo $queryVars['q']; // This is the search term used
}
}
}
$res['browser'] = false;
if($res['UA']){
$b = $browscap->getBrowser($res['UA']);
if($b){
$res['browser'] = array(
'browser' => $b['Browser'],
'version' => $b['Version'],
'platform' => $b['Platform'],
'isMobile' => $b['isMobileDevice'],
'isCrawler' => $b['Crawler']
);
}
}
if($res['userID']){
$ud = get_userdata($res['userID']);
if($ud){
$res['user'] = array(
'editLink' => wfUtils::editUserLink($res['userID']),
'display_name' => $ud->display_name,
'ID' => $res['userID']
);
$res['user']['avatar'] = get_avatar($res['userID'], 16);
}
} else {
$res['user'] = false;
}
}
return $results;
}
