1741 replies to this topic

[Cheepnis]

Ok, worked out the fix. To disable the IP Lookup feature (but not disable the link to the lookup) Comment out the following lines in admin/whos_online.php:

Around line 106 add "//" to this line (as shown):

//  require('includes/classes/ipinfodb.class.php');

Around line 161, add:

/*

BEFORE this line:

//Function to get IP address geolocation data from IPInfoDB and update whos_online table

and around line 214, add:

*/

BEFORE this line:

// Determines status and cart of visitor and displays appropriate icon.

Around 372, add "//" to this line (as shown):

//  add_geolocation();

That's it! Hopefully it doesn't break anything else, but at least it gets Who's Online working again until ipinfodb.com is running again.

[SambaMambo]

well, you just need to change the ip locator api
edit /admin/whos_online.php and change to this (line 160):

//Function to get IP address geolocation data from IPInfoDB and update whos_online table
function updateIps($ips){
	//Old,incesure  method
	//$d = file_get_contents("http://ipinfodb.com/ip_query2.php?ip=$ips");     
	
	//Initialize the Curl session
	$ch = curl_init();
	$URL = ("http://api.hostip.info/?ip=$ips");
	//Set curl to return the data instead of printing it to the browser.
	curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
	//Set the URL, then execute, then close
	curl_setopt($ch, CURLOPT_URL, $URL);
	$d = curl_exec($ch);
	curl_close($ch);

	
 
	//Use backup server if cannot make a connection
	if (!$d){
		//$backup = file_get_contents("http://backup.ipinfodb.com/ip_query2.php?ip=$ips");
		$ch = curl_init();
		$URL = ("http://api.hostip.info/?ip=$ips");

Edited by SambaMambo, 16 May 2011, 14:53.

[Cheepnis]

SambaMambo, on 16 May 2011, 14:53, said:

well, you just need to change the ip locator api
edit /admin/whos_online.php and change to this (line 160):

Make sure you add another end tag:

  }  

to the section, just before:

//Add IP address geolocation to whos_online table

[Cheepnis]

BTW, not having the IP Lookup enabled REALLY speeds up Who's Online - a lot!

I may never put it back (especially since the links should still work once the database is running again).

[RobC1962]

The ipinfo database is back online - enhanced whois all functioning fine now

[Cheepnis]

Should a completely ancillary function from a third-party website really be allowed to break the entire application when their server has a hiccup, however rare?

The next version of this really should have a test for the presence of a working lookup site and should also allow the user to disable that function as part of it's settings (especially considering the speed improvements). I'm not a good enough programmer to make those changes, but I think it would be a welcome addition if anybody wants to do it.

[rfwoolf]

I am posting a solution to a problem with the pins on the map - my map had no pins :S
First make sure you have uploaded visitors_georss.php to your catalog directory.
Then in admin/whos_online.php find the line:
geoXml = new GGeoXml("<?php echo HTTP_CATALOG_SERVER . "/visitors_georss.php";?>");
or
geoXml = new GGeoXml("<?php echo HTTP_CATALOG_SERVER . DIR_WS_CATALOG . "visitors_georss.php";?>");

Basically the problem was with this line.
I had both these lines but the first one was commented out -- but that was the correct line for me!

You can take the php part in the line, e.g.
<?php echo HTTP_CATALOG_SERVER . DIR_WS_CATALOG . "visitors_georss.php";?>
and paste it somewhere on your website to see the URL it generates, for example it may say:
www.yoursite.com//visitors_georss.php
or something else

[john_AV]

Hi Guys

Just a random question,

We have just moved from oscommerce to magento. However we loved this addon and it became an essental part of customer research. My hat come off to the developer.

I was wondering if it was possible to develop this with a magento store? I am sure the magento community would pay for this addon.

[Dennis_oss]

Hi all,

I am using this contrib for years now. I love it!!
But now I have a small problem. I've installed DC megamenu on the site and now Firefox is adding a code at the end of the product URL.
Always starting with #. and then a short random string.

Because of this Whois Online can't figure out wich product someone is watching. And in de admin this shows up as a simple /

When using IE, this code is not added to the url and whois online shows the productname in the admin.

Here is how this url looks like: http://www.domain.com/product_info.php/cPath/287_212/products_id/1989#.TmIRZGq17Tk

The last piece starting with # is the problem I think.
Is there a way so whois_online can strip this of the url so it knows wich product the customer is looking at?

[Dennis_oss]

Nobody?

[Pelvis]

ATTENTION
Attention with the Last version of this Contrib.
Our Site was signed with red Flag from Google.
Google has found Malicious Software (Malware) in Parts of Code in our Site.
The Last Contrib that we had installed was the Upgrade of "Who's Enhancement"
The reason was due to the old API "ipinfodb.com".
So our Administrator has run a Program Called "I SCANNER" in our Server.
And VOILÀ the Program has reported a "Java Script Code" that can run from a remote source.
----------------------------------
From: iScanner 0.7 <iScanner@localhost>
Date: 2011/10/8
Subject: iScanner 0.7 report for localhost
To: "xxx@gmail.com" <xxx@gmail.com>


Hostname: localhost
Directory: /home/xxx
Extensions: htm, html, php, js
Log file: infected-09:43:55-08.Oct.log


/home/XXX/public_html/
Admin/whos_online.php
[2.3] (<script.+?src\s*=\s*['\"]?(?:ht|f)tp.+?>(?:.*?<\/script>)?)
Javascript code from remote source detected.
---------------------------------------------------------------------------

Generated by iScanner 0.7 (db:0.2.0) in Sat Oct 8 09:44:16 2011
Copyright © 2010 iSecur1ty <http://iscanner.isecur1ty.org>



After that we Installed Back the Old Version 3.5.5 (2 fixes up from Steve Dallas) and everything was fine also no report from "I SCANNER".
Also be Careful !!

[bhbilbao]

Thanks Pelvis,
can you explain what to do.??
We must install the old version 3.5.5??? or what???
How to identify the mailicious code in our files??

Edited by bhbilbao, 10 October 2011, 19:01.

[Pelvis]

Yes Version 3.5.5 is for sure save and free from Malicious Software (Malware).
Version 3.7 and 3.7_1 is unsafe and has the parts of Malicious Code (Malware).
The Malware Code is found in /Admin/whos_online.php

[bhbilbao]

thanks,
I will delete all files related and reinstall.
Who's Online Enhancement 3.5.5 Full + IP Address geolocation + Visitors World Map 5 Aug 2009
But , what about the rest of updates and fixes of versions 3.6.x and 3.7.x. Is there the malicious code???

Edited by bhbilbao, 10 October 2011, 19:52.

[Pelvis]

I have not time to install everything and test.
Version 3.5.5 Full + IP Address geolocation is sure Save.
The newer + Visitors World Map from 5 Aug 2009 must be o.k. to.
But for the newer (upper of them) is no Garantie what is o.k. and what not.

[bhbilbao]

For the moment all needed to do is to replace the whos_online.php archive and add the code for visitors_map.zip.


Sometimes I saw a rare visitor like localhost : localdomain with IP 127.0.0.1
I dont know if that is related with the malicious remote script code.

With the version 3.5.5
-all ID= 0
-no basket after session changes
-no icons, or info about the guest explorer and machine.

It will be interesting to install and test the updates one by one and identify the malicious code.(The code isnt too large). Basically the new updates adds an:

  require(DIR_WS_FUNCTIONS . 'whos_online.php');
  require('includes/classes/ipinfodb.class.php');

I use "Who is online ena." all times with a modified main index page with the new customers and orders.

Edited by bhbilbao, 11 October 2011, 02:22.

[terryduncilsr]

I hate to bother but i have a small request, is there a way to add a sound when someone logs onto the oscommerce store? and how would a person go about that? in whos online version 3.5.4 by steve dallas. I am running oscommerse 2.3.1

[lyonsperf]

I have 3.5.4 installed and am getting multiple admins online shown in the who's online. Any ideas to fix this?

[lyonsperf]

duplicate post

Edited by lyonsperf, 18 December 2011, 14:58.

[RobC1962]

Hi All,
For anyone having problems with the 'Last URL' showing as /images/infoBoxHeading2_td.gif (or anything to do with images) rather than showing the product being viewed, the fix is simple.
Basically, the problem is caused by Who's Online Enhancement is looking for an image does not exist. Simply add the image where required and the contrib will show the Last URL correctly.