Jump to content
Jack_mcs

SiteMonitor

Recommended Posts

I have read the following (and the rest of this thread):

 

 

Hmm, are you saying you can't see the post just two above your last one or the one at the top of the last page with very large letters? I don't know how else to answer the question but let me try again in another way:

 

1 - Your username is invalid - this means the username entered in the SiteMonitor settings is not any good

 

2 - Please change it and try again - this means to change the username in the SiteMonitor settings and to click update

 

3 - System -> /var/www/html/shop/ - this shows what your shops setting is

 

4 - SiteMonitor -> /home/username/public_html/ - this shows what your SiteMonitor setting is

 

Now, since the shops configure setting is different than what is in the SiteMonitor configure setting (item 3 not equal to item 4), an error occurs (item 1). When an error occurs, in any part of the shop, you have to make some change to fix it. The way to know what change is provided by the second line (item 2). I hope this provides a clue as to what is needed.

 

 

I am getting the error listed above, but my item '3' and '4' are identical. Is there a file permissions error that can lead to this error?

Share this post


Link to post
Share on other sites

I have read the following (and the rest of this thread):

 

I am getting the error listed above, but my item '3' and '4' are identical. Is there a file permissions error that can lead to this error?

Please upgrade to the latest version.

Share this post


Link to post
Share on other sites

Which version of site monitor is recommended for osCommerce Online Merchant v2.3.1?

The latest one.

Share this post


Link to post
Share on other sites

That's the one I installed. Still throws the error. Thanks anyway.

You sited an example where there is a popup regarding the username. That popup is no longer used so you can't be using the latest version or you made a mistake in the upgrade.

Share this post


Link to post
Share on other sites

Thanks for the continued feedback.

 

I downloaded the V3.0. In the unzipped contents I found two folders:

  1. oscommerce_2.3
  2. oscommerce_MS2_or_RC2

As I am running osc 2.3.1, I choose folder 1.

 

Should I install the files from folder 2?

Share this post


Link to post
Share on other sites

Hello!

 

When I execute Manually Check for Hacked Files and then exclude some or all files

and check I get this in the errorlog of the webserver:

 

PHP Warning: array_flip(): Can only flip STRING and INTEGER values! in /vwww/domain/root/manager/includes/funct

ions/sitemonitor_functions.php on line 189, referer: https://www.domain.de/manager/sitemonitor_admin.php

 

and nothing is excluded.

 

Or when I Manually Execute Sitemonitor I get

.....

Sitemonitor (0) ran on September 8, 2011, 12:38 am

Total mismatches found were 4944

Total files being monitored is 0

Email sent to shop owner.

 

Then when I Manually Check for Hacked Files I see the following line:

Checked 502 directories containing a total of 2438 files. Skipped 2511 files. 156 suspected hacked files found.

 

My first guess is these files are ok and most of them are part of a contribution I installed.

But when I want to exclude them, they are not excluded and updating the page results in

a blank page.

 

Andreas

Share this post


Link to post
Share on other sites

Thanks for the continued feedback.

 

I downloaded the V3.0. In the unzipped contents I found two folders:

  1. oscommerce_2.3
  2. oscommerce_MS2_or_RC2

As I am running osc 2.3.1, I choose folder 1.

 

 

Should I install the files from folder 2?

No.

Share this post


Link to post
Share on other sites

Hello!

 

When I execute Manually Check for Hacked Files and then exclude some or all files

and check I get this in the errorlog of the webserver:

 

PHP Warning: array_flip(): Can only flip STRING and INTEGER values! in /vwww/domain/root/manager/includes/funct

ions/sitemonitor_functions.php on line 189, referer: https://www.domain.d...nitor_admin.php

That usually happens when the reference file has not been created.

Share this post


Link to post
Share on other sites

Sept 7, 2011

 

Jack

 

Just upgraded from 2.9 to 3.0

Everything appears to be working, however, here is what I see after I update the configure file

 

Warning: Missing argument 1 for GetLogFiles(), called in /home/ceitronc/public_html/shop/admin/sitemonitor_admin.php on line 210 and defined in /home/ceitronc/public_html/shop/admin/includes/functions/sitemonitor_functions.php on line 498

 

I have checked my log files and they are where they should be. I see that they are appended. This was supposed to be a simple upgrade and v2.9 has been working.

Any suggestions?

Steve

Share this post


Link to post
Share on other sites

Sept 7, 2011

 

Jack

 

Just upgraded from 2.9 to 3.0

Everything appears to be working, however, here is what I see after I update the configure file

 

Warning: Missing argument 1 for GetLogFiles(), called in /home/ceitronc/public_html/shop/admin/sitemonitor_admin.php on line 210 and defined in /home/ceitronc/public_html/shop/admin/includes/functions/sitemonitor_functions.php on line 498

 

I have checked my log files and they are where they should be. I see that they are appended. This was supposed to be a simple upgrade and v2.9 has been working.

Any suggestions?

Steve

Somehow the sitemonitor_admin.php file in the v 2.3 directory didn't get updated. Please replace it with the following and it should work OK.

<?php
/*
 $Id: sitemonitor_admin.php,v 1.2 2006/09/24
 sitemonitor Originally Created by: Jack mcs at oscommerce-solution.com
 osCommerce, Open Source E-Commerce Solutions
 http://www.oscommerce.com
 Copyright (c) 2003 osCommerce
 Portions Copyright 2009 oscommerce-solution.com
 Released under the GNU General Public License
*/
 require('includes/application_top.php');
 require('includes/functions/sitemonitor_functions.php');
 $currentVersion = '';
 $instance = (isset($_POST['instance']) ? (int)$_POST['instance'] : '0');
 /********************** BEGIN VERSION CHECKER *********************/
 if (file_exists(DIR_WS_FUNCTIONS . 'version_checker.php')) {
  require(DIR_WS_LANGUAGES . $language . '/version_checker.php');
  require(DIR_WS_FUNCTIONS . 'version_checker.php');
  $contribPath = 'http://addons.oscommerce.com/info/4441';
  $currentVersion = 'SiteMonitor V 3.0';
  $contribName = 'SiteMonitor V';
  $versionStatus = '';
 }
 /********************** END VERSION CHECKER *********************/
 /********************** BEGIN CHECK THE USERNAME *********************/
 $filenameConfigure = DIR_FS_ADMIN . FILENAME_SITEMONITOR_CONFIGURE;
 $filenameConfigure = str_replace('.txt', '_' . $instance . '.txt', $filenameConfigure);
 $fp = @file($filenameConfigure);
 if (! $fp) {
  tep_redirect(tep_href_link(FILENAME_SITEMONITOR_CONFIG_SETUP, 'invalid_username=true&instance='.$instance));
 } else if (false) { //disable for now
  for ($i = 0; $i < count($fp); ++$i) {
	  if (strpos($fp[$i], '$start_dir') !== FALSE) {
		  $root = substr(DIR_FS_DOCUMENT_ROOT, -1) === '/' ? DIR_FS_DOCUMENT_ROOT : DIR_FS_DOCUMENT_ROOT . '/'; // slash may not be used in settings so add
		  if (strpos($fp[$i], $root) === FALSE) {
			  tep_redirect(tep_href_link(FILENAME_SITEMONITOR_CONFIG_SETUP, 'invalid_username=true&instance='.$instance));
		  }
	  }
  }
 }
 /********************** END CHECK THE USERNAME *********************/
 $logFile = 'sitemonitor_log' . '_' . $instance . '.txt';
 $referenceFile = 'sitemonitor_reference' . '_' . $instance . '.txt';

 /********************** BEGIN CHECK COMMON SECURITY HOLES *********************/
 $adminSM = trim(DIR_WS_ADMIN, '/');
 if ($adminSM === 'admin') {
  $messageStack->add(ERROR_ADMIN_NAME, 'error');
 }
 if (file_exists(DIR_FS_ADMIN . 'file_manager.php')) {
  $messageStack->add(ERROR_FILE_MANAGER, 'error');
 }
 if (($dbCheckErr = CheckDatabase()) != '') {
  $messageStack->add($dbCheckErr, 'error');
 }
 if (! file_exists(DIR_FS_CATALOG . DIR_WS_IMAGES . '.htaccess')) {
  $messageStack->add(ERROR_IMAGES_NOT_PROTECTED, 'error');
 } 
 $invalidFiles = array_merge((array)glob(DIR_FS_CATALOG . DIR_WS_IMAGES . '*.php'),(array)glob(DIR_FS_CATALOG . DIR_WS_IMAGES . '*.txt'));
 if (!empty($invalidFiles)) {
   $messageStack->add(ERROR_IMAGES_HAS_PHP, 'error');
   foreach ($invalidFiles as $filename) {
  echo $messageStack->add($filename);
   }
 }
 if (! is_writable(DIR_FS_ADMIN . GetLogFileLocation() . '/' . $logFile)) {
  $messageStack->add(ERROR_LOG_NOT_WRITEABLE, 'error');
 }
 if (! is_writable(DIR_FS_ADMIN . $referenceFile)) {
  $messageStack->add(ERROR_REFERENCE_NOT_WRITEABLE, 'error');
 }
 /********************** END CHECK COMMON SECURITY HOLES *********************/
 $fileDeleted = false;
 $foundErrors = 0;
 $hackedFiles = array();
 $hackedFiles = array();
 $hackedResult = false;
 $showErrors  = 0;
 $useExcludeFile = '';   //if enabled, code will use the disk file with stored files in the hacker file search
 $overwriteExcludeFile = ''; //if enabled, a new hacker exclude list will be built
 $actionDelete  = (isset($_POST['action_delete']) ? $_POST['action_delete'] : false);
 $actionExecute = (isset($_POST['action_execute']) ? $_POST['action_execute'] : false);
 $actionManual  = (isset($_POST['action_manual']) ? $_POST['action_manual'] : false);
 $actionHackerCheck = (isset($_POST['action_hacker_check']) ? $_POST['action_hacker_check'] : false);
 $actionHackerExclude = (isset($_POST['action_hacker_exclude']) ? $_POST['action_hacker_exclude'] : false);
 $action = (isset($_POST['action']) ? $_POST['action'] : false);
 if (tep_not_null($action))  {
  /********************** CHECK THE VERSION ***********************/
  if ($action == 'getversion') {
	  if (isset($_POST['version_check']) && $_POST['version_check'] == 'on') {
		  $versionStatus = AnnounceVersion($contribPath, $currentVersion, $contribName);
	  }
  }
 }
 /********************** CHECK THE ACTIONS ***********************/
 else if (tep_not_null($actionDelete) || tep_not_null($actionExecute))
 {
  require($filenameConfigure);
  if (file_exists($referenceFile) && tep_not_null($actionDelete)) {
	  runSitemonitor($referenceFile, $logFile);    //run before deleting
	  if (unlink($referenceFile))		  //delete the reference file before running
		  $fileDeleted = true;
  }

  $foundErrors = runSitemonitor($referenceFile, $logFile);	    //create the reference files
  $showErrors = 1;

  switch ($foundErrors) {				    //report result
	  case -1: $errmsg = 'Reference file creation failed.'; break;
	  case -2: $errmsg = 'First time ran. Reference file was created and saved.'; break;
	  case  0: $errmsg = 'No mismatches found'; break;
	  default: $errmsg = sprintf("%d mismatches were found. Run the script manually or see the email for the actual mismatches.", $foundErrors); break;
  }
 }
 else if ($actionManual)  {
  tep_redirect(tep_href_link('sitemonitor.php', 'instance=' . $instance));
 }
 else if ($actionHackerCheck)
 {
  $useExcludeFile = isset($_POST['use_exclude_file']) ? 'checked="yes"' : '';
  if (file_exists($referenceFile)) {
	  $hackedResult = CheckForHackerCode($hackedFiles, $useExcludeFile, $instance);
  } else {
	  $messageStack->add(ERROR_FAILED_REFERENCE_NOT_FOUND, 'error');
  }
 }
 else if ($actionHackerExclude)
 {
  $hackedFiles = unserialize(urldecode($_POST['hackerfiles']));
  $overwriteExcludeFile = isset($_POST['overwrite_exclude_file']) && $_POST['overwrite_exclude_file'] == 'on' ? 'checked' : ''; //save for restoring setting
  $hackerExcludeFile = 'sitemonitor_hacker_excludes_' . $instance . '.txt';
  $saveArray = array();
  if (empty($overwriteExcludeFile)) {  //then append changes
	  if (file_exists($hackerExcludeFile)) {
		  $saveArray = @file($hackerExcludeFile, FILE_IGNORE_NEW_LINES | FILE_SKIP_EMPTY_LINES); //read in the file so it doesn't get overwriten
	  }
  }
  $i = 0;
  $errorMsg = '';
  foreach ($hackedFiles as $key => $value) {
	  if (isset($_POST['quaranteen_' . $i]) && $_POST['quaranteen_' . $i] == 'on') { //this file should be quaranteened
		  if (file_exists($value['file'])) {			   //make sure it is still preeent
			  $path_parts = pathinfo($value['file']);
			  $newfile = sprintf("%squarantine/%s_%s  ",DIR_FS_ADMIN, $path_parts['basename'], @date("Y-m-d") ); //get the path to the quaranteen file
			  $quaranteenDir = DIR_FS_ADMIN . 'quarantine/';
			  if (!( $quaranteenDirPresent = is_dir($quaranteenDir))) {  //check if the quaranteen directory exists
				  $quaranteenDirPresent = mkdir($quaranteenDir);		 //try to create it if not
			  }
			  if ($quaranteenDirPresent) {							   //the quaranteen directory does exist
				  if (! rename($value['file'], $newfile)) {			  //try moving the file that is marked
					  $errorMsg = ERROR_FAILED_FILE_WRITE;
				  }
			  } else {
				  $errorMsg = ERROR_FAILED_CREATE_QUARATINE_DIRECTORY;
			  }
		  }
	  }
	  if (isset($_POST['exclude_'.$i]) && $_POST['exclude_'.$i] == 'on') { //build the array to exclude
		  if (! in_array($value['file'], $saveArray)) {
			  $saveArray[] = $value['file'];
			  unset($hackedFiles[$key]);
		  }
	  }
	  $i++;
  }
  $hackedFiles = array_values($hackedFiles);
  WriteFile($hackerExcludeFile, $saveArray);
  if (tep_not_null($errorMsg)) {
	   $messageStack->add($errorMsg,'error');
  }
 }
 $enableExcludeBox = (file_exists('sitemonitor_hacker_excludes_' . $instance . '.txt')) ? '' : 'disabled';
 $instances = GetInstancesArray();
 $logfile_location = GetLogFileLocation();
 $logFiles = GetLogFiles($logfile_location); //display the files in the dropdown
 $logs =$logfile_location . '/';			 //for use in javascript
 require(DIR_WS_INCLUDES . 'template_top.php');
?>
<style type="text/css">
td.HTC_subHead {color: sienna; font-size: 14px; }
table.BorderedBox {border: ridge #ddd 3px; background-color: #eee; }
table.BorderedBoxWhite {border: ridge #ddd 3px; background-color: #fff; }
table.BorderedBoxLight {border: ridge #ddd 3px; background-color: #E6E6E6; }
tr.Header { background-color: #eee; }
.ds_small { font-family: Verdana, Arial, sans-serif; font-size: 10px; font-weight:bold }
</style>
<script type="text/javascript"> <!--
function popupWindow(url) {
 window.open(url,'popupWindow','toolbar=no,location=no,directories=no,status=no,menubar=no,scrollbars=yes,resizable=yes,copyhistory=no,width=800,height=800,screenX=150,screenY=150,top=15,left=15')
}
//--></script>
<script type="text/javascript"> <!--
function ChangeCheckedStatus(name, items)
{
 var status = document.getElementsByName(name)[0].checked;
 for (j = 0; j < items; j++)  {
   var id = name + '_' + j;
   document.getElementsByName(id)[0].checked = status;
 }
}
function ShowLogFile() {
 var list = document.getElementById("logreader");
 var path = "<?php echo $logs; ?>";
 var file = path + list.options[list.selectedIndex].text;

 var isFile = file.indexOf(".txt");
 if (isFile > 0) {
   window.open(file);
 } else {
   alert("Invalid Selection");
 }
}
//--></script>
<table border="0" width="100%" cellspacing="2" cellpadding="2">
 <tr>
   <td width="100%" valign="top"><table border="0" width="100%" cellspacing="0" cellpadding="0">
 <tr>
  <td width="100%" valign="top"><table border="0" width="100%" cellspacing="0" cellpadding="2" class="BorderedBox">
   <tr>
    <td><table border="0" width="40%" cellspacing="0" cellpadding="0">
	    <tr>
		   <td class="pageHeading" valign="top"><?php echo str_replace(" ", " ", $currentVersion); ?></td>
	    </tr>
	    <tr>
		   <td class="ds_small" valign="top"><?php echo HEADING_TITLE_SUPPORT_THREAD; ?></td>
	    </tr>
    </table></td>
    <td><table border="0" width="100%">
	 <tr>
	  <td class="ds_small" align="right"><?php echo HEADING_TITLE_AUTHOR; ?></td>
	 </tr>
	 <?php
	 if (function_exists('AnnounceVersion')) {
	    if (false) { //database option not available so ignore
	 ?>
		   <tr>
			  <td class="ds_small" align="right" style="font-weight: bold; color: red;"><?php echo AnnounceVersion($contribPath, $currentVersion, $contribName); ?></td>
		   </tr>
	 <?php } else if (tep_not_null($versionStatus)) {
	   echo '<tr><td class="ds_small" align="right" style="font-weight: bold; color: red;">' . $versionStatus . '</td></tr>';
	 } else {
	   echo tep_draw_form('version_check', FILENAME_SITEMONITOR_ADMIN, '', 'post') . tep_draw_hidden_field('action', 'getversion');
	 ?>
		   <tr>
			  <td class="ds_small" align="right" style="font-weight: bold; color: red;"><INPUT TYPE="radio" NAME="version_check" onClick="this.form.submit();"><?php echo TEXT_VERSION_CHECK_UPDATES; ?></td>
		   </tr>
	   </form>
	 <?php } } else { ?>
	    <tr>
		   <td class="ds_small" align="right" style="font-weight: bold; color: red;"><?php echo TEXT_MISSING_VERSION_CHECKER; ?></td>
	    </tr>
	 <?php } ?>
    </table></td>
   </tr>
   <tr>
    <td><?php echo tep_draw_separator('pixel_trans.gif', '100%', '10'); ?></td>
    </tr>
   <tr>
    <td class="HTC_subHead" colspan="2"><?php echo TEXT_SITEMONITOR_ADMIN; ?></td>
   </tr>
  </table></td>
 </tr>
 <tr>
  <td><table border="0"width="100%" class="BorderedBoxLight">
   <tr>
    <td width="50%"><?php echo tep_draw_form('sitemonitor_instances', FILENAME_SITEMONITOR_ADMIN, '', 'post') . tep_draw_hidden_field('action', 'process_instances'); ?>
	 <table border="0" width="100%" cellspacing="0" cellpadding="2">
	  <tr>
	   <td class="smallText" width="130"><?php echo TEXT_CHOOSE_INSTANCE; ?></td>
	   <td width="50" align="left"><?php echo tep_draw_pull_down_menu('instance', $instances, $instance, 'class="smallText"  onChange="this.form.submit();"'); ?></td>
	   <td class="smallText"><?php echo sprintf(TEXT_CHOOSE_INSTANCE_EXPLAIN, GetInstanceCount()); ?></td>
	  </tr>
    </table></form></td>
    <td width="50%"> <?php echo tep_draw_form('sitemonitor_logreader', FILENAME_SITEMONITOR_ADMIN, '', 'post') . tep_draw_hidden_field('action', 'process_instances'); ?>
	  <table border="0" width="50%" cellspacing="0" cellpadding="2">
	   <tr>
	    <td class="smallText" width="100"><?php echo TEXT_LOG_READER; ?></td>
	    <td align="left"><?php echo tep_draw_pull_down_menu('log_reader', $logFiles, '', 'class="smallText" id="logreader" onChange="ShowLogFile();"'); ?></td>
	  </tr>
    </table></form></td>
   </tr>
  </table></td>
 </tr>
 <tr>
  <td><?php echo tep_black_line(); ?></td>
 </tr>
 <!-- BEGIN LOWER SECTION -->
 <tr>
  <td><table width="100%" border="0" cellspacing="0" cellpadding="0" class="BorderedBoxWhite">
   <!-- BEGIN DELETE AND GENERATE FILE -->
   <tr>
    <td colspan="2"><table width="100%" border="0" cellspacing="0" cellpadding="0">
	 <tr>
	  <td align="right"><?php echo tep_draw_form('sitemonitor_auto', FILENAME_SITEMONITOR_ADMIN, '', 'post') . tep_draw_hidden_field('action_delete', 'process'); ?></td>
	   <tr>
	    <td><table border="0" width="40%" border="0" cellspacing="0" cellpadding="2">
		 <tr>
		  <td class="smallText" width="70%" style="font-weight:bold;"><?php echo TEXT_SITEMONITOR_DELETE_REFERENCE; ?></td>
		 </tr>
		 <tr>
		  <td class="smallText"><?php echo TEXT_SITEMONITOR_DELETE_EXPLAIN; ?></td>
		  <td align="center"><?php echo tep_draw_hidden_field('instance', $instance) . tep_image_submit('button_update.gif', IMAGE_UPDATE)  . ' <a href="' . tep_href_link(FILENAME_SITEMONITOR_ADMIN, '') .'">' . '</a>'; ?></td>
		 </tr>
		 <?php if ($actionDelete && $fileDeleted) { ?>
		  <tr><td class="smallText"><?php echo $referenceFile . ' has been deleted!'; ?></td></tr>
		 <?php } ?>
		 <?php if ($actionDelete && $showErrors) { ?>
		  <tr><td class="smallText"><?php echo $errmsg; ?></td></tr>
		 <?php } ?>
	    </table></td>
	   </tr>
	  </form>
	  </td>
	 </tr>
    </table></td>
   </tr>
   <!-- END DELETE AND GENERATE FILE -->
   <tr>
    <td><?php echo tep_draw_separator('pixel_trans.gif', '100%', '10'); ?></td>
   </tr>
   <tr>
    <td><?php echo tep_black_line(); ?></td>
   </tr>
   <!-- BEGIN EXECUTE FILE -->
   <tr>
    <td><table width="100%" border="0" cellspacing="0" cellpadding="0">
	 <tr>
	  <td align="right"><?php echo tep_draw_form('sitemonitor_auto', FILENAME_SITEMONITOR_ADMIN, '', 'post') . tep_draw_hidden_field('action_execute', 'process'); ?></td>
	   <tr>
	    <td><table width="40%" border="0" cellspacing="0" cellpadding="2">
		 <tr>
		  <td class="smallText" width="70%" style="font-weight:bold;"><?php echo TEXT_SITEMONITOR_EXECUTE; ?></td>
		 </tr>
		 <tr>
		  <td class="smallText"><?php echo TEXT_SITEMONITOR_EXECUTE_EXPLAIN; ?></td>
		  <td align="center"><?php echo tep_draw_hidden_field('instance', $instance) . tep_image_submit('button_update.gif', IMAGE_UPDATE) . ' <a href="' . tep_href_link(FILENAME_SITEMONITOR_ADMIN, '') .'">' . '</a>'; ?></td>
		 </tr>
		 <?php if ($actionExecute && $showErrors) { ?>
		  <tr><td class="smallText"><?php echo $errmsg; ?></td></tr>
		 <?php } ?>
	    </table></td>
	   </tr>
	  </form>
	  </td>
	 </tr>
    </table></td>
   </tr>
   <!-- END EXECUTE FILE -->
   <tr>
    <td><?php echo tep_draw_separator('pixel_trans.gif', '100%', '10'); ?></td>
   </tr>
   <tr>
    <td><?php echo tep_black_line(); ?></td>
   </tr>
   <!-- BEGIN MANUALLY EXECUTE FILE -->
   <tr>
    <td><table width="100%" border="0" cellspacing="0" cellpadding="0">
	  <tr>
	  <td align="right"><?php echo tep_draw_form('sitemonitor_auto', FILENAME_SITEMONITOR_ADMIN, '', 'post') . tep_draw_hidden_field('action_manual', 'process'); ?></td>
	   <tr>
	    <td><table border="0" width="40%" cellspacing="0" cellpadding="2">
		 <tr>
		  <td class="smallText" width="70%" style="font-weight:bold;"><?php echo TEXT_SITEMONITOR_MANUAL; ?></td>
		 </tr>
		 <tr>
		  <td class="smallText"><?php echo TEXT_SITEMONITOR_MANUAL_EXPLAIN; ?></td>
		  <td align="center"><?php echo tep_draw_hidden_field('instance', $instance) . tep_image_submit('button_update.gif', IMAGE_UPDATE);?></td>
		 </tr>
	    </table></td>
	   </tr>
	  </form>
	  </td>
	 </tr>
    </table></td>
   </tr>
   <!-- END MANUALLY EXECUTE FILE -->
   <tr>
    <td><?php echo tep_draw_separator('pixel_trans.gif', '100%', '10'); ?></td>
   </tr>
   <tr>
    <td><?php echo tep_black_line(); ?></td>
   </tr>
   <!-- BEGIN MANUALLY CHECK FOR HACKED FILES -->
   <tr>
    <td><table width="100%" border="0" cellspacing="0" cellpadding="0">
	 <tr>
	  <td align="right"><?php echo tep_draw_form('sitemonitor_auto', FILENAME_SITEMONITOR_ADMIN, '', 'post') . tep_draw_hidden_field('action_hacker_check', 'process'); ?></td>
	   <tr>
	    <td><table border="0" width="40%" cellspacing="0" cellpadding="2">
		 <tr>
		  <td class="smallText" width="70%" style="font-weight:bold;"><?php echo TEXT_SITEMONITOR_HACKER_CHECK; ?></td>
		 </tr>
		 <tr>
		  <td class="smallText"><?php echo TEXT_SITEMONITOR_HACKER_CHECK_EXPLAIN; ?></td>
		  <td align="center"><?php echo tep_draw_hidden_field('instance', $instance) . tep_image_submit('button_update.gif', IMAGE_UPDATE);?></td>
		 </tr>
		 <tr>
		  <td><table border="0" width="100%" cellpadding="0">
		   <tr>
		    <td width="10"><input type="checkbox" name="use_exclude_file" <?php echo $useExcludeFile . $enableExcludeBox; ?> ></td>
		    <td class="smallText"><?php echo TEXT_HACK_TITLE_USE_EXCLUDE_FILE; ?></td>
		   </tr>
		  </table></td>
		 </tr>
	    <table></td>
	   </tr>
	  </form>
	  </td>
	 </tr>
	 <tr>
	  <td><?php echo tep_draw_separator('pixel_trans.gif', '100%', '10'); ?></td>
	 </tr>
	 <tr>
	  <td class="smallText"><?php echo $hackedResult; ?></td>
	 </tr>
	 <?php if (count($hackedFiles) > 0) { ?>
	 <tr>
	  <td><table border="0" width="100%" cellpadding="0" style="background-color: #eee; border: ridge #CCFFCC 3px;">
	   <tr bgcolor="yellow">
	    <th class="smallText" align="left"><?php echo TEXT_HACK_TITLE_NOTES; ?></th>
	   </tr>
	   <tr>
	    <th class="smallText" align="left"><?php echo TEXT_HACK_EXPLAIN_REF; ?></th>
	   </tr>
	   <tr>
	    <th class="smallText" align="left"><?php echo TEXT_HACK_EXPLAIN_LINE; ?></th>
	   </tr>
	   <tr>
	    <th class="smallText" align="left"><?php echo TEXT_HACK_EXPLAIN_LOCN; ?></th>
	   </tr>
	   <tr>
	    <th class="smallText" align="left"><?php echo TEXT_HACK_EXPLAIN_FILE; ?></th>
	   </tr>
	   <tr>
	    <th class="smallText" align="left"><?php echo TEXT_HACK_EXPLAIN_DATES_MATCH; ?></th>
	   </tr>
	   <tr>
	    <th class="smallText" align="left"><?php echo TEXT_HACK_EXPLAIN_COLOR; ?></th>
	   </tr>
	  </table></td>
	 </tr>
	 <?php echo tep_draw_form('sitemonitor_exclude', FILENAME_SITEMONITOR_ADMIN, '', 'post') . tep_draw_hidden_field('action_hacker_exclude', 'process');
	 $numFiles = count($hackedFiles);
	 ?>
	  <tr>
	   <td><table border="1" width="100%" cellpadding="0">
	    <tr>
		 <th class="smallText"><?php echo TEXT_HACK_TITLE_REF; ?></th>
		 <th class="smallText"><?php echo TEXT_HACK_TITLE_LINE; ?></th>
		 <th class="smallText"><?php echo TEXT_HACK_TITLE_FILE; ?></th>
		 <th class="smallText"><?php echo TEXT_HACK_TITLE_HACKER_CODE; ?></th>
		 <th class="smallText"><?php echo TEXT_HACK_TITLE_DATE_CMP; ?></th>
		 <th class="smallText"><?php echo TEXT_HACK_TITLE_EXCLUDE; ?><br><input type="checkbox" name="exclude" id="exclude" onClick="ChangeCheckedStatus('exclude', <?php echo $numFiles; ?>)"></th>
		 <th class="smallText"><?php echo TEXT_HACK_TITLE_DELETE; ?><br><input type="checkbox" name="quaranteen" id="quaranteen" onClick="ChangeCheckedStatus('quaranteen', <?php echo $numFiles; ?>)"></th>
	    </tr>
	    <?php
		 for ($i = 0; $i < count($hackedFiles); ++$i) {
	    ?>
	    <tr>
		 <?php  $color = $hackedFiles[$i]['color']; ?>
		 <td class="smallText" width="14" align="center"><?php echo ($hackedFiles[$i]['inref'] ? tep_image('images/mark_check.jpg') : ' '); ?></td>
		 <td class="smallText" width="24"><?php echo $hackedFiles[$i]['line'];  ?></td>
		 <td class="smallText" ><a class="smallText" style="color: <?php echo $color; ?>" href="javascript:popupWindow('sitemonitor_popup.php?<?php echo $hackedFiles[$i]['file'];?>')"><?php echo substr($hackedFiles[$i]['file'], strlen(DIR_FS_CATALOG)); ?></a></td>
		 <td class="smallText" width="14" align="center"><?php echo ($hackedFiles[$i]['hackercode'] ? $hackedFiles[$i]['hackercode'] : ' '); ?></td>
		 <td class="smallText" width="14" align="center"><?php echo ($hackedFiles[$i]['date_cmp'] ? tep_image('images/mark_check.jpg') : ' '); ?></td>
		 <td width="6" align="center"><input type="checkbox" name="exclude_<?php echo $i; ?>" value="on" id="exclude_<?php echo $i; ?>"></td>
		 <td width="6" align="center"><input type="checkbox" name="quaranteen_<?php echo $i; ?>" value="on" id="quaranteen_<?php echo $i; ?>"></td>
	    </tr>
	    <?php } ?>
	   </table></td>
	  </tr>
	  <tr>
	   <td><table border="0" width="100%" cellpadding="0" style="background-color: #eee; border: ridge #CCFFCC 3px;">
	    <tr>
		 <td align="right" width="520" class="smallText"><?php echo TEXT_HACK_TITLE_OVERWRITE_EXCLUDE_FILE; ?></td>
		 <td align="center" width="30"><input type="checkbox" name="overwrite_exclude_file" <?php echo $overwriteExcludeFile; ?> ></td>
		 <td align="left" colspan="4" valign="middle">
		  <?php echo tep_draw_hidden_field('hackerfiles', urlencode(serialize($hackedFiles))) .
					 tep_draw_hidden_field('use_exclude_file', $useExcludeFile) .
					 tep_image_submit('button_update.gif', IMAGE_UPDATE, 'name="hacker_exclude"'); ?>
		 </td>
	    </tr>
	   </table></td>
	  </tr>
	 </form>
	 <?php } else if (isset($_POST['action_hacker_check'])) { ?>
	 <tr>
	  <td class="smallText"><b><?php echo TEXT_NO_HACKED_FILES; ?></b></td>
	 </tr>
	 <tr>
	  <td><?php echo tep_draw_separator('pixel_trans.gif', '100%', '10'); ?></td>
	 </tr>
	 <?php } ?>
    </table></td>
   </tr>
   <!-- END MANUALLY CHECK FOR HACKED FILES -->
  </table></td>
 </tr>
 <!-- END LOWER SECTION -->
   </table></td>
 </tr>
</table>
<?php
 require(DIR_WS_INCLUDES . 'template_bottom.php');
 require(DIR_WS_INCLUDES . 'application_bottom.php');
?>

Share this post


Link to post
Share on other sites

Since I tracked my issue down to the sitemonitor_admin.php file (don't know exactly the issue), I replaced the code with the code you posted above and it solved the issue I was having.

 

The bypass of the 'username' check solved my problem.

Share this post


Link to post
Share on other sites

For anyone using the latest version, I forgot to mention something regarding the new database checking code. It works by creating a copy of the existing entries and placing them in the sitemonitor_db_reference.txt file. If your database has already been hacked, the code will store those hacked changes and never show a problem. There isn't a way to check the file from within SiteMonitor since it was too much work for such a small change. So you will need to look at the manufacturers and language entries in your admin to be sure there are not any entries that shouldn't be there. If there are, then you need to delete them and then delete the sitemonitor_db_reference.txt file so it gets regenerated.

Share this post


Link to post
Share on other sites

Thanks for the update. I went ahead and uploaded the new sitemonitor_admin.php, and that corrected the error codes I was getting. Now, I have a new msg showing in pink : The sitemonitor_log file cannot be written to.

Well, I checked and the log file is being written to. Apparently, there may be another file that is not correct. When I extracted the package, I was careful to upload only the files indicated in the docs. Perhaps you may double check to may certain that the correct files are in the package. Please let me know if there is any thing I can do about the msg shown in pink.

 

Regards

Steve

Share this post


Link to post
Share on other sites

Thanks for the update. I went ahead and uploaded the new sitemonitor_admin.php, and that corrected the error codes I was getting. Now, I have a new msg showing in pink : The sitemonitor_log file cannot be written to.

Well, I checked and the log file is being written to. Apparently, there may be another file that is not correct. When I extracted the package, I was careful to upload only the files indicated in the docs. Perhaps you may double check to may certain that the correct files are in the package. Please let me know if there is any thing I can do about the msg shown in pink.

 

Regards

Steve

That message will appear on the first run. Click on Update to create a new reference file and then click on admin->SiteMonitor->Admin to refresh the page and it should no longer be showing.

Share this post


Link to post
Share on other sites

Hello! I installed the lates version von oscommerce 2.3.1 But I got the same error as rollout . rollout wrote that he fixed the problem by copy the code of the sitemonitor_admin.php which was postet here.

I did the same but got now other messages it I click on sitemonitor - admin:

 

Failed to open file sitemonitor_db_reference.txt error.gif WARNING: Database reference creation failed. error.gif The sitemonitor_log file cannot be written to. error.gif The sitemonitor_reference file cannot be written to.

 

What should I do?

Share this post


Link to post
Share on other sites

Hello! I installed the lates version von oscommerce 2.3.1 But I got the same error as rollout . rollout wrote that he fixed the problem by copy the code of the sitemonitor_admin.php which was postet here.

I did the same but got now other messages it I click on sitemonitor - admin:

 

Failed to open file sitemonitor_db_reference.txt error.gif WARNING: Database reference creation failed. error.gif The sitemonitor_log file cannot be written to. error.gif The sitemonitor_reference file cannot be written to.

 

What should I do?

It sounds like either it wasn't installed correctly or your host prevents the creation and/or changing permissions of files. You could try creating those files manually. That may work,though if it does, it fail the next time they need to be created. If that turns out to be the case, you will need to ask your host to change the settings to allow the operation.

Share this post


Link to post
Share on other sites

ok...let me start of by saying sorry, but I've looked at this for a couple of days now with no luck. As w/ many posts, I'm getting the "invalid username" error. The System and Sitemonitor paths match exactly, and I've tried the admin user/pass for the admin section of the site, as well as the dbase user/pass and neither one takes. I've even created a secondary admin account in the store's admin console, but that doesn't work either. I've manually updated the php file as well as tried via the SiteMonitor configure section in the admin console. I've also tried leaving the user/pass blank as well as the admin directory field, but nothing seems to work, and I'm at a total loss. I even went through and retraced all my steps during the install/code copy and everything is there. Any help would be appreciated. If you need more info, please let me know.

Share this post


Link to post
Share on other sites

ok...let me start of by saying sorry, but I've looked at this for a couple of days now with no luck. As w/ many posts, I'm getting the "invalid username" error. The System and Sitemonitor paths match exactly, and I've tried the admin user/pass for the admin section of the site, as well as the dbase user/pass and neither one takes. I've even created a secondary admin account in the store's admin console, but that doesn't work either. I've manually updated the php file as well as tried via the SiteMonitor configure section in the admin console. I've also tried leaving the user/pass blank as well as the admin directory field, but nothing seems to work, and I'm at a total loss. I even went through and retraced all my steps during the install/code copy and everything is there. Any help would be appreciated. If you need more info, please let me know.

You are not alone Chris. I have exactly the same problem and I've been tearing my hair out for a few hours trying to fix it. New install of SiteMonitor 3.0 on osCommerce 2.3.1. I get the pink error line saying the username is invalid and the system and sitemonitor paths in the message are identical. Could really do with some help here.

Share this post


Link to post
Share on other sites

You are not alone Chris. I have exactly the same problem and I've been tearing my hair out for a few hours trying to fix it. New install of SiteMonitor 3.0 on osCommerce 2.3.1. I get the pink error line saying the username is invalid and the system and sitemonitor paths in the message are identical. Could really do with some help here.

OK. Solved it. I needed to replace sitemonitor_admin.php with the new version posted by Jack in post 1870 above. I had actually read that post and incorrectly assumed that by now the download on addons.oscommerce.com would have been updated but it hasn't.

Share this post


Link to post
Share on other sites

That usually happens when the reference file has not been created.

Hi!

 

the files have this modes:

 

-rw-rw-rw- 1 wwwrun root 0 29. Apr 2009 sitemonitor_hacker_excludes_0.txt

-rw-rw-rw- 1 wwwrun root 0 14. Jun 2010 sitemonitor_reference_0.txt

 

but I have this in the log and the reference file is not created:

 

[sun Sep 25 11:21:53 2011] [error] [client 84.166.189.171] PHP Warning: unlink(sitemonitor_reference_0.txt): Permission denied in /vwww/mysite/root/admin/sitemonitor_admin.php on line 120, referer: https://www.mysite.de/admin/sitemonitor_admin.php

 

I also get a blank page it I execute

https://www.mysite.de/admin/sitemonitor_configure_setup.php

 

Andreas

Share this post


Link to post
Share on other sites

but I have this in the log and the reference file is not created:

 

[sun Sep 25 11:21:53 2011] [error] [client 84.166.189.171] PHP Warning: unlink(sitemonitor_reference_0.txt): Permission denied in /vwww/mysite/root/admin/sitemonitor_admin.php on line 120, referer: https://www.mysite.d...nitor_admin.php

 

I also get a blank page it I execute

https://www.mysite.d...igure_setup.php

 

Andreas

The first problem is a server-related problem. The file can't be created if the original can't be deleted. You will need to ask your host to look at why the deletion fails.

 

For the blank page problem, check your error log to see if anything shows up for it. If not, try replacing your sitemonitor_configure_0.txt and/or the admin/includes/languages/english/sitemonitor_configure_setup file(s) with the included one(s) to see if they are the problem.

Share this post


Link to post
Share on other sites

The first problem is a server-related problem. The file can't be created if the original can't be deleted. You will need to ask your host to look at why the deletion fails.

 

For the blank page problem, check your error log to see if anything shows up for it. If not, try replacing your sitemonitor_configure_0.txt and/or the admin/includes/languages/english/sitemonitor_configure_setup file(s) with the included one(s) to see if they are the problem.

 

I had to chmod 777 the superior directory so the sitemonitor_reference_0.txt can be written. Is that a good idea?

 

I copied the original file sitemonitor_configure_0.txt from the source package.

The blank page still appears even after chmoding. The sitemonitor_configure_0.txt is not written.

-rw-rw-rw- 1 wwwrun www 1775 1. Sep 22:44 sitemonitor_configure_0.txt

 

Nothing in the log. But OK, I can edit it by hand.

 

Andreas

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

×