Jump to content
Jack_mcs

SiteMonitor

Recommended Posts

Hi Jack

 

 

thx for your work i use this a long time and now i update (ver 2.2) to your version 3.2

 

and i get some troubble:

 

by Manually Execute Sitemonitor i get:

 

 

Warning: opendir(): open_basedir restriction in effect. File(/home/username/public_html) is not within the allowed path(s): (/var/www/htdocs/ks01125) in /var/www/htdocs/ks01125/html/catalog/admin/includes/functions/sitemonitor_functions.php on line 364

Warning: opendir(/home/username/public_html): failed to open dir: Operation not permitted in /var/www/htdocs/ks01125/html/catalog/admin/includes/functions/sitemonitor_functions.php on line 364

 

i must update this file also with the same entrys as per admin/sitemonitor_configure_setup.php ?

 $fp[] = "<?php" . PHP_EOL;
    $fp[] = "/************** THE OPTIONS AND SETTINGS ****************/" . PHP_EOL;
    $fp[] = "\$always_email = 1; //set to 1 to always email the results" . PHP_EOL;
    $fp[] = "\$verbose = 1; //set to 1 to see the results displayed on the page (for when running manually)" . PHP_EOL;
    $fp[] = "\$logfile = 1; //set to 1 to see to track results in a log file" . PHP_EOL;
    $fp[] = "\$logfile_size = 100000; //set the maximum size of the logfile" . PHP_EOL;
    $fp[] = "\$logfile_delete = 30; //set of days to wait before a previous log file is deleted - leave blank to never delete" . PHP_EOL;
    $fp[] = "\$logfile_location = 'sitemonitor_logs'; //enter the name of the directory to store the log files. The directory is required to be in the admin directory" . PHP_EOL;
    $fp[] = "\$reference_reset = 3; //delete the reference file this many days apart" . PHP_EOL;
    $fp[] = "\$quarantine = 0; //set to 1 to move new files found to the quarantine directory" . PHP_EOL;
    $fp[] = "\$to = 'some_address@your_domain.com'; //where email is sent to" . PHP_EOL;
    $fp[] = "\$from = 'From: some_address@your_domain.com'; //where email is sent from" . PHP_EOL;
    $fp[] = "\$start_dir = '/home/username/public_html'; //your shops root" . PHP_EOL;
    $fp[] = "\$admin_dir = 'http://www.yourdomain.com/admin'; //your shops admin" . PHP_EOL;
    $fp[] = "\$admin_username = 'username'; //your admin username" . PHP_EOL;
    $fp[] = "\$admin_password = 'password'; //your admin password" . PHP_EOL;
    $fp[] = "\$excludeList = array('admin/quarantine', 'cgi-bin','admin'); //don't check these directories - change to your liking - must be set prior to first run" . PHP_EOL;
    $fp[] = "\$hackIgnoreList = array('jpg', 'jpeg','gif','png','txt','zip'); //don't check these types of files - change to your liking" . PHP_EOL;
    $fp[] = "\$hackCodeSegments = array('error_reporting(0)', 'base64_decode','<iframe','gzdecode','eval','ob_start(\"security_update\")', 'Goog1e_analist_up', 'eval(gzinflate(base64_decode', 'Web Shell', '@eval', ' header;', 'shell_exec', 'system','SetCookie','Meher Assel', 'nt02', '<script src','r57shell','createCSS','auto_append_file'); //enter any hacker code that you would like to check for" . PHP_EOL;
    $fp[] = "?>" . PHP_EOL;

i think there is a setup i miss (i cant belive that this file must be updated)

 

can you please give me  a hand to fix this

 

rgds

 

alfred

Edited by stragami

Share this post


Link to post
Share on other sites

@@stragami There isn't a file named sitemonitor_configure_setup.php in the latest version. You may want to read through the update files.

Share this post


Link to post
Share on other sites

if i start Manually Execute Sitemonitor

 

i get this error


Warning: opendir(): open_basedir restriction in effect. File(/home/username/public_html) is not within the allowed path(s): (/var/www/htdocs/ks01125) in /var/www/htdocs/ks01125/html/catalog/admin/includes/functions/sitemonitor_functions.php on line 364

Warning: opendir(/home/username/public_html): failed to open dir: Operation not permitted in /var/www/htdocs/ks01125/html/catalog/admin/includes/functions/sitemonitor_functions.php on line 364

if i use Execute Sitemonitor i have no problem and it works fine

Edited by stragami

Share this post


Link to post
Share on other sites

@@stragami You are correct. That file is present. I didn't pay close enough attention to the file that you displayed, which is not that file, and the name you mentioned. You displayed the sitemonitor_configure file. In older versions that was named sitemonitor_configure.php. In later versions it was named sitemonitor_configure_0.php and in the latest version it is named sitemonitor_configure_0.txt.

 

Regarding the error message you are getting, that is a server issue. There is a setting for your account not to allow loading of files outside the set path. You'll need to ask your host to change that to fix the problem.

Share this post


Link to post
Share on other sites

Hi Jack

 

i see that the file sitemonitor_reference_0.txt will be changed from the sidemonitor

 

if i copy the file by ftp the owner are me  and group www-data - if i run the script the owner will be changed to owner www-data / group www-data

 

next time if i run the script i get a timeout because the file sitemonitor_reference_0.txt cant be open / cant be updated  by sitemonitor because a incorrect owner.

 

also the rights will be change from 0777 to 0644  (also by sitemonitor_log_0.txt) but i need 777

 

can you help

 

rgds

alfred

Edited by stragami

Share this post


Link to post
Share on other sites

As mentioned, that is a server problem. Ask your host to change the owner to user and it should work. You can't change it with an ftp program.

Share this post


Link to post
Share on other sites
@@Jack_mcs , you continually amaze me with the incredible contributions you make available to all of us.  I have utilized Site Monitor for years on my old site but haven't upgraded it since 2009.  Thank you SO MUCH for the Version Checker contribution as well!!!  This will help me keep all of these current.

 

I installed SiteMonitor V3.2 yesterday in less than 30 minutes and had the crons running successfully soon after.  That is quite revealing about the ease of installation for this one as I am not a seasoned developer.  Simply having SiteMonitor helping me keep an eye on things take a  load of stress off.  Thank you!!!

 

After installation, I have noticed that two of the settings on the configuration page seem to have a mind of their own.  I did several tests and immediately after leaving the configuration page and returning, the "Delete Log File" setting was modified from 180 to 30.  Also the "Delete Reference File" setting only accepts certain values.  For kicks, I just set each to 33, saved, left the page, returned to the configuration page and both values are now showing 3.  I am not absolutely positive what maximum values the code is expecting for each of these fields, but it seem that it wants a value between 1 - 9.  If I enter a value with more than one digit such as 39, 92, or 153, it gets set to the last value (ie 9, 2 and 3 respectfully).  If I enter any value that ends with a zero, the "Delete Log File" value is automatically set to 30 and the "Delete Reference File" is set to blank. 

 

My apologies is this has been reported already...  but I did search this thread without finding any mention of the issue.  I also realize it doesn't make sense to keep the reference file for more than about nine days, and more than 30 days of log files is not of much value.  Unfortunately, I didn't notice the code was automatically adjusting my entries at first and thus, I suspect others will not either.  Thus, a suggestion would be to allow users to select the number of days from a drop down list so that they can never enter an unacceptable value and SiteMonitor function differently than expected.

 

The above isn't a complaint... only a suggestion.  It's impossible to complain about something that is free.  Not to mention something as incredibly helpful as SiteMonitor. Thanks Jack!!!


Anthony David

AllThingsTrendy.com

Share this post


Link to post
Share on other sites

Hi Anthony - Thank you for the kind words. They are appreciated. This addon has been available for many years now and no one has ever mentioned, at least that I recall, the problem with those items. Good catch. :) To fix them, find this code in the sitemonitor_configure_setup.php file

    else if (strpos($fp[$i], "\$logfile_delete") !== FALSE) {
        if (($pos = strpos($fp[$i], ";")) !== FALSE)
            $switch['logfile_delete'] = (((int)substr($fp[$i], $pos - 1) > 0) ? (int)substr($fp[$i], $pos - 1) : '30');
    }
    else if (strpos($fp[$i], "\$reference_reset") !== FALSE) {
        if (($pos = strpos($fp[$i], ";")) !== FALSE)
            $switch['reference_reset'] = (((int)substr($fp[$i], $pos - 1) > 0) ? (int)substr($fp[$i], $pos - 1) : '');
    }

and replace it with this

    else if (strpos($fp[$i], "\$logfile_delete") !== FALSE) { 
       if (($pos = strpos($fp[$i], ";")) !== FALSE) {
            $tmp = substr($fp[$i], 0, $pos);
            $val = end(explode(' ', $tmp));    
            $switch['logfile_delete'] = (((int)$val > 0) ? (int)$val : '30');
        }        
    }
    else if (strpos($fp[$i], "\$reference_reset") !== FALSE) {
        if (($pos = strpos($fp[$i], ";")) !== FALSE) {
            $tmp = substr($fp[$i], 0, $pos);
            $val = end(explode(' ', $tmp));    
            $switch['reference_reset'] = (((int)$val > 0) ? (int)$val : '30');
        }    
    }

Please let me know if there are any other problems.

Edited by Jack_mcs

Share this post


Link to post
Share on other sites

A new version has been uploaded with these changes:

  • Added a success message when saving the config file.
  • Added a test for hacker files masquerading as google verification files.
  • Changed code for the delete dates in the configure setup file to properly handle any setting.
  • Fixed a code mistake for the create directory function.

Share this post


Link to post
Share on other sites

@@Jack_mcs

 

Hi Jack

 

(It's me again)

 

Just installed the Site Monitor one of your other great addons (Many thanks)

 

When I go to admin>site monitor>configure, I get

 

Strict Standards: Only variables should be passed by reference in /home/xxxx/public_html/BS234GOLD/adminn/sitemonitor_configure_setup.php on line 74

Strict Standards: Only variables should be passed by reference in /home/xxxxx/public_html/BS234GOLD/admin/sitemonitor_configure_setup.php on line 81

 

if I replace that code with the "old" code in the post above the problem goes away, but I wouldn't have a clue whether the addon would still work the way it should.

Or should I not worry about this message.

 

Many thanks

 

Cheers

 

Grandpa

Edited by grandpaj

Share this post


Link to post
Share on other sites

The old code will reintroduce a problem so don't use it. For this one, It is due to using strict standards and is not really a problem in this section of code but the fix is a small one so might as well make it. At line 74 and 81 of that file, you will see this line of code

$val = end(explode(' ', $tmp));  

Replace both of those lines with these

 $tmp = explode(' ', $tmp);
 $val = end($tmp);  

Share this post


Link to post
Share on other sites

Jack I just wanted to drop a note to Thank you very much for this Great contribution. You have put me at ease when it comes to security awareness. It is greatly appreciated. Cheers.

Edited by sunshynecraftsbeads

Share this post


Link to post
Share on other sites

I am setting up a new installation of OscV2.3.4BS on a new server (at 1and1 host) running php7.1 and would like to get sitemonitor working on it.  I have downloaded and installed the latest version (V3.3) but cannot get it working after several days of trying.  It SEEMS that something is missing from the download or the readme.txt instructions.  I can see sitemonitor on my admin page and it has Configure and Admin within it .. however neither page will run.  'Configure' errors out trying to load template_top.php (on line 380) - the error says ' require(DIR_WS_INCLUDEStemplate_top.php): failed to open stream: No such file or directory. This is a fairly obvious error .. DIR_WS_INCLUDES is NOT defined.  Well.. that constant is not defined in either of the configure.php files and it is not mentioned in the readme file for sitemonitor... so HOW can everyone else get this installed and working when I cannot?  The store is working and the admin functions other than sitemonitor seem to work just fine, so I have to assume that DIR_WS_INCLUDES is not a part of the basic OSC V2.3.4BS package (I have double checked the zip file that it came from and even downloaded it again to be sure).  I'm not sure whether sitemonitor is trying to open the 'main' template_top.php or the one that's in the admin directory.  I tried adding a define for DIR_WS_INCLUDES in the admin configure.php file - and tried 'pointing' to one of the template files, then the other, but that just generates new errors, so I guess I must be missing something somewhere.  DIR_WS_INCLUDES is definitely in the sitemonitor_configure_setup.php file and it's definitely NOT mentioned in the readme file, so it must be expecting it to be in the 'store' configure.php files.  My original store is running a VERY OLD version of OSc - 2.2ms (which DOES use DIR_WS_INCLUDES)  and I have been trying to migrate to the updated version.  I could never get sitemonitor to work on the original store either so this was one of the main features I wanted to gain with the new version.

Anyone have a guess .. anyone else using the newest 'responsive' version of Osc and have sitemonitor working on it?  I'm not sure WHEN the BS version of Osc was generated, but it seems likely that it's been since 2016 - the date of the post just before this one.  I've seen Jack's answer repeated over and over .. sitemonitor works with ALL versions of Osc... maybe not any more?

I'm hoping someone still looks here occasionally :-).

Steve

Edited by Steve80

Share this post


Link to post
Share on other sites
26 minutes ago, Steve80 said:

DIR_WS_INCLUDES

In BS Edge version (allmost) all filenames and database tables are hardcoded ... also the relative path is hardcoded so

 require( DIR_WS_INCLUDES . 'template_top.php')

probably needs to be changed to simply

 require('íncludes/template_top.php')

 

Share this post


Link to post
Share on other sites

I had been meaning to get the updated version uploaded. It has now been done. This version has these changes:

  • Changed code in admin/sitemonitor_config_setup.php to remove a strict standards error.
  • Changed code in admin/sitemonitor_config_setup.php to close table properly.
  • Replaced defined filenames to work with the latest oscommerce version.

I haven't tested this with php 7 but I think it will work.

 

Edited by Jack_mcs

Share this post


Link to post
Share on other sites

Thank you so much Arjan.  That has at least gotten me to the next step.  We'll see how long it lasts... :-) .

Steve

Share this post


Link to post
Share on other sites
4 hours ago, Jack_mcs said:

I had been meaning to get the updated version uploaded. It has now been done. This version has these changes:

  • Changed code in admin/sitemonitor_config_setup.php to remove a strict standards error.
  • Changed code in admin/sitemonitor_config_setup.php to close table properly.
  • Replaced defined filenames to work with the latest oscommerce version.

I haven't tested this with php 7 but I think it will work.

So.. I only need to replace sitemonitor_config_setup. php and filenames.php to go from 3.3 to 3.4?

All SEEMS to be working now after just replacing the DIR_WS_INCLUDES with direct 'includes/variousfilenames.php) within the config and admin files.  But I had to change the refs in both config and admin files....

Steve

 

Edited by Steve80

Share this post


Link to post
Share on other sites
5 hours ago, Jack_mcs said:

Please read the update file.

Sorry... I have NO IDEA what that is supposed to mean.  There is NO FILE named 'update' in the latest version addon zip - nor is the word 'update' mentioned anywhere in any file in the zip that I could find.  Additionally there is NO NEW INFORMATION in the readme.txt file other than the addition of the filenames.php file.  The ONLY text that I see is THIS

- Changed code in admin/sitemonitor_config_setup.php to remove a strict standards error.
- Changed code in admin/sitemonitor_config_setup.php to close table properly.
- Replaced defined filenames to work with the latest oscommerce version.

As far as I can tell .. all is working now (but I haven't test chron yet) ....EXCEPT for the fact that I have not received ANY emails after running sitemonitor. I DO get a report and it's acceptable (I think).  The hacker test also seems to be OK since I'm pretty sure I haven't been hacked on this new server ... yet.

Steve

Share this post


Link to post
Share on other sites

Please look in the UpdateDocs directory and read the file for this version.

Share this post


Link to post
Share on other sites

You know.. I'm really trying NOT to be a PAIN, but there is NO UPDATEDOCS directory that I can find .. not in the OSCV234BS directories, nor in the zip file associated with sitemonitor V3.3 or 3.4.  WHERE is this directory supposed to be??  I AM *OLD* so maybe I'm just too THICK for this stuff?

Steve

Share this post


Link to post
Share on other sites

This is what I see when I view the contents of the zip package. If you are not seeing the same, then maybe you deleted some of them? Try downloading it again in that case.

oscommercce_2.3
oscommerce_MS2_or_RC2
UpdateDocs
history.txt
license.txt
readme.txt

 

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

×