Created
March 15, 2016 15:13
-
-
Save jwne/7c56bdcf021ff3c9a30a to your computer and use it in GitHub Desktop.
Log connecting clients' IP, port, user agent, and HTTP referer with a timestamp of the connection. MySQL storage preferred.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?php | |
| // For now file storage requires that the file specified is created already and chmodded to allow writing. | |
| /** | |
| * Connection info logging script created by Xeru | |
| * | |
| * Website: https://xeru.me | |
| * Twitter: https://twitter.com/Xeru_ | |
| * GitHub: https://github.com/exec | |
| * | |
| */ | |
| // Message user sees. Set to "" if you don't want to display a message, ideal for including in external scripts. | |
| $message = "<h1>404 Not Found</h1>"; | |
| // Set variables | |
| $date = new DateTime(); // Date+time variable | |
| $rdate = $date->format('Y-m-d H:i:s'); // Normalizing it | |
| $protocol = $_SERVER['SERVER_PROTOCOL']; // what protocol the client is connecting from | |
| $ip = $_SERVER['REMOTE_ADDR']; // the IP address of the connecting client. | |
| // If connecting through Cloudflare, rely on Cloudflare's connecting-IP header to get IP, otherwise check server header. | |
| if(!isset($_SERVER['HTTP_CF_CONNECTING_IP'])) { | |
| $ip = $_SERVER['REMOTE_ADDR']; | |
| } else { | |
| $ip = '[cloudflare reports] '.$_SERVER['HTTP_CF_CONNECTING_IP']; | |
| } | |
| $port = $_SERVER['REMOTE_PORT']; // connecting port of the client. Not useful usually but can be interesting. | |
| $agent = $_SERVER['HTTP_USER_AGENT']; // Unreliable to find a connecting client's browser, but can be useful sometimes. | |
| $href = $_SERVER['HTTP_REFERER']; // If you're linking this to someone directly, it will usually be nothing. | |
| $hostname = gethostbyaddr($_SERVER['REMOTE_ADDR']); // Attempt to resolve hostname from IP address. | |
| $type = "mysql"; // "file" or "mysql" | |
| // MySQL storage config | |
| $db_host = 'localhost'; | |
| $db_username = 'records'; | |
| $db_password = 'records'; | |
| $db_database = 'records'; | |
| // file storage config | |
| $file = "log.txt"; // Should rename this in case someone looks for the log file. Or protect with htaccess. | |
| // If you don't know what you're doing leave this alone pls | |
| if(!empty($type) && $type == "file") { | |
| if(is_writable($file)) { | |
| $fh = fopen($file, 'a'); | |
| if(filesize($file) < 32) { | |
| fwrite($fh, " _____________________\n"); | |
| fwrite($fh, "| |\n"); | |
| fwrite($fh, "| PHP LOGGER BY XERU |\n"); | |
| fwrite($fh, "|_____________________|\n\n"); | |
| fwrite($fh, " BEGIN LOGFILE ".$file."\n"); | |
| fwrite($fh, " _____________________\n"); | |
| fwrite($fh, "|\n"); | |
| } | |
| fwrite($fh, '| Connection from '.$ip.' at '.$date->format('Y-m-d H:i:s')."\n"); | |
| fwrite($fh, '| Hostname: '."".$hostname ."\n"); | |
| fwrite($fh, '| Port: '."".$port ."\n"); | |
| fwrite($fh, '| User Agent: '."".$agent ."\n"); | |
| fwrite($fh, '| HTTP Referer: '."".$href ."\n"); | |
| fwrite($fh, "|_____________________\n"); | |
| fclose($fh); | |
| echo $message; | |
| } else { | |
| chmod($file, 0777); // attempt to chmod the file to make it writable. | |
| die("<pre>Content could not load. Please try again in a few seconds.\n"); | |
| die("If you are the owner of this site, please adjust file permissions to allow writing to the file specified in config.</pre>"); | |
| } | |
| } elseif(!empty($type) && $type == "mysql") { | |
| $sqlconn = mysqli_connect($db_host, $db_username, $db_password, $db_database); | |
| if (mysqli_connect_errno()) { | |
| printf("Could not connect to MySQL database: %s\n", mysqli_connect_error()); | |
| exit(); | |
| } | |
| mysqli_query($sqlconn, "CREATE TABLE IF NOT EXISTS records.`logs` ( | |
| IP TEXT( 16 ) NOT NULL, | |
| DATE TEXT( 30 ) NOT NULL, | |
| HOSTNAME TEXT( 255 ) NOT NULL, | |
| PORT INT( 6 ) NOT NULL, | |
| USERAGENT TEXT( 255 ) NOT NULL, | |
| HTTPREFERER TEXT( 255 ) NOT NULL | |
| )"); | |
| mysqli_query($sqlconn, "INSERT INTO records.`logs` VALUES ( | |
| '$ip', | |
| '$rdate', | |
| '$hostname', | |
| '$port', | |
| '$agent', | |
| '$href' | |
| )"); | |
| mysqli_close($sqlconn); | |
| echo $message; | |
| } |
this code is very good. I use it and it works great.
@JohnTroony - or anyone else who can answer - I am just trying to learn and I was wondering, why should we be concerned with SQL-injection in this case? Is it because the code does not sanitize the received data? or what else? Perhaps someone could forge a malicious user-agent string containing dangerous SQL instructions? I am just speculating.... but if this makes no sense... then what other aspect of the code in your opinion is actually posing a threat? Could you/anyone please elaborate just a little more? Thank you!
which database needs to be created to make it run?
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Cool, but I can't encourage anyone to host this on their server because SQL-injection is a real thing 🌵