This page lets you view source code from my server. The program uses a brute force code formatter to color code elements. NOTE: I wrote this program while trying to learn the vim text editor. This is not my usual coding style.
Use this select box to select a file.
I will use my site's privacy statement to show the logging functions.
Below is the code all formatted with bright colors. The program links to files opened with include() and expands those opened with require(). Clicking on the require line should change visibility.
log.php and Privacy
001 <!DOCTYPE html>
002 <html lang="en">
003 <head>
004 <meta charset="UTF-8" />
005 <meta name="viewport" content="width=device-width, initial-scale=1" />
006 <meta name="Author" content="Kevin Delaney" />
007 <meta name="keywords" content="Privacy Statement" />
008 <meta name="description" content="Privacy Statement for the yintercept family of sites." />
009 <title>Privacy Statement</title>
010 <link rel="canonical" href="https://yintercept.com/privacy.html" />
011 <link rel="stylesheet" href="/resources/rm.css" type="text/css">
012 </head>
013 <body>
014 <?php
015 /**
016 * This is the site`s privacy file.
017 * Before discussing privacy, I will log the page view.
018 * @see https://yintercept.com/privacy.html
019 */
020 include('/var/www/php/msg.php');
021 include('/var/www/php/sql.php');
require('/var/www/php/log.php');001 <?php
002 /**
003 * This page inlcudes the files that I use for logging user hits.
004 * I track hits to monitor system performance. I am also interested
005 * in tracking inbound links. Please see my privacy policy.
006 * @see https://yintercept.com/privacy.html
007 *
008 * This function requires the files msg.php and sql.php.
009 * @see https://yintercept.com/resources/view.html?script=1
010 *
011 * @package ResourceModel
012 * @copyright 1999-2016 kd
013 *
014 */
015 /**
016 * checkDomain will translate a domain name into an integer for easy analysis.
017 * It uses the Table Domain_Seconds to determine what part of the domain is
018 * the controlling entity for the domain.
019 * @param string $domainStr is a domain name.
020 * @param boolean. If set to true the function only records lowest subdomain.
021 * @return integer The function returns a primary key to the Domains Table.
022 */
023 // dbConn() log.db database file to main.
024 dbConn(DB_MAIN,'+log');
025 function checkDomain($domainStr,$limitSD=false) {
026 global $db;
027 $arr = explode('.',strtolower($domainStr));
028 $cnt = count($arr);
029 $rv = 0;
030 if ($cnt < 2) {
031 $rv = -1; // invalid domain
032 } else {
033 // the TLD and SLD to see if they should be combined.
034 $sql = 'SELECT action_cd
035 FROM log.Domain_Seconds
036 WHERE tld=?
037 and sld=?';
038 $val = sqlValue($sql,[$arr[$cnt-1],$arr[$cnt-2]]);
039 $subdomain = '';
040 if ($val == 1 or $val==2) {
041 $tld = $arr[$cnt-2].'.'.$arr[$cnt-1];
042 $domain = ($cnt>2)? $arr[$cnt-3] : '';
043 if ($limitSD and $cnt>3) {
044 $subdomain = $arr[$cnt-4];
045 } else {
046 for ($i=0; $i<$cnt-3; $i++) {
047 $subdomain .= ($i>0)? '.'.$arr[$i] : $arr[$i];
048 }
049 }
050 } else {
051 $tld = $arr[$cnt-1];
052 $domain = $arr[$cnt-2];
053 if ($limitSD && $cnt>2) {
054 $subdomain = $arr[$cnt-3];
055 } else {
056 for ($i=0; $i<$cnt-2; $i++) {
057 $subdomain .= ($i>0)? '.'.$arr[$i] : $arr[$i];
058 }
059 }
060 }
061 $sql = 'SELECT domain_id
062 FROM log.Domains
063 WHERE tld=?
064 and domain_nm=?
065 and subdomain=?';
066 $rv = (int) sqlValue($sql,[$tld,$domain,$subdomain]);
067 if ($rv < 1) {
068 $sql = 'INSERT INTO log.Domains (tld, domain_nm, subdomain) VALUES (?,?,?)';
069 $rv = sqlExec($sql, [$tld,$domain,$subdomain],DB_MAIN,'','',DB_INSERT_ID);
070 }
071 }
072 return $rv;
073 }
074 /**
075 * Class IP_Info will help gather and report on IP addresses.
076 */
077 class ipInfo {
078 public $blob = false; // will hold the 128bit address
079 public $id = 0; // the integer primary key to IP_Info
080 public $typeId = 0; // 0 = unknown, 4=ipv4, 6=ipv6, 1=error
081 public $domainId = 0; // A UID given to domains.
082 public $hostStr = ''; // the host for the ip.
083 public $ipStr ='';
084 /**
085 * The constructor creates a blank object to hold an ipInfo record.
086 * if you pass it a ip_id (key to IP_Info, it will load the file
087 * @param integer optional: ip_id is a key to IP_Info
088 *
089 */
090 public function __construct($id = null) {
091 if ($id == null) {
092 // id == null means we will load from loadIP();
093 } elseif (is_integer($id)) {
094 $this->id = $id;
095 $sql='SELECT ip_big, type_id, ip_str,host_str FROM log.IP_Info WHERE ip_id=?';
096 // try to load ip info. Note, if not found, $this->blog === false
097 list($this->blob, $this->typeId, $this->ipStr, $this->hostStr) = sqlRow($sql,[$id]);
098 } else {
099 echo 'The ID should be an integer';
100 }
101 }
102 /**
103 * loadIP() will look up an ip address in IP_Info and returns its id.
104 * If it can't find the id, it will create a new row in IP_Info.
105 * @param string str contains a IP address. Can be either IPv4 or IPv6
106 * if blank the program uses $_SERVER['HTTP_REMOTE']
107 * @param boolean if chkHost is true, the program will look up ip host.
108 * @return integer The function returns primary integer key to IP_Info
109 */
110 public function loadIP($str='', $chkHost=false) {
111 if ($str=='') $str = $_SERVER['REMOTE_ADDR'];
112 $this->ipStr = $str;
113 if (filter_var($str,FILTER_VALIDATE_IP,FILTER_FLAG_IPV6)===false) {
114 // it's not 6. try 4
115 if (filter_var($str,FILTER_VALIDATE_IP,FILTER_FLAG_IPV4)===false) {
116 $this->typeId = 1;
117 $this->blob = $str; // record the string in ip_big for later analysis
118 } else {
119 $this->typeId = 4;
120 $this->blob = inet_pton($str);
121 }
122 } else {
123 $this->typeId = 6;
124 $this->blob = inet_pton($str);
125 }
126 $sql ='SELECT ip_id, type_id, ip_str, host_str FROM log.IP_Info WHERE ip_big=?';
127 // try to load ip info. Note, if not found, $this->blog === false
128 list($this->id, $this->typeId, $newStr, $this->hostStr) = sqlRow($sql,[$this->blob]);
129 if ($chkHost) {
130 if ($this->hoststr == '') {
131 $test = gethostbyaddr($str);
132 if (!$test === false) $this->hostStr = $test;
133 }
134 }
135 if ($this->id === false) {
136 $inpArr = [$this->typeId,$this->blob, $str,$this->hostStr];
137 // print_r($inpArr);
138 $this->id = sqlExec('INSERT INTO log.IP_Info (type_id, ip_big, ip_str, host_str)
139 VALUES (?,?,?,?)',$inpArr);
140 }
141 return $this->id;
142 }
143 /**
144 * function will look up the host for current ip and save it in IP_Info.
145 * @param boolean if rechk is false, the program will return cached data. if
146 * true it will perform gethost lookup regardless.
147 * @return string the function returns a string containing name of host.
148 */
149 public function checkHost($rechk = false) {
150 if ($this->hostStr == '' or $rechk) {
151 $test = gethostbyaddr($this->ipStr);
152 if ($test === false) {
153 // test failed
154 $this->domainId = -1;
155 } elseif ($test == $this->ipStr) {
156 $this->domainId = -1;
157 } else {
158 $this->hostStr = $test;
159 // replace references to the IP with the letters IP
160 $test = str_replace('.','-',$this->ipStr);
161 $testHost = str_replace($test,'IP',$this->hostStr);
162 $this->domainId = checkDomain($testHost, true);
163 if ($this->id > 0) {
164 sqlExec('UPDATE log.IP_Info
165 SET domain_id = ?,
166 host_str=?
167 WHERE ip_id=?',[$this->domainId,$this->hostStr,$this->id]);
168 }
169 }
170 }
171 return $this->hostStr;
172 }
173 /**
174 * @return string Function resturns the current IP blob as a string.
175 */
176 public function getStr() {
177 return ($this->blob === false)? $this->ipStr : inet_ntop($this->blob);
178 }
179 /**
180 * Returns the 128bit address as an array of hex numbers.
181 */
182 public function getArr() {
183 $str=inet_ntop($this->blob);
184 $delim = ((substr_count($str,':') > 1))? ':' : '.';
185 return explode($delim,$str);
186 }
187 }
188 /**
189 * logHit() is my primary hit traccking program
190 * it records an ip address, page visited and microsconds of the call
191 * @param integer Denotes the site visited
192 * @param integer page_id identifies the page visited
193 * @param integer fk_is is an optional page id for the page visited
194 */
195 function logHit($site_id=0,$page_id='',$fk_id=null,$target_id=0,$ad_id=0) {
196 global $rmIP;
197 $page_nm = ($page_id == '')? $_SERVER['PHP_SELF'] : '';
198 $host = $path = $query = $q = '';
199 $domain_id = 0;
200 // HTTP_REFERER has info on where the click came from & and of primary importance.
201 if (isset($_SERVER['HTTP_REFERER'])) {
202 extract( parse_url($_SERVER['HTTP_REFERER']),EXTR_IF_EXISTS);
203 if ($host != $_SERVER['HTTP_HOST']) {
204 $domain_id = checkDomain($host);
205 if ($query !='') {
206 parse_str($query,$qarr);
207 if (isset($qarr['query'])) $q=$qarr['query'];
208 elseif (isset($qarr['q'])) $q=$qarr['q'];
209 elseif (isset($qarr['p'])) $q=$qarr['p'];
210 else $q= '';
211 }
212 }
213 }
214 $dbHits = null;
215 if (isset($_SERVER["REQUEST_TIME_FLOAT"])) {
216 $ms = ceil(1000000*(microtime(true) - $_SERVER["REQUEST_TIME_FLOAT"]));
217 } else {
218 msgNote('No time in rtf');
219 $ms = 0;
220 }
221 $camp= 0;
222 $sql = 'INSERT INTO Log_Hit(ip_id, ts, site_id, fk_id, page_id, domain_id, campaign_id, db_hits, microseconds, target_id, ad_id, page_nm, path_nm, query_str, q)
223 VALUES(?,julianday(\'now\'),?,?,?,?,?,?,?,?,?,?,?,?,?)';
224 $arr = [$rmIP->id, $site_id, $fk_id, $page_id, $domain_id, $camp, $dbHits, $ms, $target_id, $ad_id, $page_nm, $path, $query, $q];
225 sqlExec($sql,$arr);
226 $arr = [$rmIP->id, $site_id, $fk_id, $page_nm, $page_id, $domain_id,$camp, $path, $query, $q,$dbHits,$ms,$target_id, $ad_id];
227 $GLOBALS['rmSite'] = sqlRow('SELECT site_id as \'id\', collection_id as \'defColl\', site_nm as \'name\', domain_nm as \'domain\', julianday(\'now\') as \'now\', date() as \'date\', 1 as css_id FROM Web_Site WHERE domain_nm LIKE ?',[strtolower($_SERVER['HTTP_HOST'])],DB_MAIN,PDO::FETCH_OBJ);
228 }
229 ?>
// End Require022
023 $rmIP = new ipInfo();
024 $rmIP->loadIP();
025 ?>
026 <div class="ad">
027 <script async src="//pagead2.googlesyndication.com/pagead/js/adsbygoogle.js"></script>
028 <!-- yintercept - responsive goodle ad -->
029 <ins class="adsbygoogle"
030 style="display:block"
031 data-ad-client="ca-pub-7057064824800338"
032 data-ad-slot="4504818749"
033 data-ad-format="auto"></ins>
034 <script>
035 (adsbygoogle = window.adsbygoogle || []).push({});
036 </script>
037 </div>
038 <header>
039 <div id="pageTitle">
040 <a href="https://yintercept.com/">The y-intercept blog</a>
041 </div>
042 </header>
043 <div class="main">
044 <h2>Privacy Statement</h2>
045 <p>Have you ever noticed that companies that sell user data are more
046 aggressive in writing and promoting their "privacy policy" than sites that
047 do not not track user data?</p>
048 <p>I use several advertisers on this site including Google, Share-a-Sale,
049 Linkshare, Avantlink and Commission Junction (I receive no outside financial
050 support. Without advertisers I would have to pull this site). Although I do
051 not aggressively track user acitivities. Advertisers do.</p>
052 <p>Advertising networks require sites using their services to have a privacy
053 policy.</p>
054 <h2 id="email">eMail and Spam</h2>
055 <p>This site does not send unsolicited email. It does not even have an email server at the moment. Email protocols allow people to spoof email addresses. The email you received is most likely fraudulent. Unfortunately, there is nothing I can do about it.</p>
056 <h2 id="tracking">Web Site Tracking</h2>
057 <p>Most web sites track activity. The tracking is done to monitor the site's performance and counter DDOS attacks. Most tracking is done via web server logs. I decided to do my tracking with a Sqlite database.</p>
058 <p>As the data is in a database, I can show you what information I track.
059 I also created a code viwere; so you cans see the
060 <a href="https://yintercept.com/resources/view.php?script=11">code I use to track this data</a>. The main thing I look at is <a href="referers.html">inbound referers</a>.</p>
061 <?php
062 // $rmIP is an instance of ipInfo(). It processes IPv4 and IPv6 Addresses
063 // and can look up the host for the IP.
064 echo '<p>Your IP Address is '.$rmIP->getStr().' on '.$rmIP->checkHost(true).'. The table shows the pages you visited (I am not tracking all the pages). Referrer is the domain that sent you here.</p>';
065 // I log the hit for this page now so it will show in report.
066 logHit(0,32);
067 $sql= 'SELECT h.page_id, page_nm, datetime(ts,\'localtime\'), path_nm,
068 query_str, subdomain, domain_nm, tld, p.title, microseconds
069 FROM log.Log_Hit as h
070 LEFT JOIN log.Domains as d ON h.domain_id = d.domain_id
071 LEFT JOIN PHP_Page as p ON h.page_id = p.page_id
072 WHERE ip_id = ?
073 ORDER BY ts DESC LIMIT 100';
074 $arr=sqlAll($sql,[$rmIP->id]);
075 echo '<table>';
076 echo '<tr><th colspan="4"><h3>IP Page Views</h3></th></tr>'.PHP_EOL;
077 echo '<tr><th>Date/Time</th><th>Page</th><th>Referrer</th><th>Micro<br />seconds</th></tr>'.PHP_EOL;
078 $cnt = count($arr);
079 for ($i=0; $i<$cnt; $i++) {
080 list($page_id, $page_nm, $ts, $path_nm, $query, $subdomain, $domain, $tld, $title,$microsecond) = $arr[$i];
081 $pgStr = ($page_id > 0)? $title : $page_nm;
082 if ($subdomain != '') $subdomain.='.';
083 $ref = ($domain != '')? $subdomain.$domain.'.'.$tld : '';
084 $classStr = ($i % 2 == 1)? 'rowone' : 'rowtwo';
085 echo '<tr class="'.$classStr.'"><td>'.$ts.'</td><td>'.$pgStr.'</td><td>'.$ref.'</td><td>'.$microsecond.'</td></tr>'.PHP_EOL;
086 }
087 echo '</table>'.PHP_EOL;
088 msgHTML();
089 ?>
090 <h2>Cookies and Interactive Features</h2>
091 <p>The site current does not have any interactive features. Using interactive
092 features would require that you log in to the site. The log in will start a
093 session. I will write the session id to a "cookie" on your computer. The site
094 will interact with things so you can interact with them.</p>
095 <p>The cookies currently set by this site are:</p>
096 <?php
097 echo '<pre>';
098 print_r($_COOKIE);
099 echo '</pre>';
100 ?>
101 <p>Most people should see an empty array.</p>
102 <p>Cookies are necessary for creating interactive sites. Unfortunately, there
103 is a concerted effort to vilify the use of cookies as if the availability
104 of interactive features on the Internet was the primary cause of privacy
105 concerns.</p>
106 <p>The primary cause of privacy concerns is huge firms seeking to dominate the
107 market. But, guess what? The huge firms seeking to dominate the Internet
108 already have so much data they can track just by using your IP Address.</p>
109 <p>The game where web sites are supposed to apologize if they have interactive
110 features that use cookies simply harm small sites.</p>
111 <p>The way to enhance privacy and security on the Internet isn't requiring
112 people to post privacy statements and apologize for cookies. If you want to
113 improve things. Stop frequenting the big sites that seek to dominate and
114 use small sites even if they don't have legal departments to write privacy
115 policies and drop cookies so they can provide interactive features.</p>
116 <p>I wrote a blogspot blog post about my new privacy policy and logging program. <a href="http://blog.yintercept.com/2016/01/privacy-policy.html">Feel free to drop comments on that post</a>.
117 </div>
118 <p style="text-align: center">
119 <a href="https://yintercept.com/resources/" style="color: yellow">Resource Model</a>
120 - <a style="color: yellow" href="/">index</a>
121 - <a href="https://yintercept.com/writings.html" style="color: yellow">stories</a>
122 - <a style="color: yellow" href="http://CommunityColor.com">Community Color</a></p>
123 </body>
124 </html>
Use "view source" from your browser to grab the output. Feel free to link to this project and check out the Resource Model for information on PHP coding or my tumblr blog for picture of Arizona, Colorado or Utah.
File last modified at January 20 2020 07:55:31.. This page has been viewed 5044 Times.
blog ~ Resource Model ~ links