RM - Source Code View

Source Code Viewer

This page lets you view source code from my server. The program uses a brute force code formatter to color code elements. NOTE: I wrote this program while trying to learn the vim text editor. This is not my usual coding style.

Use this select box to select a file.

Hide Lines Numbers

View: log.php and Privacy

I will use my site's privacy statement to show the logging functions.

Formatted Code

Below is the code all formatted with bright colors. The program links to files opened with include() and expands those opened with require(). Clicking on the require line should change visibility.

log.php and Privacy

001 <!DOCTYPE html> 002 <html lang="en"> 003 <head> 004 <meta charset="UTF-8" /> 005 <meta name="viewport" content="width=device-width, initial-scale=1" /> 006 <meta name="Author" content="Kevin Delaney" /> 007 <meta name="keywords" content="Privacy Statement" /> 008 <meta name="description" content="Privacy Statement for the yintercept family of sites." /> 009 <title>Privacy Statement</title> 010 <link rel="canonical" href="https://yintercept.com/privacy.html" /> 011 <link rel="stylesheet" href="/resources/rm.css" type="text/css"> 012 </head> 013 <body> 014 <?php 015 /** 016 * This is the site`s privacy file. 017 * Before discussing privacy, I will log the page view. 018 * @see https://yintercept.com/privacy.html 019 */ 020 include('/var/www/php/msg.php'); 021 include('/var/www/php/sql.php');
require('/var/www/php/log.php');
001 <?php 002 /** 003 * This page inlcudes the files that I use for logging user hits. 004 * I track hits to monitor system performance. I am also interested 005 * in tracking inbound links. Please see my privacy policy. 006 * @see https://yintercept.com/privacy.html 007 * 008 * This function requires the files msg.php and sql.php. 009 * @see https://yintercept.com/resources/view.html?script=1 010 * 011 * @package ResourceModel 012 * @copyright 1999-2016 kd 013 * 014 */ 015 /** 016 * checkDomain will translate a domain name into an integer for easy analysis. 017 * It uses the Table Domain_Seconds to determine what part of the domain is 018 * the controlling entity for the domain. 019 * @param string $domainStr is a domain name. 020 * @param boolean. If set to true the function only records lowest subdomain. 021 * @return integer The function returns a primary key to the Domains Table. 022 */ 023 // dbConn() log.db database file to main. 024 dbConn(DB_MAIN,'+log'); 025 function checkDomain($domainStr,$limitSD=false) { 026 global $db; 027 $arr = explode('.',strtolower($domainStr)); 028 $cnt = count($arr); 029 $rv = 0; 030 if ($cnt < 2) { 031 $rv = -1; // invalid domain 032 } else { 033 // the TLD and SLD to see if they should be combined. 034 $sql = 'SELECT action_cd 035 FROM log.Domain_Seconds 036 WHERE tld=? 037 and sld=?'; 038 $val = sqlValue($sql,[$arr[$cnt-1],$arr[$cnt-2]]); 039 $subdomain = ''; 040 if ($val == 1 or $val==2) { 041 $tld = $arr[$cnt-2].'.'.$arr[$cnt-1]; 042 $domain = ($cnt>2)? $arr[$cnt-3] : ''; 043 if ($limitSD and $cnt>3) { 044 $subdomain = $arr[$cnt-4]; 045 } else { 046 for ($i=0; $i<$cnt-3; $i++) { 047 $subdomain .= ($i>0)? '.'.$arr[$i] : $arr[$i]; 048 } 049 } 050 } else { 051 $tld = $arr[$cnt-1]; 052 $domain = $arr[$cnt-2]; 053 if ($limitSD && $cnt>2) { 054 $subdomain = $arr[$cnt-3]; 055 } else { 056 for ($i=0; $i<$cnt-2; $i++) { 057 $subdomain .= ($i>0)? '.'.$arr[$i] : $arr[$i]; 058 } 059 } 060 } 061 $sql = 'SELECT domain_id 062 FROM log.Domains 063 WHERE tld=? 064 and domain_nm=? 065 and subdomain=?'; 066 $rv = (int) sqlValue($sql,[$tld,$domain,$subdomain]); 067 if ($rv < 1) { 068 $sql = 'INSERT INTO log.Domains (tld, domain_nm, subdomain) VALUES (?,?,?)'; 069 $rv = sqlExec($sql, [$tld,$domain,$subdomain],DB_MAIN,'','',DB_INSERT_ID); 070 } 071 } 072 return $rv; 073 } 074 /** 075 * Class IP_Info will help gather and report on IP addresses. 076 */ 077 class ipInfo { 078 public $blob = false; // will hold the 128bit address 079 public $id = 0; // the integer primary key to IP_Info 080 public $typeId = 0; // 0 = unknown, 4=ipv4, 6=ipv6, 1=error 081 public $domainId = 0; // A UID given to domains. 082 public $hostStr = ''; // the host for the ip. 083 public $ipStr =''; 084 /** 085 * The constructor creates a blank object to hold an ipInfo record. 086 * if you pass it a ip_id (key to IP_Info, it will load the file 087 * @param integer optional: ip_id is a key to IP_Info 088 * 089 */ 090 public function __construct($id = null) { 091 if ($id == null) { 092 // id == null means we will load from loadIP(); 093 } elseif (is_integer($id)) { 094 $this->id = $id; 095 $sql='SELECT ip_big, type_id, ip_str,host_str FROM log.IP_Info WHERE ip_id=?'; 096 // try to load ip info. Note, if not found, $this->blog === false 097 list($this->blob, $this->typeId, $this->ipStr, $this->hostStr) = sqlRow($sql,[$id]); 098 } else { 099 echo 'The ID should be an integer'; 100 } 101 } 102 /** 103 * loadIP() will look up an ip address in IP_Info and returns its id. 104 * If it can't find the id, it will create a new row in IP_Info. 105 * @param string str contains a IP address. Can be either IPv4 or IPv6 106 * if blank the program uses $_SERVER['HTTP_REMOTE'] 107 * @param boolean if chkHost is true, the program will look up ip host. 108 * @return integer The function returns primary integer key to IP_Info 109 */ 110 public function loadIP($str='', $chkHost=false) { 111 if ($str=='') $str = $_SERVER['REMOTE_ADDR']; 112 $this->ipStr = $str; 113 if (filter_var($str,FILTER_VALIDATE_IP,FILTER_FLAG_IPV6)===false) { 114 // it's not 6. try 4 115 if (filter_var($str,FILTER_VALIDATE_IP,FILTER_FLAG_IPV4)===false) { 116 $this->typeId = 1; 117 $this->blob = $str; // record the string in ip_big for later analysis 118 } else { 119 $this->typeId = 4; 120 $this->blob = inet_pton($str); 121 } 122 } else { 123 $this->typeId = 6; 124 $this->blob = inet_pton($str); 125 } 126 $sql ='SELECT ip_id, type_id, ip_str, host_str FROM log.IP_Info WHERE ip_big=?'; 127 // try to load ip info. Note, if not found, $this->blog === false 128 list($this->id, $this->typeId, $newStr, $this->hostStr) = sqlRow($sql,[$this->blob]); 129 if ($chkHost) { 130 if ($this->hoststr == '') { 131 $test = gethostbyaddr($str); 132 if (!$test === false) $this->hostStr = $test; 133 } 134 } 135 if ($this->id === false) { 136 $inpArr = [$this->typeId,$this->blob, $str,$this->hostStr]; 137 // print_r($inpArr); 138 $this->id = sqlExec('INSERT INTO log.IP_Info (type_id, ip_big, ip_str, host_str) 139 VALUES (?,?,?,?)',$inpArr); 140 } 141 return $this->id; 142 } 143 /** 144 * function will look up the host for current ip and save it in IP_Info. 145 * @param boolean if rechk is false, the program will return cached data. if 146 * true it will perform gethost lookup regardless. 147 * @return string the function returns a string containing name of host. 148 */ 149 public function checkHost($rechk = false) { 150 if ($this->hostStr == '' or $rechk) { 151 $test = gethostbyaddr($this->ipStr); 152 if ($test === false) { 153 // test failed 154 $this->domainId = -1; 155 } elseif ($test == $this->ipStr) { 156 $this->domainId = -1; 157 } else { 158 $this->hostStr = $test; 159 // replace references to the IP with the letters IP 160 $test = str_replace('.','-',$this->ipStr); 161 $testHost = str_replace($test,'IP',$this->hostStr); 162 $this->domainId = checkDomain($testHost, true); 163 if ($this->id > 0) { 164 sqlExec('UPDATE log.IP_Info 165 SET domain_id = ?, 166 host_str=? 167 WHERE ip_id=?',[$this->domainId,$this->hostStr,$this->id]); 168 } 169 } 170 } 171 return $this->hostStr; 172 } 173 /** 174 * @return string Function resturns the current IP blob as a string. 175 */ 176 public function getStr() { 177 return ($this->blob === false)? $this->ipStr : inet_ntop($this->blob); 178 } 179 /** 180 * Returns the 128bit address as an array of hex numbers. 181 */ 182 public function getArr() { 183 $str=inet_ntop($this->blob); 184 $delim = ((substr_count($str,':') > 1))? ':' : '.'; 185 return explode($delim,$str); 186 } 187 } 188 /** 189 * logHit() is my primary hit traccking program 190 * it records an ip address, page visited and microsconds of the call 191 * @param integer Denotes the site visited 192 * @param integer page_id identifies the page visited 193 * @param integer fk_is is an optional page id for the page visited 194 */ 195 function logHit($site_id=0,$page_id='',$fk_id=null,$target_id=0,$ad_id=0) { 196 global $rmIP; 197 $page_nm = ($page_id == '')? $_SERVER['PHP_SELF'] : ''; 198 $host = ''; $path = ''; $query = ''; $q = ''; 199 $domain_id = 0; 200 // HTTP_REFERER has info on where the click came from & and of primary importance. 201 if (isset($_SERVER['HTTP_REFERER'])) { 202 extract( parse_url($_SERVER['HTTP_REFERER']),EXTR_IF_EXISTS); 203 if ($host != $_SERVER['HTTP_HOST']) { 204 $domain_id = checkDomain($host); 205 if ($query !='') { 206 parse_str($query,$qarr); 207 if (isset($qarr['query'])) $q=$qarr['query']; 208 elseif (isset($qarr['q'])) $q=$qarr['q']; 209 elseif (isset($qarr['p'])) $q=$qarr['p']; 210 else $q= ''; 211 } 212 } 213 } 214 $dbHits = null; 215 if (isset($_SERVER["REQUEST_TIME_FLOAT"])) { 216 $ms = ceil(1000000*(microtime(true) - $_SERVER["REQUEST_TIME_FLOAT"])); 217 } else { 218 msgNote('No time in rtf'); 219 $ms = 0; 220 } 221 $camp= 0; 222 $sql = 'INSERT INTO log.Log_Hit(ip_id, ts, site_id,fk_id, page_nm, page_id, domain_id, campaign_id, path_nm, query_str, q, db_hits, microseconds, target_id, ad_id) 223 VALUES(?,julianday(\'now\'),?,?,?,?,?,?,?,?,?,?,?,?,?)'; 224 sqlExec($sql,array($rmIP->id, $site_id, $fk_id, $page_nm, $page_id, $domain_id,$camp, $path, $query, $q,$dbHits,$ms,$target_id, $ad_id)); 225 } 226 ?>
// End Require
022 023 $rmIP = new ipInfo(); 024 $rmIP->loadIP(); 025 ?> 026 <div class="ad"> 027 <script async src="//pagead2.googlesyndication.com/pagead/js/adsbygoogle.js"></script> 028 <!-- yintercept - responsive goodle ad --> 029 <ins class="adsbygoogle" 030 style="display:block" 031 data-ad-client="ca-pub-7057064824800338" 032 data-ad-slot="4504818749" 033 data-ad-format="auto"></ins> 034 <script> 035 (adsbygoogle = window.adsbygoogle || []).push({}); 036 </script> 037 </div> 038 <header> 039 <div id="pageTitle"> 040 <a href="https://yintercept.com/">The y-intercept blog</a> 041 </div> 042 </header> 043 <div class="main"> 044 <h2>Privacy Statement</h2> 045 <p>Have you ever noticed that companies that sell user data are more 046 aggressive in writing and promoting their "privacy policy" than sites that 047 do not not track user data?</p> 048 <p>I use several advertisers on this site including Google, Share-a-Sale, 049 Linkshare, Avantlink and Commission Junction (I receive no outside financial 050 support. Without advertisers I would have to pull this site). Although I do 051 not aggressively track user acitivities. Advertisers do.</p> 052 <p>Advertising networks require sites using their services to have a privacy 053 policy.</p> 054 <h2 id="email">eMail and Spam</h2> 055 <p>This site does not send unsolicited email. It does not even have an email server at the moment. Email protocols allow people to spoof email addresses. The email you received is most likely fraudulent. Unfortunately, there is nothing I can do about it.</p> 056 <h2 id="tracking">Web Site Tracking</h2> 057 <p>Most web sites track activity. The tracking is done to monitor the site's performance and counter DDOS attacks. Most tracking is done via web server logs. I decided to do my tracking with a Sqlite database.</p> 058 <p>As the data is in a database, I can show you what information I track. 059 I also created a code viwere; so you cans see the 060 <a href="https://yintercept.com/resources/view.php?script=11">code I use to track this data</a>. The main thing I look at is <a href="referers.html">inbound referers</a>.</p> 061 <?php 062 // $rmIP is an instance of ipInfo(). It processes IPv4 and IPv6 Addresses 063 // and can look up the host for the IP. 064 echo '<p>Your IP Address is '.$rmIP->getStr().' on '.$rmIP->checkHost(true).'. The table shows the pages you visited (I am not tracking all the pages). Referrer is the domain that sent you here.</p>'; 065 // I log the hit for this page now so it will show in report. 066 logHit(0,32); 067 $sql= 'SELECT h.page_id, page_nm, datetime(ts,\'localtime\'), path_nm, 068 query_str, subdomain, domain_nm, tld, p.title, microseconds 069 FROM log.Log_Hit as h 070 LEFT JOIN log.Domains as d ON h.domain_id = d.domain_id 071 LEFT JOIN PHP_Page as p ON h.page_id = p.page_id 072 WHERE ip_id = ? 073 ORDER BY ts DESC LIMIT 100'; 074 $arr=sqlAll($sql,[$rmIP->id]); 075 echo '<table>'; 076 echo '<tr><th colspan="4"><h3>IP Page Views</h3></th></tr>'.PHP_EOL; 077 echo '<tr><th>Date/Time</th><th>Page</th><th>Referrer</th><th>Micro<br />seconds</th></tr>'.PHP_EOL; 078 $cnt = count($arr); 079 for ($i=0; $i<$cnt; $i++) { 080 list($page_id, $page_nm, $ts, $path_nm, $query, $subdomain, $domain, $tld, $title,$microsecond) = $arr[$i]; 081 $pgStr = ($page_id > 0)? $title : $page_nm; 082 if ($subdomain != '') $subdomain.='.'; 083 $ref = ($domain != '')? $subdomain.$domain.'.'.$tld : ''; 084 $classStr = ($i % 2 == 1)? 'rowone' : 'rowtwo'; 085 echo '<tr class="'.$classStr.'"><td>'.$ts.'</td><td>'.$pgStr.'</td><td>'.$ref.'</td><td>'.$microsecond.'</td></tr>'.PHP_EOL; 086 } 087 echo '</table>'.PHP_EOL; 088 msgHTML(); 089 ?> 090 <h2>Cookies and Interactive Features</h2> 091 <p>The site current does not have any interactive features. Using interactive 092 features would require that you log in to the site. The log in will start a 093 session. I will write the session id to a "cookie" on your computer. The site 094 will interact with things so you can interact with them.</p> 095 <p>The cookies currently set by this site are:</p> 096 <?php 097 echo '<pre>'; 098 print_r($_COOKIE); 099 echo '</pre>'; 100 ?> 101 <p>Most people should see an empty array.</p> 102 <p>Cookies are necessary for creating interactive sites. Unfortunately, there 103 is a concerted effort to vilify the use of cookies as if the availability 104 of interactive features on the Internet was the primary cause of privacy 105 concerns.</p> 106 <p>The primary cause of privacy concerns is huge firms seeking to dominate the 107 market. But, guess what? The huge firms seeking to dominate the Internet 108 already have so much data they can track just by using your IP Address.</p> 109 <p>The game where web sites are supposed to apologize if they have interactive 110 features that use cookies simply harm small sites.</p> 111 <p>The way to enhance privacy and security on the Internet isn't requiring 112 people to post privacy statements and apologize for cookies. If you want to 113 improve things. Stop frequenting the big sites that seek to dominate and 114 use small sites even if they don't have legal departments to write privacy 115 policies and drop cookies so they can provide interactive features.</p> 116 <p>I wrote a blogspot blog post about my new privacy policy and logging program. <a href="http://blog.yintercept.com/2016/01/privacy-policy.html">Feel free to drop comments on that post</a>. 117 </div> 118 <p style="text-align: center"> 119 <a href="https://yintercept.com/resources/" style="color: yellow">Resource Model</a> 120 - <a style="color: yellow" href="/">index</a> 121 - <a href="https://yintercept.com/writings.html" style="color: yellow">stories</a> 122 - <a style="color: yellow" href="http://CommunityColor.com">Community Color</a></p> 123 </body> 124 </html>

Use "view source" from your browser to grab the output. Feel free to link to this project and check out the Resource Model for information on PHP coding or my tumblr blog for picture of Arizona, Colorado or Utah.

File last modified at January 26 2016 18:26:25.. This page has been viewed 576 Times.

blog ~ Resource Model ~ links