= '66.249.67.0' and $szIP <= '66.249.95.255') { // CKW - Google Spider PrintHead(); echo "

HARVESTERS, SPIDERS AND ROBOTS ARE FORBIDDEN!

"; exit; } if ($szRet1 < 0) { // CKW - modified error message to be more generic. PrintHead(); echo "

Sorry you have exceeded the number of queries allowed per day or your session has timed out.


\n"; echo "To login [CLICK HERE]"; exit; } if ($szRet1 < 1) { PrintHead(); echo "

Not logged in or your browser or firewall has cookies disabled
or your computers date time setting is incorrect. "; echo "To login [CLICK HERE]

"; echo "Information on how to configure your browser to enable cookies is here.

"; echo "If you can't resolve your problems, then email $szWebSiteEmail and please quote your IP=$szIP. \n"; exit; } } function RecordActivity($szDatabase, $szOperation, $szDetails) { global $bRecordActivity, $szTimezone, $nSessionId; if (!$bRecordActivity) return; date_default_timezone_set($szTimezone); $szTime = strftime('%Y-%m-%d %H:%M:%S', time()); $szIpAddr = $_SERVER['REMOTE_ADDR']; // CKW - added IPAddress to record as SessionID is not always getting logged // better not to record activity if security is off $sql = "insert into activity (`datetime`, sessionid, `database`, operation, details, ipaddress) values " . "('$szTime', '$nSessionId', '$szDatabase', '$szOperation', '$szDetails', '$szIpAddr');"; mysql_query($sql); } ////////////////////// Private Functions - not called by other functions ///////////////////// function RefreshSession($szParametersIn) { // CKW - added $nAnonymousLimitPerDay/$bLimitNumberOfReports to sync pp_session.php & pp_session0.php global $szTimezone, $nAnonymousLimitPerDay, $bLimitNumberOfReports, $nSessionId; // CKW - added $szRemoteAddr to sync pp_session.php & pp_session0.php $szRemoteAddr = $_SERVER['REMOTE_ADDR']; date_default_timezone_set($szTimezone); $szTime = strftime('%Y-%m-%d %H:%M:%S', time()); // See if there is a session for this IP address with DateTime within the last day. $sql = "select sessionid, accountid, reportsrun, expires, DateTime, uname FROM session where ipaddress='$szRemoteAddr' " . "and DateTime > DATE_SUB('$szTime', INTERVAL 1 DAY) order by sessionid desc;"; $result = mysql_query($sql); if (!$result) die('Invalid query: ' . mysql_error()); $aRow = mysql_fetch_row($result); $nLoginSuccess = 0; $nSessionId = (int)$aRow[0]; // record for activity log $nAccountId = (int)$aRow[1]; $nReportsRun = (int)$aRow[2]; $szExpires = $aRow[3]; $szUName = $aRow[5]; if ($aRow[3] < $szTime and $aRow[1] > 0) // CKW - if expires < current time { CreateSession($nAccountId,$szUName); // user logged in w/ password & session has timed out - create new record return 1; } if (!$aRow[0]) { CreateSession(0,'anonymous'); // anonymous user, create a new session return 1; } $nReportsRun++; // Session has not expired, good for 24 hours - update expires and QueryCount $sql = "update session set reportsrun=$nReportsRun where sessionid=$nSessionId;"; mysql_query($sql); if ($bLimitNumberOfReports) { // sum number of reports run from this ip address in the last day $sql = "select sum(reportsrun) from session where session.ipaddress='$szRemoteAddr' and " . "session.datetime > DATE_SUB('$szTime', INTERVAL 1 DAY) " . "and session.uname = 'anonymous';"; // CKW - do not include sessions using password security $result = mysql_query($sql); if (!$result) die('Invalid query: ' . mysql_error()); $aRow = mysql_fetch_row($result); $nTotalReportsRun = (int)$aRow[0]; if ($szUName != 'anonymous') { $sql = "select queriesperday from account where accountid=$nAccountId;"; $result = mysql_query($sql); if (!$result) die('Invalid query: ' . mysql_error()); $aRow = mysql_fetch_row($result); $nAllowedCount = (int)$aRow[0]; if ($nTotalReportsRun > $nAllowedCount) return -1;# session has exceeded allowed number of queries per day } elseif ($szIpAddr <> '67.18.63.130') // CKW - Ignore PerlOnLine Utilities { if ($nTotalReportsRun > $nAnonymousLimitPerDay) return -1;# session has exceeded allowed number of queries per day } } return 1; } function CancelSession() { // CKW - called by pp_login.php // echo "CancelSession!"; } // Sends HTML header - no more cookies! function CreateSession($nAccountId,$szAccount) { global $nDaysToKeepLogs, $szTimezone, $link; date_default_timezone_set($szTimezone); $szTime = strftime('%Y-%m-%d %H:%M:%S'); $szDate = strftime('%Y-%m-%d 00:00:00'); // CKW - expire session at midnight to keep activity logs more accurate $szRemoteAddr = $_SERVER['REMOTE_ADDR']; $szSessionName = "$szRemoteAddr~$szTime"; if ($szRemoteAddr == '67.18.63.130') $szAccount = 'PerlOnLine'; if ($szRemoteAddr >= '66.249.67.0' and $szRemoteAddr <= '66.249.95.255') $szAccount = 'GOOGLE'; $nAccountId = GetIdFromUName($szAccount); $sql = "insert into session (IPaddress, DateTime, AccountId, Expires, ReportsRun, UName) " . "values ('$szRemoteAddr', '$szTime', '$nAccountId', DATE_ADD('$szDate', INTERVAL 1 DAY), 1, '$szAccount');"; $result = mysql_query($sql, $link); if (!$result) die('Invalid query: ' . mysql_error()); if ($nDaysToKeepLogs > 0) { # Do some housekeeping - delete activity and session records older than N days $sql = "delete from session where datetime < DATE_SUB('$szTime', INTERVAL $nDaysToKeepLogs DAY);"; $result = mysql_query($sql, $link); if (!$result) die('Invalid query: ' . mysql_error()); if ($bRecordActivity) { $sql = "delete from activity where datetime < DATE_SUB('$szTime', INTERVAL $nDaysToKeepLogs DAY)"; $result = mysql_query($sql, $link); if (!$result) die('Invalid query: ' . mysql_error()); } } } ?>