here2learn Posted April 16, 2011 Share Posted April 16, 2011 (edited) There's not an option to exclude files but there is a section of code where you can do that if you want. However, the problem with the log files is due to coding errors in the current version. In admin/includes/functions/sitemonitor_functions.php, find (preg_match('/sitemonitor_log_(?P<digit>\d+).php/', $file, $matches)) || and change it to (preg_match('/sitemonitor_log_(.*).txt/', $file, $matches)) || There still a problem somewhere for the second failure you are getting but I haven't had time to track it down. Sorry for the stupid question, but what second failure do you mean? I changed what you told, and now Mismatches are no longer found, neither in sitemonitor_log_0.txt nor in sitemonitor_log_016_04_2011.txt. Edited April 16, 2011 by here2learn Quote Link to comment Share on other sites More sharing options...
Jack_mcs Posted April 16, 2011 Author Share Posted April 16, 2011 Sorry for the stupid question, but what second failure do you mean? I changed what you told, and now Mismatches are no longer found, neither in sitemonitor_log_0.txt nor in sitemonitor_log_016_04_2011.txt. That's the way that code should work. But I applied to a site and only the first message was ignored. I assumed there was some other problem since the fix didn't prevent it but maybe it was something to do with that site. As mentioned, I didn't have time to test it. Quote Support Links: For Hire: Contact me for anything you need help with for your shop: upgrading, hosting, repairs, code written, etc. Get the latest versions of my addons Recommended SEO Addons Link to comment Share on other sites More sharing options...
sberniz Posted April 23, 2011 Share Posted April 23, 2011 I installed this contribution however, everytime i run it, with the "delete reference" it deletes my entire site!!?? any ideas? Quote Link to comment Share on other sites More sharing options...
Jack_mcs Posted April 23, 2011 Author Share Posted April 23, 2011 I installed this contribution however, everytime i run it, with the "delete reference" it deletes my entire site!!?? any ideas? Be sure you don't have the quaranteen option enabled. Quote Support Links: For Hire: Contact me for anything you need help with for your shop: upgrading, hosting, repairs, code written, etc. Get the latest versions of my addons Recommended SEO Addons Link to comment Share on other sites More sharing options...
sberniz Posted April 23, 2011 Share Posted April 23, 2011 Be sure you don't have the quaranteen option enabled. Thanks Jack, I tried that too, however, still comes out with the same results. Quote Link to comment Share on other sites More sharing options...
Jack_mcs Posted April 23, 2011 Author Share Posted April 23, 2011 Thanks Jack, I tried that too, however, still comes out with the same results. There's nothing in the code to delete files unless the quaranteen option is used so, if that is off, I've no idea how that could be happening. Quote Support Links: For Hire: Contact me for anything you need help with for your shop: upgrading, hosting, repairs, code written, etc. Get the latest versions of my addons Recommended SEO Addons Link to comment Share on other sites More sharing options...
pctekcomponents Posted April 26, 2011 Share Posted April 26, 2011 (edited) Hi. I've just installed sitemonitor and everything seems to be more or less ok. The only thing is, i'm getting an warning message in sitemonitor admin..... WARNING: Your images directory contains non-image type files which is, generally, not correct. catalog/images/get_product_image.php The file in question is not hacked. It is used to display remote images on my site direct from my supplier. Is there any way to get SiteMonitor to ignore this or is it something i'll just have to deal with? Thanks in advance Edited April 26, 2011 by pctekcomponents Quote Link to comment Share on other sites More sharing options...
Jack_mcs Posted April 26, 2011 Author Share Posted April 26, 2011 Hi. I've just installed sitemonitor and everything seems to be more or less ok. The only thing is, i'm getting an warning message in sitemonitor admin..... WARNING: Your images directory contains non-image type files which is, generally, not correct. catalog/images/get_product_image.php The file in question is not hacked. It is used to display remote images on my site direct from my supplier. Is there any way to get SiteMonitor to ignore this or is it something i'll just have to deal with? Thanks in advance There's not anything built into the code that will allow excluding such files. You could disable the code that checks for that, though I wouldn't recommend it. Quote Support Links: For Hire: Contact me for anything you need help with for your shop: upgrading, hosting, repairs, code written, etc. Get the latest versions of my addons Recommended SEO Addons Link to comment Share on other sites More sharing options...
pctekcomponents Posted April 26, 2011 Share Posted April 26, 2011 ok thanks for the quick reply, Jack. I'll just leave it as it is. Thanks again Quote Link to comment Share on other sites More sharing options...
sberniz Posted April 26, 2011 Share Posted April 26, 2011 Thanks Jack, i tried it without the quarantine option one more time, this time it worked ! thanks Quote Link to comment Share on other sites More sharing options...
LDeeJay Posted April 28, 2011 Share Posted April 28, 2011 Great addition! But I'm getting the same error as stated before: WARNING: Your images directory contains non-image type files which is, generally, not correct. followed by two blank lines. I've done a fresh install of OsC 2.3.1 and SiteMonitor 2.9 (with version checker). After solving the array error, I'm still getting this message. I've even emptied the images folder and still get this message... (!?) I know it has been mentioned before but so far I haven't seen a solution. Could it have anything to do with manually altering the code to solve the array error by changing $invalidFiles = array_merge(glob(DIR_FS_CATALOG . DIR_WS_IMAGES . '*.php'),glob(DIR_FS_CATALOG . DIR_WS_IMAGES . '*.txt')); into ($invalidFiles = array_merge((array)glob(DIR_FS_CATALOG . DIR_WS_IMAGES . '*.php'),(array)glob(DIR_FS_CATALOG . DIR_WS_IMAGES . '*.txt'));) Any suggestions are greatly appreciated. Quote Link to comment Share on other sites More sharing options...
satronic Posted May 13, 2011 Share Posted May 13, 2011 Hi all thanks for the contribu Im having problems configuring it...where the contribu asks for Start Directory: im putting in our domain without the http://www. and still getting an erorr message 404 telling me I dont have permission to view this file.... what am not doing? John Quote Link to comment Share on other sites More sharing options...
2 estilos Posted May 14, 2011 Share Posted May 14, 2011 hello Jack, thank you very much by your help and for this contribution, it is fantastic! :thumbsup: I hope that you excuse my English, I speak english very bad. I'm using the last contribution for v2.2, SiteMonitor V 2.9. I have a problem. The contribution is installed correctly and it is working well of way manual. But, when I activate the function "quarantine", and a cron is executed, it does not eliminate the new files found, and it stops sending e-mails to me. But, when I execute it manually, the new files are eliminated and begin it send e-mails. I have tried wiht different commandos for the execution from cron. I have spoken with the support of my hosting, but I can not get that a new file goes to the folder automatically quarantine when the cron command is executed. The command of cron that works in my hosting is this: /usr/local/php5/bin/php-cgi /usr/home/mi_dominio/www/admin/sitemonitor.php Please, help me!!! it is very important for me. A lot of thanks :) Quote Link to comment Share on other sites More sharing options...
2 estilos Posted May 14, 2011 Share Posted May 14, 2011 hello Jack, thank you very much by your help and for this contribution, it is fantastic! :thumbsup: I hope that you excuse my English, I speak english very bad. I'm using the last contribution for v2.2, SiteMonitor V 2.9. I have a problem. The contribution is installed correctly and it is working well of way manual. But, when I activate the function "quarantine", and a cron is executed, it does not eliminate the new files found, and it stops sending e-mails to me. But, when I execute it manually, the new files are eliminated and begin it send e-mails. I have tried wiht different commandos for the execution from cron. I have spoken with the support of my hosting, but I can not get that a new file goes to the folder automatically quarantine when the cron command is executed. The command of cron that works in my hosting is this: /usr/local/php5/bin/php-cgi /usr/home/mi_dominio/www/admin/sitemonitor.php Please, help me!!! it is very important for me. A lot of thanks :) The hosting said me the following: Task of cron is working perfectly, but, when a new file is found, it is not found a necessary function so that the execution finalizes: [sat May 14 17:41:02 2011] [warn] mod_fcgid: stderr: PHP Fatal error: Call to undefined function tep_not_null() in /usr/home/my_dominio/www/admin/includes/functions/sitemonitor_functions.php on line 233 [sat May 14 17:45:02 2011] [warn] mod_fcgid: stderr: PHP Fatal error: Call to undefined function tep_not_null() in /usr/home/my_dominio/www/admin/includes/functions/sitemonitor_functions.php on line 233 [sat May 14 17:46:01 2011] [warn] mod_fcgid: stderr: PHP Fatal error: Call to undefined function tep_not_null() in /usr/home/my_dominio/www/admin/includes/functions/sitemonitor_functions.php on line 233 Quote Link to comment Share on other sites More sharing options...
IyangTjipto Posted May 16, 2011 Share Posted May 16, 2011 Jack, Thank you for your great contribution. I do appreciate it, and i am sure some others do as well. I am a newbie in this OScommerce, and trying to install your contribution on to my site. But, as usual, nothing goes smooth in this life until the problems had been fixed. I had done some research and some readings on how to fix it, but i just want to reconfirm again to make sure this newbie myself is doing the correct thing. Do you mind to be so kind to give me some comments or some advice on my following questions... or, maybe some friendly strangers who accidentally read this message would be so kind to help, please... For your info, i am using OSCOMMERCE 2.3.1 with your Site Monitor v2.9 Also, i am installing this into a test store with the standard original oscommerce template, and i havent added any new products yet other than those ones came with the OSCOMMERCE 2.3.1 CASE ONE After installation on Sitemonitor, I arrive at the step 6 of your manual [asking me to go to the following page --> Go to admin->Sitemonitor->Admin I received a Warning message : admin name should not be admin... The path i took to solve it : i changed the admin directory name to NEWADMIN name, and i also change two lines in the NEWADMIN/includes/configure.php define('DIR_WS_ADMIN', '/NEWADMIN/'); define('DIR_FS_ADMIN', '/your/path/to/directory/NEWADMIN/'); Since I have done that, I understand that my new login page would be http://domain_name.com/NEWADMIN instead of http://domain_name.com/admin This solve my problems, but I ended up with 2 questions on my mind. (These 3 questions might be a general OSCOMMERCE questions, but since this happened after the installation. I think i'd give it a go to ask the questions here) Q1) Is that the only configure.php files i need to modified. If not, any idea which other configure.php files i need to modified? Q2) Since I had rename the admin directory to NEWADMIN. That means in the future, when i want to install other contributions, and if that certain contribution asked me to copy certain files into admin directory. This means i have to copy those files to NEWADMIN directory of mine, instead of creating a new directory name admin. Am I correct? CASE TWO Still at Step 6, as per your manual, it was stated... Step 6: Go to admin->Sitemonitor->Admin and click the top button. A message should be displayed saying that the file was ran for the first time. Then click on the second or third button to actually run a test. A "No mismatches found" message should be displayed. If not, something is wrong with the installation. Everytime I clicked on the first button, I received the following message : sitemonitor_reference_0.php has been deleted! First time ran. Reference file was created and saved. Q3) I received that message everytime I click on the 1st button. I assume I am doing the correct thing here, right? I am just a bit confused with the message of First time ran, eventough i have clicked that button for 3+ times. I clicked on the second update button. It gave me the results of the following 1 mismatches were found. Run the script manually or see the email for the actual mismatches. Q4) I got 1 mismatch shown. Is something wrong with my installation? As per your guide, I should received "No Mismatched Found" I click on the third update button. It gave me the following output. No new files found... No deleted files found... Difference found: New-> admi123ok/sitemonitor_log_0.txt 111824 Original-> 111649 Difference found: New-> admi123ok/sitemonitor_log_016_05_2011.txt 111824 Original-> 111649 Time Mismatch on admi123ok/sitemonitor_log_0.txt Last Changed on Monday, 16 May 2011 13:20:10 GMT Time Mismatch on admi123ok/sitemonitor_log_016_05_2011.txt Last Changed on Monday, 16 May 2011 13:22:09 GMT No permissions mismatches found... ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Sitemonitor (0) ran on May 16, 2011, 9:22 am Total mismatches found were 4 Total files being monitored is 972 Email sent to shop owner. Q5) Again, I am confused. I got 4 mismatches here. Is there something wrong with my installation? Should it be a "No Mismatch" ? Lastly, I clicked on the last button, and it shows me the following together with a table [which i am not showing here]... Checked 100 directories containing a total of 640 files. Skipped 329 files. 27 suspected hacked files found. Q6) I assume all of those are just suspected files. and I have to keep and eye and checked it. Am I correct? I say this based on your manual that shown on the quote below. - The hacker test lists files that "may be" hacked files. The hackers use code that legitimate in some oscommerce files so it is not possible to say for sure if the file found is infected or not from within the program. If you are in doubt, compare your file with a known good one. - In general, a hacker will usually add their code at the very beginning (first or second line) or the very end (last line) of a file. That is because if they add it in the middle, they can't be sure it will work since the code they insert it into may be conditional code. This isn't a hard and fast rule but it is almost always the case, in my experience. So if you see a file in the hacker test list and the line number is greater than 2 and less than the total number of lines in the file (you would need to click on the file name to verify that), then the file is probably OK. Q7) On the table list which is not showing here, i have got a RED COLOUR which means it is higher probability of it being a hacker file... which is as follow: Ref = untick Line = 18 File = NEWADMIN/sitemonitor_configure_0.php Hacker Code = error_reporting(0) Dates Match = untick 0001 <?php 0002 /************** THE OPTIONS AND SETTINGS ****************/ 0003 $always_email = 1; //set to 1 to always email the results 0004 $verbose = 1; //set to 1 to see the results displayed on the page (for when running manually) 0005 $logfile = 1; //set to 1 to see to track results in a log file 0006 $logfile_size = 100000; //set the maximum size of the logfile 0007 $logfile_delete = 30; //set of days to wait before a previous log file is deleted - leave blank to never delete 0008 $reference_reset = 3; //delete the reference file this many days apart 0009 $quarantine = 0; //set to 1 to move new files found to the quarantine directory 0010 $to = 'queries@yangscreation.com'; //where email is sent to 0011 $from = 'queries@yangscreation.com'; //where email is sent from 0012 0013 $start_dir = '/hermes/web10/b1366/pow.tjiyang/htdocs/yangscreation/subdomain_store/'; //your shops root 0014 $admin_dir = 'http'; //your shops admin 0015 $admin_username = ''; //your admin username 0016 $admin_password = ''; //your admin password 0017 $excludeList = array('admin/quarantine', 'cgi-bin','admin'); //don't check these directories - change to your liking - must be set prior to first run 0018 $hackIgnoreList = array('jpg', 'jpeg','gif','png','txt','zip'); //don't check these types of files - change to your liking 0019 $hackCodeSegments = array('error_reporting(0)', 'base64_decode','<iframe','gzdecode','eval','ob_start("security_update")', 'Goog1e_analist_up', 'eval(gzinflate(base64_decode', 'Web Shell', '@eval', ' header;', 'shell_exec', 'system','SetCookie','Meher Assel', 'nt02', '<script src','r57shell'); //enter any hacker code that you would like to check for 0020 ?> My question is .. Even this is RED COLOUR, but it seems like to me not a hacked file, based on the php lines shown on the above quote. Am I correct? Jack, or maybe anyone out there, mind to be so kind to provide me some comments and answer/advise on my 7 questions above, please. Thank you and much appreciated. Quote Link to comment Share on other sites More sharing options...
Jack_mcs Posted May 22, 2011 Author Share Posted May 22, 2011 Great addition! But I'm getting the same error as stated before: WARNING: Your images directory contains non-image type files which is, generally, not correct. followed by two blank lines. I've done a fresh install of OsC 2.3.1 and SiteMonitor 2.9 (with version checker). After solving the array error, I'm still getting this message. I've even emptied the images folder and still get this message... (!?) I know it has been mentioned before but so far I haven't seen a solution. Could it have anything to do with manually altering the code to solve the array error by changing $invalidFiles = array_merge(glob(DIR_FS_CATALOG . DIR_WS_IMAGES . '*.php'),glob(DIR_FS_CATALOG . DIR_WS_IMAGES . '*.txt')); into ($invalidFiles = array_merge((array)glob(DIR_FS_CATALOG . DIR_WS_IMAGES . '*.php'),(array)glob(DIR_FS_CATALOG . DIR_WS_IMAGES . '*.txt'));) Any suggestions are greatly appreciated. It must be returning something even though nothing is there. Perhaps the version of php your hsot uses has a problem with the glob call? I would hve to see the problem and troubleshoot the code to find the exact reason so this isn't something I can solve here. Quote Support Links: For Hire: Contact me for anything you need help with for your shop: upgrading, hosting, repairs, code written, etc. Get the latest versions of my addons Recommended SEO Addons Link to comment Share on other sites More sharing options...
Jack_mcs Posted May 22, 2011 Author Share Posted May 22, 2011 Hi all thanks for the contribu Im having problems configuring it...where the contribu asks for Start Directory: im putting in our domain without the http://www. and still getting an erorr message 404 telling me I dont have permission to view this file.... what am not doing? If you type something in and click update, an error should popup showing what it should be. Quote Support Links: For Hire: Contact me for anything you need help with for your shop: upgrading, hosting, repairs, code written, etc. Get the latest versions of my addons Recommended SEO Addons Link to comment Share on other sites More sharing options...
Jack_mcs Posted May 22, 2011 Author Share Posted May 22, 2011 The hosting said me the following: Task of cron is working perfectly, but, when a new file is found, it is not found a necessary function so that the execution finalizes: [sat May 14 17:41:02 2011] [warn] mod_fcgid: stderr: PHP Fatal error: Call to undefined function tep_not_null() in /usr/home/my_dominio/www/admin/includes/functions/sitemonitor_functions.php on line 233 [sat May 14 17:45:02 2011] [warn] mod_fcgid: stderr: PHP Fatal error: Call to undefined function tep_not_null() in /usr/home/my_dominio/www/admin/includes/functions/sitemonitor_functions.php on line 233 [sat May 14 17:46:01 2011] [warn] mod_fcgid: stderr: PHP Fatal error: Call to undefined function tep_not_null() in /usr/home/my_dominio/www/admin/includes/functions/sitemonitor_functions.php on line 233 That is usuallt due to the path not being correct in the cron job. I can't say what will work for your server since it is specific to it but you may need to cd to the directory first. Something like cd /usr/home/mi_dominio/www/admin/; /usr/local/php5/bin/php-cgi -c /usr/home/mi_dominio/www/php.ini -q /usr/home/mi_dominio/www/admin/sitemonitor.php You will have to check with your host for the exact syntax. Quote Support Links: For Hire: Contact me for anything you need help with for your shop: upgrading, hosting, repairs, code written, etc. Get the latest versions of my addons Recommended SEO Addons Link to comment Share on other sites More sharing options...
2 estilos Posted May 23, 2011 Share Posted May 23, 2011 That is usuallt due to the path not being correct in the cron job. I can't say what will work for your server since it is specific to it but you may need to cd to the directory first. Something like cd /usr/home/mi_dominio/www/admin/; /usr/local/php5/bin/php-cgi -c /usr/home/mi_dominio/www/php.ini -q /usr/home/mi_dominio/www/admin/sitemonitor.php You will have to check with your host for the exact syntax. I checked with my host that I've mentioned, but unfortunately still not working properly. We tried different commands: I changed this,(h77p = http) so that not a link. :-" /usr/bin/wget -q -O /dev/null h77p://www.mi_dominio.com/admin/sitemonitor.php?instance=0 /usr/bin/wget -q -O /dev/null h77p://www.mi_dominio.com/admin/sitemonitor.php /usr/bin/wget -q -O /dev/null h77p://www.mi_dominio.com/admin/sitemonitor.php?instance=0 /usr/bin/wget -q -O /dev/null h77p://www.mi_dominio.com/admin/sitemonitor.php&instance=0 /usr/local/php5/bin/php-cgi /usr/home/mi_dominio/www/admin/sitemonitor.php&instance=0 /usr/local/php5/bin/php-cgi /usr/home/mi_dominio/www/admin/sitemonitor.php?instance=0 /usr/local/php5/bin/php-cgi /usr/home/mi_dominio/www/admin/sitemonitor.php But it still produces the same error [warn] mod_fcgid: stderr: PHP Fatal error: Call to undefined function tep_not_null() in /usr/home/mi_dominio/www/admin/includes/functions/sitemonitor_functions.php on line 233 The host asked me if you can run directly in the browser like this: http://www.mi_dominio.com/admin/sitemonitor.php thanks Jack_mcs Quote Link to comment Share on other sites More sharing options...
Jack_mcs Posted May 23, 2011 Author Share Posted May 23, 2011 The host asked me if you can run directly in the browser like this: http://www.mi_dominio.com/admin/sitemonitor.php Yes, it can be ran like that. Also, the third update button allows the same thing. Quote Support Links: For Hire: Contact me for anything you need help with for your shop: upgrading, hosting, repairs, code written, etc. Get the latest versions of my addons Recommended SEO Addons Link to comment Share on other sites More sharing options...
2 estilos Posted May 24, 2011 Share Posted May 24, 2011 Hello Jack_mcs, thank you very much for your help. I keep having the same problem. When I run it from the browser, detects a new file, but although I have checked the box to send to the quarantine folder, the new file remains in the same folder and not moved to the quarantine folder. The host asked me if possible that we need to enter the name and password for the admin somewhere. Or perhaps change the paths in the files themselves. I attached a picture with my settings to see if it is correct. I beg you to help me again, I would really like SiteMonitor work properly. Quote Link to comment Share on other sites More sharing options...
Jack_mcs Posted May 24, 2011 Author Share Posted May 24, 2011 I keep having the same problem. When I run it from the browser, detects a new file, but although I have checked the box to send to the quarantine folder, the new file remains in the same folder and not moved to the quarantine folder. The host asked me if possible that we need to enter the name and password for the admin somewhere. Or perhaps change the paths in the files themselves. The code expects the quarantine directory to be admin and have the correct permissions. Other than that, nothing else should be necessary. Try this to see where the problem is at. Create a file named movetest.php and insert the following into it <?php $src = '../aaa.php'; $dest = 'quarantine/aaa.php'; echo (rename($src, $dest) ? 'moved' : 'not moved'); Change the aaa.php in the above to some valid file name in the root or create a new file with that name. Go to admin andchange the url to ...admin/movetest.php. If the move fails, your host can use that to troubleshoot the problem. Quote Support Links: For Hire: Contact me for anything you need help with for your shop: upgrading, hosting, repairs, code written, etc. Get the latest versions of my addons Recommended SEO Addons Link to comment Share on other sites More sharing options...
2 estilos Posted May 24, 2011 Share Posted May 24, 2011 I tried this. I made a file called movetest.php and I put it in the folder /admin/ and ran it from the browser... it has deleted the file and has gotten into the folder /quarantine/ OK... the host does not know say to me, all they say is that there is an error. The error is this: [Tue May 24 17:24:02 2011] [warn] mod_fcgid: stderr: PHP Fatal error: Call to undefined function tep_not_null() in /usr/home/mi_dominio/www/admin/includes/functions/sitemonitor_functions.php on line 264 I do not know what else to do Jack_mcs ... I'm desperate :'( Quote Link to comment Share on other sites More sharing options...
Jack_mcs Posted May 24, 2011 Author Share Posted May 24, 2011 The error is this: [Tue May 24 17:24:02 2011] [warn] mod_fcgid: stderr: PHP Fatal error: Call to undefined function tep_not_null() in /usr/home/mi_dominio/www/admin/includes/functions/sitemonitor_functions.php on line 264 I do not know what else to do Jack_mcs ... I'm desperate :'( Unfortunately, this is one of those problems that cannot be handled in a support thread. You can try posting in the general support forum. You may get lucky and find someone willing to go through the code with you. Otherwise, you will need to pay someone to fix it for you. Quote Support Links: For Hire: Contact me for anything you need help with for your shop: upgrading, hosting, repairs, code written, etc. Get the latest versions of my addons Recommended SEO Addons Link to comment Share on other sites More sharing options...
2 estilos Posted May 25, 2011 Share Posted May 25, 2011 Unfortunately, this is one of those problems that cannot be handled in a support thread. You can try posting in the general support forum. You may get lucky and find someone willing to go through the code with you. Otherwise, you will need to pay someone to fix it for you. it's ok, in any case thank you very much for your help and effort Jack_mcs Quote Link to comment Share on other sites More sharing options...
New 
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.