1
Updated 9/1/04 to work with 2.0.7.1 Zip FileI'm the curious type so I made this hack to find out who my normal visitors are that are just looking "anonymous"ly. This script is hard-coded for only admins.
./misc.php ~line 208 & 215 (red text)
for ($i = 0; $i < $count; $i++) {
$class = ($class == 'odd') ? 'even' : 'odd';
echo '<tr valign="middle" align="center" class="'.$class.'">';
if (is_object($onlineUsers[$i]['user'])) {
$avatar = $onlineUsers[$i]['user']->getVar('user_avatar') ? '<img src="'.XOOPS_UPLOAD_URL.'/'.$onlineUsers[$i]['user']->getVar('user_avatar').'" alt="" />' : ' ';
echo '<td>'.$avatar."</td><td><a href="javascript:window.opener.location='".XOOPS_URL."/userinfo.php?uid=".$onlineUsers[$i]['user']->getVar('uid')."';window.close();">".$onlineUsers[$i]['user']->getVar('uname')."</a>";
} else {
echo '<td> </td><td>'.$xoopsConfig['anonymous'];
[color=ff0000]// create the list of anonymous user ips
$anon_ips[] = $onlines[$i]['online_ip'];[/color]
}
if ($isadmin == 1) {
echo '<br />('.$onlineUsers[$i]['ip'].')';
}
echo '</td><td>'.$onlineUsers[$i]['module'].'</td></tr>';
[color=ff0000]// show link to spy on every anonymous ip
if ($isadmin == 1 && count($anon_ips))
{
$anon_ips = implode('|',$anon_ips);
echo '<tr><td colspan="3" align="center"><a href="javascript:window.opener.location=''.XOOPS_URL.'/modules/admintools/index.php?tool=iplookup&ip='.$anon_ips.'';window.close();">Anonymous Lookup</a></td></tr>';
}[/color]
}
echo '</table><br />';
create a folder called admintools in your modules directory (./modules/admintools/)
./modules/admintools/header.php
include "../../mainfile.php";
./modules/admintools/index.php
<?php
include "header.php";
include XOOPS_ROOT_PATH."/header.php";
global $xoopsDB;
$isadmin = ($xoopsUser && $xoopsUser->isAdmin()) ? 1 : 0;
if ($isadmin===1)
{
// find which tool to use
switch ($_GET['tool'])
{
case 'iplookup':
// convert the string of ip#s from the uri to an array
$iplist = explode('|',$_GET['ip']);
// go though each ip
foreach($iplist as $ip)
{
// separate ip into ocets
$ip_array = explode('.',$ip);
// find the possible user
$partial_ip = '';
echo '<h3 style="color:#00F;">Looking up '.$ip.' ('.gethostbyaddr($ip).')</h3>';
// used to append the dotted decimal to the parial ip's;
// prevents matching 24% which could match 244. than the intendd 24.
$dot = '.';
$wild = '%';
foreach ($ip_array as $key=>$octet)
{
$lookup[$key]['result'] = '';
// removes the dotted decimal if on the last octet and wildcard
if ($key > 2)
{
$dot = '';
$wild = '';
}
$partial_ip .= $octet.$dot;
$sql = 'SELECT u.uname, bb.poster_ip, u.uid
FROM xoops_bb_posts as bb
INNER
JOIN xoops_users as u
ON bb.uid = u.uid
WHERE bb.poster_ip LIKE "'.$partial_ip.$wild.'"
GROUP BY u.uname';
$result = $xoopsDB->query($sql);
$sql.'<br /><br />';
// display output
$lookup[$key]['ip'] = '<br /><u>IP: '.$partial_ip.'<br /></u>';
while ($user = $xoopsDB->fetchArray($result))
{
$lookup[$key]['result'] .= '<a href="'.XOOPS_URL.'/userinfo.php?uid='.$user['uid'].'" target="_blank">'.$user['uname'].'</a><br />';
}
// append the dotted decimal to the octet
}
// display the results in reverse order (exact ip to broad)
// first flip the order of the array
rsort($lookup, SORT_NUMERIC);
foreach ($lookup as $output)
{
echo $output['ip'].$output['result'];
}
}
break;
default:
echo 'No tool selected';
}
}
else
{
echo 'You must have administrative access to enter this area';
}
include XOOPS_ROOT_PATH."/footer.php";
?>
The new popup box when clicking "more..." from who's online with "anonymous lookup"
The result page. It checks from exact to broad comparing against ip's from forum posts. eg: full ip is 1.2.3.4, it will check 1.2.3.4 then 1.2.3.% then 1.2.% then 1.% for every anonymous user. there were 2 in this example.
You might notice that my who's online popup shows the reverse dns, it's because i also edited the ./misc.php file ~line 194 to
$onlineUsers[$i]['ip'] =[b]gethostbyaddr([/b]$onlines[$i]['online_ip']);
