Location: PHPKode > scripts > SimpleSiteAudit > filediff/temp/2.htm
<?php
error_reporting (E_ALL ^ E_NOTICE);
// Start page-load timer    
$time = microtime();
$time = explode(' ', $time);
$time = $time[1] + $time[0];
$start = $time;

if($_GET['server']){
$ftp_server = trim($_GET['server']); // Leave
}

if($_GET['server']){
$ftp_server = trim($_GET['server']); // Leave
}

$logs_dir = '../../logs'; // Do not change added
$db_file = $logs_dir.'/'.$ftp_server.'/db_settings.txt';

if(file_exists($db_file)){ //first add
  $db_settings = file($db_file);
}else{
  echo 'Before you run this file, please save the database settings. Run the file, index1.php';
  exit(0);
}
 /*
$db_server = trim($db_settings[0]); // database Server 
$db_user = trim($db_settings[1]);  // mysql user name
$db_pass = trim($db_settings[2]);  // mysql password
$db_name = trim($db_settings[3]);   // Name of database
*/        
    $key = 'hide@address.com@hide@address.com';         
    $decrypt = rtrim(mcrypt_decrypt(MCRYPT_RIJNDAEL_256, md5($key), base64_decode($db_pass), MCRYPT_MODE_CBC, md5(md5($key))), "\0");
    $db_pass = trim($decrypt);

if($ftp_server != "" && $ftp_server != null && $db_server != ""/* && $is_table_empty() > 0*/){
    $con = mysql_connect($db_server,$db_user,$db_pass)or die(mysql_error());
    mysql_select_db($db_name, $con)or die(mysql_error());
    
    $settings_table = 'ssa_'.str_replace('-','_',str_replace('.','_',$ftp_server)).'_settings';
    $result = mysql_query("SELECT FTP_user,FTP_pass,root_dir FROM $settings_table") or die(mysql_error());

    while($row = mysql_fetch_array($result)) 
    {
       $ftp_user = $row[FTP_user];
       $ftp_pw = $row[FTP_pass];
       $root_dir = $row[root_dir];
    }
    mysql_close($con)or die(mysql_error());  //2nd add
}

if(is_table_empty($settings_table,$db_server,$db_user,$db_pass,$db_name) > 0){
     $key = 'hide@address.com@hide@address.com';
     $decrypted = rtrim(mcrypt_decrypt(MCRYPT_RIJNDAEL_256, md5($key), base64_decode($ftp_pw), MCRYPT_MODE_CBC, md5(md5($key))), "\0");
     $ftp_pw = trim($decrypted);
}else{
     'Wrong FTP password';
}


$clear = trim($settings[8]);
$date = date ("hide@address.com:i:s");

build_lists($ftp_server, $ftp_user, $ftp_pw,$db_server,$db_user,$db_pass,$startdir,$db_name,$date,$root_dir);

// changed
$time = microtime();
$time = explode(' ', $time);
$time = $time[1] + $time[0];
$finish = $time;
$total_time = round(($finish - $start), 4);

echo '. Page loaded in ' . $total_time . ' seconds.'; //3rd add
  /*
$db_server = trim($db_settings[0]); // database Server 
$db_user = trim($db_settings[1]);  // mysql user name
$db_pass = trim($db_settings[2]);  // mysql password
$db_name = trim($db_settings[3]);   // Name of database
*/ 

//------------------------------------------------------------------------------
//--------------------------------- Functions ----------------------------------
//------------------------------------------------------------------------------
function build_lists($ftp_server, $ftp_user, $ftp_pw ,$db_server,$db_user,$db_pass,$startdir,$db_name,$date,$root_dir){

    $con = mysql_connect($db_server,$db_user,$db_pass)or die(mysql_error());
    mysql_select_db($db_name, $con)or die(mysql_error());
    
    $site_table = 'ssa_'.stripslashes(str_replace('-','_',str_replace('.','_',$ftp_server))).'_site';
    $result = mysql_query("SELECT * FROM $site_table") or die(mysql_error());

    while($row = mysql_fetch_array($result)) 
    {
       $email_subject = $row[email_subj];
       $skipfiles = $row[skip_files];
       $email_alert_addr = $row[email_alert];
       $email_header = $row[email_header];
       $email_from_addr = $row[from_addr];
    }
    mysql_close($con)or die(mysql_error());
    
    $email_subject = $email_subject.' - '.$ftp_server; //email subject text
    $email_text = $email_header.' - '.$ftp_server."\r\n\n";

    // make FTP connection
    $conn_id = @ftp_connect($ftp_server) OR die("Unable to establish an FTP connection");
    @ftp_login($conn_id, $ftp_user, $ftp_pw) OR die("ftp-login failed - User name or password not correct");
    @ftp_pasv ( $conn_id, true ) or die("Unable to set passive mode."); //Use passive mode for client-side action
    //$remote_sys_type = @ftp_systype($conn_id) or die("Unable to determine system type.");
    $contents = ftp_rawlist($conn_id, '/'.$root_dir, true) or die("Unable to scan remote site.");
    ftp_close($conn_id);
    
    //print 'Systype: '.$remote_sys_type.' - ';
    $file_list = parse_rawlist( $contents,$root_dir );

    $newlist_prefix = 'ssa_'.str_replace('-','_',str_replace('.','_',$ftp_server)).'_newlist';
    $log_prefix = 'ssa_'.str_replace('-','_',str_replace('.','_',$ftp_server)).'_log';
    $settings_prefix = 'ssa_'.str_replace('-','_',str_replace('.','_',$ftp_server)).'_settings';

    $con = mysql_connect($db_server,$db_user,$db_pass)or die(mysql_error());
    mysql_select_db($db_name, $con)or die(mysql_error());

    $oldlist = array();
    $oldlist = oldlist($newlist_prefix);

    if(!empty($oldlist)){
        $first_run = 'N';
    }else{
        $first_run = 'Y';
    }

    mysql_query("TRUNCATE TABLE  `$newlist_prefix`") or die('truncate failed: '.mysql_error()); 

        echo 'SSA v1.5.0 Multisite - Script run on '.$ftp_server.' on '.$date."\r\n";

        foreach ($file_list as $value) {
            $len = strlen($value[perms]);
            $remove_dirs = substr($value[perms],$len-10,1);
            $start = str_replace('./',"", $value[path]);
            $start = str_replace(':',"", $start);

         if($value['file_name'] != "" /*&& strpos($start,$startdir) == 0 */&& $remove_dirs != "d"){
                $path = str_replace(":", "", $value['path']);
                $path = str_replace('/'.$root_dir, "", $path);
                $path = str_replace('./',"", $path);

                if(strpos($value[year], ':')){
                    $time = $value[year];
                }

          mysql_query("INSERT INTO $newlist_prefix
                  (path,filename,size,date,time,perms) 
                     VALUES ('$path','$value[file_name]','$value[size]','$value[day]$value[month]','$time','$value[perms]')")or die(mysql_error()); 
          }
        }

        $newlist = newlist($newlist_prefix);//dhdhdhdhdhd

        if(!empty($oldlist) && is_array($newlist)){

            $diff = array_diff_key($oldlist,$newlist);

            foreach($diff as $key=>$value){
                
                $len = strlen($value[perms]);
                $remove_dirs = substr($value[perms],$len-10,1);
                $start = str_replace('./',"", $value[path]);
                $start = str_replace(':',"", $start);
                $t = strpos($start,$startdir);//ldldldldldld

                print 'File missing: '.$key.' - Last seen: '.$value[date].' at '.$value[time]."\r\n";
                $email_text .= 'File missing: '.$key."\r\n".'Last seen: '.$value[date].' at '.$value[time]."\r\n\n";
                    mysql_query("INSERT INTO $log_prefix
                    (status,
                        file,
                        date,
                        time,
                        old_perms,
                        new_perms,
                        old_size,
                        new_size,
                        last_run) 
                        VALUES ('Missing',
                            '$key',
                            '$value[date]',
                            '$value[time]',
                            '',
                            '',
                            '',
                            '',
                            '$date')")or die(mysql_error()); 
              }
        }

        $i = 0;
        foreach ($file_list as $value) {
            
            $len = strlen($value[perms]);
            $remove_dirs = substr($value[perms],$len-10,1);
            $start = str_replace('./',"", $value[path]);
            $start = str_replace(':',"", $start);
            $t = strpos($start,$startdir);

         if($value['file_name'] != "" /*&& $t !== false */&& $remove_dirs != "d"){
                $path = str_replace(":", "", $value['path']);
                $path = str_replace('/'.$root_dir, "", $path);
                $path = str_replace('./',"", $path);

                if(strpos($value[year], ':')){
                    $time = $value[year];
                }    
            $resultB = mysql_query("SELECT * FROM $newlist_prefix WHERE path = '$path' AND filename = '$value[file_name]' ")or die(mysql_error());
            $row2 = mysql_fetch_row($resultB);                          
            $excludes = explode(',',$skipfiles);
            $file = trim($path.'/'.$value[file_name]);

            $size_newlist = $newlist[$file][size];
            $size_oldlist = $oldlist[$file][size];
            $new_perms = convert_perms($newlist[$file][perms]);
            $old_perms = convert_perms($oldlist[$file][perms]);

            if(!in_array($value[file_name],$excludes)){
            
                if($size_newlist != $size_oldlist && $newlist[$file][path] != "" && $oldlist[$file][path] != ""){
                    print 'File modified: '.$file.' - Date '.$row2[4].' Time: '.$row2[5].' Old file size = '.$size_oldlist.'bytes. New file size = '.$size_newlist.'bytes'."\r\n";
                    $email_text .= 'File modified: '.$file."\r\n".'Date '.$row2[4].' Time: '.$row2[5].' Old file size = '.$size_oldlist.'bytes. New file size = '.$size_newlist."bytes.\r\n\n";
                    mysql_query("INSERT INTO $log_prefix
                        (status,
                            file,
                            date,
                            time,
                            old_perms,
                            new_perms,
                            old_size,
                            new_size,
                            last_run) 
                            VALUES ('Modified',
                                '$file',
                                '$row2[4]',
                                '$row2[5]',
                                '$old_perms',
                                '$new_perms',
                                '$size_oldlist',
                                '$size_newlist',
                                '$date')")or die(mysql_error()); 
                    $i++;
                }
                if(!empty($diff)){
                    $i++;
                }
                if(!empty($oldlist) && $newlist[$file][path] != "" && $oldlist[$file][path] == ""){
                    print 'File added: '.$file.' - Date added: '.$row2[4].' Time added: '.$row2[5]."\r\n";
                    $email_text .= 'File added: '.$file."\r\n".'Date: '.$row2[4].' Time: '.$row2[5]."\r\n\n";
                    mysql_query("INSERT INTO $log_prefix
                        (status,
                            file,
                            date,
                            time,
                            old_perms,
                            new_perms,
                            old_size,
                            new_size,
                            last_run) 
                            VALUES ('Added',
                                '$file',
                                '$row2[4]',
                                '$row2[5]',
                                '',
                                '$new_perms',
                                '$size_oldlist',
                                '$size_newlist',
                                '$date')")or die(mysql_error()); 
                    $i++;
                }  
                if($newlist[$file][perms] != $oldlist[$file][perms] && $newlist[$file][path] != "" && $oldlist[$file][path] != ""){

                    print 'File permissions changed: '.$file.' - Old perms: '.$old_perms.' New perms: '.$new_perms."\r\n";
                    $email_text .= 'File permissions changed: '.$file."\r\n".'Old perms: '.$old_perms.' New perms: '.$new_perms."\r\n\n";
                    mysql_query("INSERT INTO $log_prefix
                        (status,
                            file,
                            date,
                            time,
                            old_perms,
                            new_perms,
                            old_size,
                            new_size,
                            last_run) 
                            VALUES ('Permissions',
                                '$file',
                                '$row2[4]',
                                '$row2[5]',
                                '$old_perms',
                                '$new_perms',
                                '$size_oldlist',
                                '$size_newlist',
                                '$date')")or die(mysql_error()); 
                    $i++;
                }
            }
         }
        }// end foreach loop

        if($i == 0 && $first_run == 'N'){
          echo 'NO CHANGES FOUND';
        }

        if($first_run == 'Y'){
          echo 'First run completed - All current website files have been added to the database';
        }
                $remove_dirs = substr($value[perms],$len-10,1);
                $start = str_replace('./',"", $value[path]);
                $start = str_replace(':',"", $start);
        if($i > 0){
            // Send email
            $headers = 'From: '.$email_from_addr . "\r\n" . 'X-Mailer: PHP/' . phpversion();
            mail($email_alert_addr, $email_subject, $email_text, $headers); //Simple mail function for alert. 
        }

        // Close mysql connection
        mysql_close($con)or die(mysql_error());
}
    
function parse_rawlist( $array,$root_dir ) 
{
    $i=0; 
    foreach($array as $curraw) 
    { 
        $struc = array(); 
        $current = preg_split("/[\s]+/",$curraw,9); 
        foreach($current as $val){
           if(strpos($val, $root_dir)){
              $path = $val;              
           }            
        }
     
     if($path == ""){
         $path = './';
     }
        $struc['perms']       =     $current[0]; 
        //$struc['number']    =     $current[1]; 
        //$struc['owner']     =     $current[2];
        $struc['path']        =     $path; 
        $struc['size']        =     $current[4]; 
        $struc['month']       =     $current[5]; 
        $struc['day']         =     $current[6];
        $struc['year']        =     $current[7];
        $struc['file_name']   =     $current[8];
        
     $structure[$i]      =     $struc; 
    $i++; 
    }
   return $structure; 

}

function oldlist($newlist_prefix){
    $old_list = mysql_query("SELECT * FROM $newlist_prefix") or die(mysql_error());
    $a = 0;
    while($row = mysql_fetch_array($old_list)){
        $key = $row['path'].'/'.$row['filename'];
            $oldlist[$key][id] = $row['id'];
            $oldlist[$key][path] = $key;
            $oldlist[$key][size] = $row['size'];
            $oldlist[$key][date] = $row['date'];
            $oldlist[$key][time] = $row['time'];
            $oldlist[$key][perms] = $row['perms'];
            $a++;
    }
    return $oldlist;
}

function newlist($newlist_prefix){
    $newList = mysql_query("SELECT * FROM $newlist_prefix") or die(mysql_error());
    $a = 0;
    while($row = mysql_fetch_array($newList)){
        $key = $row['path'].'/'.$row['filename'];
            $newlist[$key][id] = $row['id'];
            $newlist[$key][path] = $key;
            $newlist[$key][size] = $row['size'];
            $newlist[$key][date] = $row['date'];
            $newlist[$key][time] = $row['time'];
            $newlist[$key][perms] = $row['perms'];
            $a++;
    }
    return $newlist;
}

function convert_perms($perms){
    $permissions = $perms;  // or whatever
      $mode = 0;

      if ($permissions[1] == 'r') $mode += 0400;
      if ($permissions[2] == 'w') $mode += 0200;
      if ($permissions[3] == 'x') $mode += 0100;
      else if ($permissions[3] == 's') $mode += 04100;
      else if ($permissions[3] == 'S') $mode += 04000;

      if ($permissions[4] == 'r') $mode += 040;
      if ($permissions[5] == 'w') $mode += 020;
      if ($permissions[6] == 'x') $mode += 010;
      else if ($permissions[6] == 's') $mode += 02010;
      else if ($permissions[6] == 'S') $mode += 02000;

      if ($permissions[7] == 'r') $mode += 04;
      if ($permissions[8] == 'w') $mode += 02;
      if ($permissions[9] == 'x') $mode += 01;
      else if ($permissions[9] == 't') $mode += 01001;
      else if ($permissions[9] == 'T') $mode += 01000;
      
      $octal = sprintf('%o', $mode, $mode);
      return $octal;
    
}

function is_table_empty($table_name,$db_server,$db_user,$db_pass,$db_name){
    
    $con = mysql_connect($db_server,$db_user,$db_pass)or die('no conn: '.mysql_error());
    mysql_select_db($db_name, $con)or die(mysql_error());
    
    $x = "SELECT COUNT(*) FROM $table_name"; 
    $result = mysql_query($x) or die(mysql_error()); 
    $total_rows = mysql_fetch_row($result);
    //mysql_close($con)or die(mysql_error()); 
    return $total_rows[0];    
}

         if($value['file_name'] != "" /*&& strpos($start,$startdir) == 0 */&& $remove_dirs != "d"){
                $path = str_replace(":", "", $value['path']);
                $path = str_replace('/'.$root_dir, "", $path);
                $path = str_replace('./',"", $path);

                if(strpos($value[year], ':')){
                    $time = $value[year];
                }

          mysql_query("INSERT INTO $newlist_prefix
                  (path,filename,size,date,time,perms) 
                     VALUES ('$path','$value[file_name]','$value[size]','$value[day]$value[month]','$time','$value[perms]')")or die(mysql_error()); 
          }
?>
Return current item: SimpleSiteAudit