Community Add-Ons

- Added a link to quickly delete the reference an db reference files.
- Added code to check for the existence of an .htaccess file in the includes directory.
- Explanded startup file checking code to check for six types instead of two in the images directory.
- Changed hacker test to skip certain legitimate cases where eval is part of the name. Removes a lot false results from the test.
- Changed initial file checking for the images directory so empty entries are ignored.
- Corrected mistake in 2.9 -> 3.0 update instructions found by user razeryokes.
- Corrected messageStack code in sitemonitor_admin.php.
- Fixed log code. It wasn't truncating logs correctly.

This is a full package.

The support thread is at
http://forums.oscommerce.com/topic/221438-sitemonitor/

This is just a maintenance update to replace a file that wasn't updated previously. If your 3.0 version is working, there's no reason to use this one.

This is a full package.

The support thread is at
http://forums.oscommerce.com/topic/221438-sitemonitor/

- Added a check for common database hacking.
- Added an exclude all button on the configure page to allow quickly adding all directories. Useful when multiple instances are ran.
- Added an exclude difference button on the configure page to allow quickly adding all un-excluded directories. Useful when multiple instances are ran.
- Added an option to allow setting the location of the log files.
- Added code to display the number of instances which have been setup.
- Added code to allow manually running any instance. Just select the instance and click the third update button.
- Added createCSS and auto_append_file, common hacker names, to the hacker checking code.
- Added code to record reference file replacement in the log when the number of days in the reference reset setting is reached.
- Added error checking for checking the modified date of the reference file since some sites reported this failed.
- Changed sitemonitor_hacker_cron file to use the email address from the SiteMonitor settings instead of the shops.
- Changed how the start directory is loaded on a new installation.
- Changed extensions for configure and reference files to .txt.
- Cleaned up instructions - fixed mistakes and added more.
- Removed admin/quaranteen and admin from stock configure file. The former will be added by the code - the latter is up to the user as to if it should be excluded.
- Removed restriction on start directory. Start where you like and all files below that location will be checked.

This is a full package.

The support thread is at
http://forums.oscommerce.com/topic/221438-sitemonitor/

- Added an option to the configure settings to delete log files after a set number of days.
- Added a log reader.
- Changed filter code so sitemonitor files are ignored in a scan.
- Changed code that checks for possible hacker files in the images directory (suggested by user burt).
- Changed the setting that add error checking to false since too many sites were having problems with it.
- Corrected instructions for creatnig cron jobs (found by user csiemons).
- Declared a variable at the beginning of sitemonitor_admin.php to prevent a missing variable warning.
- Fixed coding mistake in sitemonitor_hacker_cron.php that prevented the reference file that was causing the array_flip error.

This is a full package.

The support thread is at
http://forums.oscommerce.com/topic/221438-sitemonitor/

- Added a check for the start directory to ensure it is not trying to load the complete server.
- Added javascript code to check the start directory on update.
- Added to hacker code segments checks as posted in the support thread.
- Added some usage notes to the readme file.
- Added code to close open files.
- Added code to change the servers settings for error reporting.
- Added code to check if the log and reference files can be written to.
- Added code to allow multiple instances of SiteMonitor to be ran.
- Added code for oscommerce 2.3.
- Fixed coding mistake introduced in last update that caused the admin name to be renamed.
- Fixed coding mistake introduced in last update that caused some messages to not show in the result email.
- Fixed minor problems like spelling mistakes and removed some code that wasn't being used.

This is a full package.

The support thread is at
http://forums.oscommerce.com/topic/221438-sitemonitor/

- Added instructions regarding Version Checker
- Added option to replace the hacker exclude file on updates
- Added checkbox to allow the checking/unchecking of all hacker files at once
- Added new entries to the hacker code list
- Added basic security checks which are displayed in admin->SiteMonitor->Admin, if present
- Added code to display the start directory and the shops directory when a username error occurs so that differences can be seen
- Added cron file so hacker tests can be performed automatically
- Added an override option that allows the configure section to load without building a files list for sites that timeout initially
- Changed file search code so deleted files no longer prevent checking the other conditions
- Changed variable name in sitemonitor_configure-setup.php since it was conflicting with other code in RC2 shops
- Made other various small changes and code cleanup

This is a full package.

The support thread is at
http://forums.oscommerce.com/topic/221438-sitemonitor/

- Added query_store to the exclude list for those shops that use that contribution
- Changed code in configure to properly add the admin name
- Changed how top two buttons work to prevent duplicate emails some receive
- Changed how the run/delete button is handled which should fix the problem some have with many emails
- Corrected spelling mistake in admin/includes/languages/english/sitemonitor_admin.php
- Fixed code in sitemonitor_configure_setup.php to prevent the username problem so many are having

This is a full package.

The support thread is at
http://forums.oscommerce.com/topic/221438-sitemonitor/

Changes - Fixed problem that was causing some installations to lose characters or have invalid paths

This is a full package.

The support thread is at
http://forums.oscommerce.com/topic/221438-sitemonitor/

- Fixed path problem - should correct the issue with not seeing the correct locations.
- Fixed file scan problem that caused a failure on some servers.

This is a full package.

The support thread is at
http://forums.oscommerce.com/topic/221438-sitemonitor/

- Added code to display correct line numbers in the hacker results.
- Added ob_start("security_update") to the hacker list.
- Added line numbers to the hacker popup to make it easier to find the offending code.
- Added hacker code word that was found in the file to the result display for easier identification.
- Added ability to exclude hacked files from the search.
- Changed code to allow hacker code with quotes to be tested.
- Changed configuration and admin settings so that single, instead of double, quotes are used.
- Changed code to use correct function based on php version.
- Changed code so that the glob function doesn't need to be type casted for some servers (hopefully).

This is a full package.

The support thread is at
http://forums.oscommerce.com/topic/221438-sitemonitor/

Fixed problems in last two releases.
Added check in the hacker test to look for php files in images directories
Added color coding to hacker results for quicker checking of the results

This is a full package.

The support thread is at
http://forums.oscommerce.com/topic/221438-sitemonitor/

Fixed some of the problems with the last release.

This is a full package.

The support thread is at
http://forums.oscommerce.com/topic/221438-sitemonitor/

Added another check for hacker code.
Added version checker code (the Version Checker contribution still needs to be installed per the instructions).
Added code to check for username as the username and redirect if found - only useful for new installs.
Added box in admin to contain the file types to ignore on a hacker code search.
Added box in admin to contain the hacker code segments used in the hacker code search.
Added popup window to view suspected hacked files.
Changed how exclude selection works so that excluded directories are no longer in the exclude list.
Changed how createreferencefile code works so ignored files are checked in a more secure manner (as suggested by (Chad - chadcloman).
Changed search code so directories are scanned even if a similar name is excluded (as mentioned in the support thread).
Fixed problem that caused double slashes (//) in the hacker results.
Fixed logic problem in functions/site_monitor.php that might cause empty results for the hacker test.
Fixed some warnings seen in strict mode.
Fixed some problems that prevented the contribution from running on php 5.3 or higher.
Fixed invalid code in writeconfig code.
Renamed timer function to avoid clashes with other contributions.
Replaced $HTTP_POST_VARS with $_POST.
Replaced ereg with equivalent preg function.
Replaced some hard-coded text with definitions.

This is a full package.

The support thread is at
http://forums.oscommerce.com/topic/221438-sitemonitor/

This fixes the hacker checking code. It should run on all sites now.

This is a full package.

The support thread is at
http://forums.oscommerce.com/index.php?showtopic=221438

- Changed empty call to tep_not_null in sitemonitor_configure_setup.php to fix update problem with the configure settings
- Added code to exclude checking .xml files
- Added code to check for hacked files

This is a full package.

The support thread is at
http://forums.oscommerce.com/index.php?showtopic=221438

Changes:
- Fixed mistake in cron instructions
- Added code to read using curl. This could be a security problem so read the note in the install doc.
- Rewrote much of the file handling code. Should fix the problem some people are having.
- Changed many of the mysql calls to work with mysql 5.
- Made code changes that should improve speed.

This is a full package.

The support thread is at
http://forums.oscommerce.com/index.php?showtopic=221438

- Rewrote configure page to allow for easier setup.
- Added option to delete the reference file after X many days (setting in the configure file).
- Cleaned up to code to add checks for a number of things,like if a host is running in safe mode.
- Added a button to run the script manually.

This is a full package.

The support thread is at
http://forums.oscommerce.com/index.php?showtopic=221438

- Added a check for file open to reduce number of errors displayed.
- Added code so quarantine function works with nested directories
- Fixed problem with dated quarantine files not being named correctly

This is a full package.

The support thread is at
http://forums.oscommerce.com/index.php?showtopic=221438

First of all, thanks for this contribution. It is very useful to any store admin who is worried about the integrity of their stores.

This file contains the whole package v1.4, plus the Portuguese language files, as well as a translation to the install instructions.

Agradecemos ao autor desta contribuição que se mostrou extremamente útil para monitor a loja em tempo real.

Os arquivos incluem o pacote completo original, acrescido dos arquivos de linguagem para Português, assim como as instruções de instalação.
Suporte em portugues acesse www.creativstudios.org/forum

- Added logfile size option. File will be saved and replaced once a preset limit is reached.
- Added Quarantine option for new files. If set, new files will be moved to the quarantine directory. This can cause trouble if you add new files to your shop intentionally and forget to create a new reference file.
- Fixed bug in exclude list checking that would cause it to fail at times.

This is a full package.

The support thread is at
http://forums.oscommerce.com/index.php?showtopic=221438

The code in v 1.2 was changed to elimiate the need for oscommerce files. However, some code was still in the files, causing problems on some servers. This vesion fixes that problem.

This is a full package.

The support thread is at
http://forums.oscommerce.com/index.php?showtopic=221438

- Added error_log to the excluded files code (works now).
- Added admin control section.
- Added code to allow sub-directories to be excluded.
- Added log function.
- Fixed bug in functions file.

This is a full package.

The support thread is at
http://forums.oscommerce.com/index.php?showtopic=221438

If someone is able to hack into your site, they can alter your files to send them your customers information. I've seen this happen several times, thus the genesis of this contribution. This contribution will create a record of your files so that they can be checked at a later date. If any files have been added or deleted, or the size, timestamp or permissions were changed, you are notified via email. The script can be ran manually, but the best way is to set up a cron job so that the files are checked automatically.

This is a full package.

The support thread is at
http://forums.oscommerce.com/index.php?showtopic=221438