clam729
New Member
Joined: Jun 20, 2004
Posts: 1
|
 Posted:
Sun Jun 20, 2004 11:29 pm |
 
|
i never really liked the nuke die statements, oooohhh scary, i don't like you, etc. so ive crafted one of my own.
i made this for my 6.0 super-modded version, so no guarantees.
basically, whenever a die() statement is needed, you will now get an email that contains information about the die, for example, the ip, the function that was called, any mysql errors, etc., and have the option to kill the script or redirect them back to the index.php.
nothing sucks more that trying to track down a die() statement in your scripts.
installation
------------
btw, you will need at least php 4.3.0 or higher installed (for the __FUNCTION__ support) and i run this code w/register_globals OFF - if yours are on, you will need to make an unset line to prevent register global attacks.
1. open up your config.php and right under the opening <?php tag drop this in:
| Code: | //i use my own getip code, but for this posting i borrowed a snippet from sentinel
function getipaddress () {
if(isset($_SERVER["HTTP_CLIENT_IP"])) {
return $_SERVER["HTTP_CLIENT_IP"];
} else {
return "N/A";
}
}
function ss ($refip, $refpage, $reffunc, $refmysql, $refdie)
{
if ($refpage == ""){$refpage = "N/A";}
if ($reffunc == ""){$reffunc = "N/A";}
if ($refmysql == ""){$refmysql = "N/A";}
mail("webmaster@yourdomain.com", "DIE : $refpage", "ip : $refip\nagent : $refagent\npage : $refpage\nfunction : $reffunc\nmysql : $refmysql");
if ($refdie == "TRUE"){
header("Location: index.php");
}
}
|
2. then, anywhere you want to use the custom die code, replace the existing die() statement with this one:
| Code: |
die(ss(getipaddress(), $_SERVER["PHP_SELF"] . "?" . $_SERVER["QUERY_STRING"], __FUNCTION__, mysql_error($dbi), "TRUE"));
|
note: you may have to change the name of your mysql link from $dbi to whatever you are using, for example, $db or whatever.
for example, open up your mainfile.php and look near the top for this line:
(of course, yours may look a little different)
| Code: | if (eregi("mainfile.php",$_SERVER["PHP_SELF"])) {
header("Location: index.php");
die("i dont like you");
} |
if the die statement was called, you wouldn't have clue one about it, and the client sees some silly "i dont like you" message, real professional.
change the code around like to look like this:
| Code: |
if (eregi("mainfile.php",$_SERVER["PHP_SELF"])) {
die(ss(getipaddress(), $_SERVER["PHP_SELF"] . "?" . $_SERVER["QUERY_STRING"], __FUNCTION__, mysql_error($link), "TRUE"));
}
|
ahh, much better. let's b-b-break it down.
1. ok, someone tried to access your mainfile.php directly.
2. the custom die statement is called.
3. getipaddress() - first, let's get their ip address (thanks sentinel).
4. $_SERVER["PHP_SELF"] . "?" . $_SERVER["QUERY_STRING"] - second, let's get the script and any parameters.
5. __FUNCTION__ - third, if called from inside of a function, let's get the name of that function.
6. mysql_error($dbi) - fourth, report back any mysql errors.
7. "TRUE" - finally, if set to "TRUE" then redirect the user back to index.php, if set to "FALSE", just die.
there are other tweaks that i use that are not included, for example, db logging, 1 email per die per visitor per session, etc.
please pass along any comments, suggestions, fixes, etc. as this was coded in about 12 minutes (took longer to post this message  |
|
|
![[Valid RSS]](http://www.ravenphpscripts.com/images/valid-rss.png "Validate my RSS feed"){kind=small}
:: 
::
