Modernized script
This commit is contained in:
Daniel Winzen
11
counter.php
11
counter.php
@ -19,7 +19,8 @@
|
||||
*/
|
||||
|
||||
//prepare
|
||||
include_once('counter_config.php');
|
||||
require_once('counter_config.php');
|
||||
send_headers();
|
||||
$time=time();
|
||||
$update_time=$time-($time%3600);
|
||||
try{
|
||||
@ -37,16 +38,15 @@ if(!$id=$stmt->fetch(PDO::FETCH_NUM)){
|
||||
}
|
||||
|
||||
//headers
|
||||
header('Pragma: no-cache');
|
||||
header('Cache-Control: no-cache, no-store, must-revalidate, max-age=0');
|
||||
header('Expires: 0');
|
||||
header_remove('X-Frame-Options');
|
||||
header("Content-Security-Policy: base-uri 'self'; default-src 'none'; frame-ancestors '*'");
|
||||
header('Content-Type: image/gif');
|
||||
|
||||
//add visitor to db
|
||||
if(isSet($_COOKIE["counted$_REQUEST[id]"])){
|
||||
$stmt=$db->prepare('INSERT INTO ' . PREFIX . 'visitors (id, time, count, unique_count) VALUES (?, ?, 1, 1) ON DUPLICATE KEY UPDATE count=count+1;');
|
||||
}else{
|
||||
setcookie("counted$_REQUEST[id]", 1, $time+3600);
|
||||
set_secure_cookie("counted$_REQUEST[id]", 1);
|
||||
$stmt=$db->prepare('INSERT INTO ' . PREFIX . 'visitors (id, time, count, unique_count) VALUES (?, ?, 1, 1) ON DUPLICATE KEY UPDATE count=count+1, unique_count=unique_count+1;');
|
||||
}
|
||||
$stmt->execute([$id[0], $update_time]);
|
||||
@ -95,4 +95,3 @@ if(isset($_REQUEST['tr']) && $_REQUEST['tr']==1){
|
||||
imagestring($im, 5, 5, 5, $num[0], $fg);
|
||||
imagegif($im);
|
||||
imagedestroy($im);
|
||||
?>
|
||||
|
||||
@ -31,6 +31,8 @@ const VERSION='1.0'; // Script version
|
||||
const DBVERSION=1; // Database layout version
|
||||
|
||||
// Language selection
|
||||
$I = $T = [];
|
||||
$language=LANG;
|
||||
$L=[
|
||||
'de' => 'Deutsch',
|
||||
'en' => 'English',
|
||||
@ -39,17 +41,14 @@ $L=[
|
||||
if(isSet($_REQUEST['lang']) && isSet($L[$_REQUEST['lang']])){
|
||||
$language=$_REQUEST['lang'];
|
||||
if(!isSet($_COOKIE['language']) || $_COOKIE['language']!==$language){
|
||||
setcookie('language', $language);
|
||||
set_secure_cookie('language', $language);
|
||||
}
|
||||
}elseif(isSet($_COOKIE['language']) && isSet($L[$_COOKIE['language']])){
|
||||
$language=$_COOKIE['language'];
|
||||
}else{
|
||||
$language=LANG;
|
||||
}
|
||||
include_once('counter_lang_en.php'); //always include English
|
||||
require_once('counter_lang_en.php'); //always include English
|
||||
if($language!=='en'){
|
||||
$T=[];
|
||||
include_once("counter_lang_$language.php"); //replace with translation if available
|
||||
require_once("counter_lang_$language.php"); //replace with translation if available
|
||||
foreach($T as $name=>$translation){
|
||||
$I[$name]=$translation;
|
||||
}
|
||||
@ -58,15 +57,55 @@ if($language!=='en'){
|
||||
function print_langs(){
|
||||
global $I, $L;
|
||||
echo "<small>$I[language]: ";
|
||||
$query=preg_replace('/(&?lang=[a-z_\-]*)/i', '', $_SERVER['QUERY_STRING']);
|
||||
$query=ltrim(preg_replace('/&?lang=[a-z_\-]*/i', '', $_SERVER['QUERY_STRING']), '&');
|
||||
foreach($L as $code=>$name){
|
||||
if($query===''){
|
||||
$uri="?lang=$code";
|
||||
}else{
|
||||
$uri='?'.htmlspecialchars($query)."&lang=$code";
|
||||
}
|
||||
echo " <a href=\"$uri\">$name</a>";
|
||||
echo " <a href=\"$uri\" hreflang=\"$code\">$name</a>";
|
||||
}
|
||||
echo '</small>';
|
||||
}
|
||||
?>
|
||||
|
||||
function send_headers(array $styles = []){
|
||||
header('Content-Type: text/html; charset=UTF-8');
|
||||
header('Pragma: no-cache');
|
||||
header('Cache-Control: no-cache, no-store, must-revalidate, max-age=0, private');
|
||||
header('Expires: 0');
|
||||
header('Referrer-Policy: no-referrer');
|
||||
header("Permissions-Policy: accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'none'; battery 'none'; camera 'none'; cross-origin-isolated 'none'; display-capture 'none'; document-domain 'none'; encrypted-media 'none'; geolocation 'none'; fullscreen 'none'; execution-while-not-rendered 'none'; execution-while-out-of-viewport 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; navigation-override 'none'; payment 'none'; picture-in-picture 'none'; publickey-credentials-get 'none'; screen-wake-lock 'none'; sync-xhr 'none'; usb 'none'; web-share 'none'; xr-spatial-tracking 'none'; clipboard-read 'none'; clipboard-write 'none'; gamepad 'none'; speaker-selection 'none'; conversion-measurement 'none'; focus-without-user-activation 'none'; hid 'none'; idle-detection 'none'; sync-script 'none'; vertical-scroll 'none'; serial 'none'; trust-token-redemption 'none';");
|
||||
$style_hashes = '';
|
||||
foreach($styles as $style) {
|
||||
$style_hashes .= " 'sha256-".base64_encode(hash('sha256', $style, true))."'";
|
||||
}
|
||||
header("Content-Security-Policy: base-uri 'self'; default-src 'none'; form-action 'self'; frame-ancestors 'none'; img-src 'self' data:; style-src $style_hashes");
|
||||
header('X-Content-Type-Options: nosniff');
|
||||
header('X-Frame-Options: sameorigin');
|
||||
header('X-XSS-Protection: 1; mode=block');
|
||||
if($_SERVER['REQUEST_METHOD'] === 'HEAD'){
|
||||
exit; // headers sent, no further processing needed
|
||||
}
|
||||
}
|
||||
|
||||
function set_secure_cookie(string $name, string $value){
|
||||
if (version_compare(PHP_VERSION, '7.3.0') >= 0) {
|
||||
setcookie($name, $value, ['expires' => 0, 'path' => '/', 'domain' => '', 'secure' => is_definitely_ssl(), 'httponly' => true, 'samesite' => 'Strict']);
|
||||
}else{
|
||||
setcookie($name, $value, 0, '/', '', is_definitely_ssl(), true);
|
||||
}
|
||||
}
|
||||
|
||||
function is_definitely_ssl() : bool {
|
||||
if (!empty($_SERVER['HTTPS']) && $_SERVER['HTTPS'] !== 'off') {
|
||||
return true;
|
||||
}
|
||||
if (isset($_SERVER['SERVER_PORT']) && ('443' == $_SERVER['SERVER_PORT'])) {
|
||||
return true;
|
||||
}
|
||||
if (isset($_SERVER['HTTP_X_FORWARDED_PROTO']) && ('https' === $_SERVER['HTTP_X_FORWARDED_PROTO'])) {
|
||||
return true;
|
||||
}
|
||||
return false;
|
||||
}
|
||||
|
||||
@ -57,4 +57,3 @@ $T=[
|
||||
'statusok' => 'Status: OK',
|
||||
'nodb' => 'Keine Datenbankverbindung!',
|
||||
];
|
||||
?>
|
||||
|
||||
@ -57,4 +57,3 @@ $I=[
|
||||
'statusok' => 'Status: OK',
|
||||
'nodb' => 'No database connection!',
|
||||
];
|
||||
?>
|
||||
|
||||
@ -56,4 +56,3 @@ $T=[
|
||||
'statusok' => '状態: OK',
|
||||
'nodb' => 'データベースへの接続がありません!',
|
||||
];
|
||||
?>
|
||||
|
||||
@ -18,14 +18,18 @@
|
||||
* along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||
*/
|
||||
|
||||
include_once('counter_config.php');
|
||||
header('Content-Type: text/html; charset=UTF-8');
|
||||
echo '<!DOCTYPE html><html><head>';
|
||||
echo "<title>$I[titlereg]</title>";
|
||||
echo '<meta http-equiv="Content-Type" content="text/html; charset=utf-8">';
|
||||
echo '<meta name=viewport content="width=device-width, initial-scale=1">';
|
||||
echo '</head><body>';
|
||||
echo "<h2>$I[titlereg]</h2>";
|
||||
require_once('counter_config.php');
|
||||
$style = '.green{color:green} .software-link{text-align:center;font-size:small}';
|
||||
send_headers([$style]);
|
||||
?>
|
||||
<!DOCTYPE html><html lang="<?php echo $language; ?>"><head>
|
||||
<title><?php echo $I['titlereg']; ?></title>
|
||||
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
|
||||
<meta name=viewport content="width=device-width, initial-scale=1">
|
||||
<style><?php echo $style; ?></style>
|
||||
</head><body>
|
||||
<h1><?php echo $I['titlereg']; ?></h1>
|
||||
<?php
|
||||
print_langs();
|
||||
echo "<p>$I[descriptionreg]</p>";
|
||||
echo "<form action=\"$_SERVER[SCRIPT_NAME]\" method=\"POST\">";
|
||||
@ -56,7 +60,7 @@ if($_SERVER['REQUEST_METHOD']==='POST'){
|
||||
$stmt->execute([$key, $_REQUEST['preload']]);
|
||||
}
|
||||
}
|
||||
echo '<p style="color:green;">'.sprintf($I['regsuccess'], $key).'</p>';
|
||||
echo '<p class="green" role="alert">'.sprintf($I['regsuccess'], $key).'</p>';
|
||||
}else{
|
||||
$key='YOUR_API_KEY';
|
||||
}
|
||||
@ -75,8 +79,8 @@ echo "<li>$I[modmode1]</li>";
|
||||
echo "<li>$I[modmode2]</li>";
|
||||
echo "<li>$I[modmode3]</li>";
|
||||
echo "<li>$I[modmode4]</li>";
|
||||
echo '</ul></li>';
|
||||
echo '</ul>';
|
||||
echo '<br><p style="text-align:center;font-size:small;"><a target="_blank" href="https://github.com/DanWin/hit-counter">Hit Counter - ' . VERSION . '</a></p>';
|
||||
echo '</body></html>';
|
||||
?>
|
||||
</ul></li>
|
||||
</ul>
|
||||
<br><p class="software-link"><a target="_blank" href="https://github.com/DanWin/hit-counter" rel="noopener">Hit Counter - <?php echo VERSION; ?></a></p>
|
||||
</body></html>
|
||||
|
||||
@ -28,7 +28,7 @@ echo "<?php
|
||||
\$T=[
|
||||
";
|
||||
if(file_exists("counter_lang_$code.php")){
|
||||
include("counter_lang_$code.php");
|
||||
require_once("counter_lang_$code.php");
|
||||
}
|
||||
include('counter_lang_en.php');
|
||||
foreach($T as $id=>$value){
|
||||
@ -39,7 +39,6 @@ foreach($T as $id=>$value){
|
||||
foreach($I as $id=>$value){
|
||||
echo "\t'$id' => '".str_replace("'", "\'", $value)."',\n";
|
||||
}
|
||||
echo "];\n?>\n";
|
||||
echo "];\n";
|
||||
$file=ob_get_clean();
|
||||
file_put_contents("counter_lang_$code.php", $file);
|
||||
?>
|
||||
|
||||
@ -18,7 +18,7 @@
|
||||
* along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||
*/
|
||||
|
||||
include('counter_config.php');
|
||||
require_once('counter_config.php');
|
||||
if(!extension_loaded('pdo_mysql')){
|
||||
die($I['pdo_mysqlextrequired']);
|
||||
}
|
||||
@ -54,4 +54,3 @@ if(!@$db->query('SELECT * FROM ' . PREFIX . 'settings LIMIT 1;')){
|
||||
}else{
|
||||
echo "$I[statusok]\n";
|
||||
}
|
||||
?>
|
||||
|
||||
29
visits.php
29
visits.php
@ -18,7 +18,7 @@
|
||||
* along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||
*/
|
||||
|
||||
include_once('counter_config.php');
|
||||
require_once('counter_config.php');
|
||||
try{
|
||||
$db=new PDO('mysql:host=' . DBHOST . ';dbname=' . DBNAME, DBUSER, DBPASS, [PDO::ATTR_ERRMODE=>PDO::ERRMODE_WARNING, PDO::ATTR_PERSISTENT=>PERSISTENT]);
|
||||
}catch(PDOException $e){
|
||||
@ -29,7 +29,7 @@ if(isset($_REQUEST['id'])){
|
||||
$stmt=$db->prepare('SELECT * FROM ' . PREFIX . 'registered WHERE api_key=?;');
|
||||
$stmt->execute([$_REQUEST['id']]);
|
||||
if($id=$stmt->fetch(PDO::FETCH_NUM)){
|
||||
$id=$id[0];
|
||||
$id=(int) $id[0];
|
||||
}else{
|
||||
$fallback=true;
|
||||
$id=1;
|
||||
@ -40,19 +40,23 @@ if(isset($_REQUEST['id'])){
|
||||
}
|
||||
$stmt=$db->prepare('SELECT SUM(count) FROM ' . PREFIX . 'visitors WHERE id=? AND time>=? AND time<?;');
|
||||
$stmt2=$db->prepare('SELECT SUM(unique_count) FROM ' . PREFIX . 'visitors WHERE id=? AND time>=? AND time<?;');
|
||||
header('Content-Type: text/html; charset=UTF-8');
|
||||
echo '<!DOCTYPE html><html><head>';
|
||||
echo "<title>$I[titlestat]</title>";
|
||||
echo '<meta http-equiv="Content-Type" content="text/html; charset=utf-8">';
|
||||
echo '<meta name=viewport content="width=device-width, initial-scale=1">';
|
||||
echo '</head><body>';
|
||||
echo "<h2>$I[titlestat]</h2>";
|
||||
$style = '.red{color:red} .software-link{text-align:center;font-size:small}';
|
||||
send_headers([$style]);
|
||||
?>
|
||||
<!DOCTYPE html><html lang="<?php echo $language; ?>"><head>
|
||||
<title><?php echo $I['titlestat']; ?></title>
|
||||
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
|
||||
<meta name=viewport content="width=device-width, initial-scale=1">
|
||||
<style><?php echo $style; ?></style>
|
||||
</head><body>
|
||||
<h1><?php echo $I['titlestat']; ?></h1>
|
||||
<?php
|
||||
$time=time();
|
||||
$update_time=$time-$time%3600;
|
||||
print_langs();
|
||||
echo "<p>$I[descriptionstat]</p>";
|
||||
if($fallback){
|
||||
echo "<p style=\"color:red;\">$I[fallback]</p>";
|
||||
echo "<p class=\"red\" role=\"alert\">$I[fallback]</p>";
|
||||
}
|
||||
echo '<table>';
|
||||
echo "<tr><th>$I[when]</th><th>$I[count]</th><th>$I[unique]</th></tr>";
|
||||
@ -162,10 +166,10 @@ ob_start();
|
||||
imagegif($im);
|
||||
imagedestroy($im);
|
||||
echo base64_encode(ob_get_clean()).'">';
|
||||
echo '<br><p style="text-align:center;font-size:small;"><a target="_blank" href="https://github.com/DanWin/hit-counter">Hit Counter - ' . VERSION . '</a></p>';
|
||||
echo '<br><p class="software-link"><a target="_blank" href="https://github.com/DanWin/hit-counter" rel="noopener">Hit Counter - ' . VERSION . '</a></p>';
|
||||
echo '</body></html>';
|
||||
|
||||
function fetch_numbers($id, $start, $end){
|
||||
function fetch_numbers(int $id, int $start, int $end) : array {
|
||||
global $stmt, $stmt2, $num, $num2;
|
||||
$stmt->execute([$id, $start, $end]);
|
||||
$num=$stmt->fetch(PDO::FETCH_NUM);
|
||||
@ -179,4 +183,3 @@ function fetch_numbers($id, $start, $end){
|
||||
}
|
||||
return [number_format($num[0]), number_format($num2[0])];
|
||||
}
|
||||
?>
|
||||
|
||||
Reference in New Issue
Block a user