Admin access IP Logging

Quote

Post by ifyouseek » Sun Mar 06, 2011 1:57 pm

**** Update - i have added a vQmod for this, scroll down for download

This may be seen as a bit paranoid but i was convinced someone has been trying to login to my admin backend, so i decided to write something to log all access attempts on my backend and display it in the dashboard, it could be quite useful for some so i will include instructions on what i did. I didn't use sql or anything so no tables need built.

First i added the following code to /admin/view/template/common/login.tpl just between the final two closing div's.

</div>
Insert the code Here
</div>
<?php echo $footer; ?>

Code: Select all

<!--Start IP Log-->
<div class="content" style="min-height: 0px;">
<?php
$logfile= 'iplog.html';
$IP = $_SERVER['REMOTE_ADDR'];
$logdetails= '<span style="font-family: Arial, Helvetica, sans-serif; font-size: 12px; color: #000000;">' . date("F j, g:ia") . ' : <a target="_blank" href=http://www.ip-adress.com/ip_tracer/'.$_SERVER['REMOTE_ADDR'].'>'.$_SERVER['REMOTE_ADDR'].'</a></span>';
$fp = fopen($logfile, "a"); 
fwrite($fp, $logdetails);
fwrite($fp, "<br />");
fclose($fp); 
?> 
<span style="color:green;"><b>Info: IP Tracker Installed</b></span><br />
 <p>A report of this access and your IP Address (<strong><?php echo $_SERVER['REMOTE_ADDR']; ?></strong>) has been logged and the store admin has been notified.</p>
</div>
<!--End IP Log-->
Once this has been done, when you visit yourstore.com/admin a note of the IP address is saved to to admin/iplog.html inlcuding the date and time the access was atempted.

This could be it complete but i wanted to display the ip log on my dashboard when i logged in so i did the following:

I edited /admin/view/template/common/home, i replaced:

Code: Select all

<div class="content">
    <div style="display: inline-block; width: 100%; margin-bottom: 15px; clear: both;">
      <div style="float: left; width: 49%;">
        <div style="background: #547C96; color: #FFF; border-bottom: 1px solid #8EAEC3; padding: 5px; font-size: 14px; font-weight: bold;"><?php echo $text_overview; ?></div>
        <div style="background: #FCFCFC; border: 1px solid #8EAEC3; padding: 10px; height: 180px;">
          <table cellpadding="2" style="width: 100%;">
            <tr>
              <td width="80%"><?php echo $text_total_sale; ?></td>
              <td align="right"><?php echo $total_sale; ?></td>
            <tr>
              <td><?php echo $text_total_sale_year; ?></td>
              <td align="right"><?php echo $total_sale_year; ?></td>
            </tr>
            <tr>
              <td><?php echo $text_total_order; ?></td>
              <td align="right"><?php echo $total_order; ?></td>
            </tr>
            <tr>
              <td><?php echo $text_total_customer; ?></td>
              <td align="right"><?php echo $total_customer; ?></td>
            </tr>
            <tr>
              <td><?php echo $text_total_customer_approval; ?></td>
              <td align="right"><?php echo $total_customer_approval; ?></td>
            </tr>
            <tr>
              <td><?php echo $text_total_product; ?></td>
              <td align="right"><?php echo $total_product; ?></td>
            </tr>
            <tr>
              <td><?php echo $text_total_review; ?></td>
              <td align="right"><?php echo $total_review; ?></td>
            </tr>
            <tr>
              <td><?php echo $text_total_review_approval; ?></td>
              <td align="right"><?php echo $total_review_approval; ?></td>
            </tr>
          </table>
        </div>
      </div>
      <div style="float: right; width: 49%;">
        <div style="background: #547C96; color: #FFF; border-bottom: 1px solid #8EAEC3;">
          <div style="width: 100%; display: inline-block;">
            <div style="float: left; font-size: 14px; font-weight: bold; padding: 7px 0px 0px 5px; line-height: 12px;"><?php echo $text_statistics; ?></div>
            <div style="float: right; font-size: 12px; padding: 2px 5px 0px 0px;"><?php echo $entry_range; ?>
              <select id="range" onchange="getSalesChart(this.value)" style="margin: 2px 3px 0 0;">
                <option value="day"><?php echo $text_day; ?></option>
                <option value="week"><?php echo $text_week; ?></option>
                <option value="month"><?php echo $text_month; ?></option>
                <option value="year"><?php echo $text_year; ?></option>
              </select>
            </div>
          </div>
        </div>
With:

Code: Select all

<div class="content">
    <div style="display: inline-block; width: 100%; margin-bottom: 15px; clear: both;">

     <div style="float: left; width: 26%; padding: 4px;">
        <div style="background: #547C96; color: #FFF; border-bottom: 1px solid #8EAEC3; padding: 5px; font-size: 14px; font-weight: bold;">Dashboard Access Log</div>
        <div style="background: #FCFCFC; border: 1px solid #8EAEC3; padding: 10px; height: 180px;">
<iframe src="iplog.html" width="100%" height="100%" frameborder="0">
</iframe>
</div>
</div>

      <div style="float: left; width: 33%; padding: 4px;">
        <div style="background: #547C96; color: #FFF; border-bottom: 1px solid #8EAEC3; padding: 5px; font-size: 14px; font-weight: bold;"><?php echo $text_overview; ?></div>
        <div style="background: #FCFCFC; border: 1px solid #8EAEC3; padding: 10px; height: 180px;">
          <table cellpadding="2" style="width: 100%;">
            <tr>
              <td width="80%"><?php echo $text_total_sale; ?></td>
              <td align="right"><?php echo $total_sale; ?></td>
            <tr>
              <td><?php echo $text_total_sale_year; ?></td>
              <td align="right"><?php echo $total_sale_year; ?></td>
            </tr>
            <tr>
              <td><?php echo $text_total_order; ?></td>
              <td align="right"><?php echo $total_order; ?></td>
            </tr>
            <tr>
              <td><?php echo $text_total_customer; ?></td>
              <td align="right"><?php echo $total_customer; ?></td>
            </tr>
            <tr>
              <td><?php echo $text_total_customer_approval; ?></td>
              <td align="right"><?php echo $total_customer_approval; ?></td>
            </tr>
            <tr>
              <td><?php echo $text_total_product; ?></td>
              <td align="right"><?php echo $total_product; ?></td>
            </tr>
            <tr>
              <td><?php echo $text_total_review; ?></td>
              <td align="right"><?php echo $total_review; ?></td>
            </tr>
            <tr>
              <td><?php echo $text_total_review_approval; ?></td>
              <td align="right"><?php echo $total_review_approval; ?></td>
            </tr>
          </table>
        </div>
      </div>
      <div style="float: right; width: 39%; padding: 4px;">
        <div style="background: #547C96; color: #FFF; border-bottom: 1px solid #8EAEC3;">
          <div style="width: 100%; display: inline-block;">
            <div style="float: left; font-size: 14px; font-weight: bold; padding: 7px 0px 0px 5px; line-height: 12px;"><?php echo $text_statistics; ?></div>
            <div style="float: right; font-size: 12px; padding: 2px 5px 0px 0px;"><?php echo $entry_range; ?>
              <select id="range" onchange="getSalesChart(this.value)" style="margin: 2px 3px 0 0;">
                <option value="day"><?php echo $text_day; ?></option>
                <option value="week"><?php echo $text_week; ?></option>
                <option value="month"><?php echo $text_month; ?></option>
                <option value="year"><?php echo $text_year; ?></option>
              </select>
            </div>
          </div>
        </div>
This will display 'iplog.html' on the dashboard so you can see it as soon as you log in.

The final thing i did was find admin/iplog.html and add the following code to the top of the file, this code just tells your browser not to cache the log file and also to scroll to the bottom as soon as the page loads as the most recent access logs are added to the bottom of the list.

if iplog.html doesn't exist just visit http://www.yourdomain.com/admin and it is automatically created.

Code: Select all

<html>
<head>
<META HTTP-EQUIV="Pragma" CONTENT="no-cache">
</head>
<body onload="javascript:scroll(0,9999999999999999999)">
<!--/////DELETE BELOW THIS LINE TO RESET LOG-->
That's it... It works very well for me on firefox. If anyone spots any problems with it let me know but it is all pretty straight forward.

Also if anyone uses it let me know, cuz this is the first mod i have published, sorry if the instructions aren't clear, im very stoned. lol
Last edited by ifyouseek on Wed Mar 09, 2011 12:33 pm, edited 1 time in total.
ifyouseek
Active Member
Posts
153
Joined
Thu May 06, 2010 4:40 pm
Top

Re: Admin access IP Logging

Quote

Post by i2Paq » Sun Mar 06, 2011 6:03 pm

Try to create a vQmod out of this ;)

Norman in 't Veldt
Moderator OpenCart Forums
_________________ READ and Search BEFORE POSTING _________________

Our FREE search: Find your answer FAST!.

[How to] BTW + Verzend + betaal setup.

User avatar
i2Paq
Global Moderator
Posts
12244
Joined
Mon Nov 09, 2009 7:00 pm
Location - Winkel - The Netherlands
Top

Re: Admin access IP Logging

Quote

Post by ifyouseek » Mon Mar 07, 2011 1:16 am

I really can't get my head around the vqmod, I'm still running on 1.4.7, i read the sticky about it but still a bit confused. I know all the code goes in one xml file, i looked at an example but coding it would be another thing altogether.

Does the vqmod edit and then save a new copy of the modded file on the server somewhere? or does it re-generate the modded page from the core files every time it the page is loaded?
ifyouseek
Active Member
Posts
153
Joined
Thu May 06, 2010 4:40 pm
Top

Re: Admin access IP Logging

Quote

Post by Xsecrets » Mon Mar 07, 2011 1:23 am

ifyouseek wrote:I really can't get my head around the vqmod, I'm still running on 1.4.7, i read the sticky about it but still a bit confused. I know all the code goes in one xml file, i looked at an example but coding it would be another thing altogether.

Does the vqmod edit and then save a new copy of the modded file on the server somewhere? or does it re-generate the modded page from the core files every time it the page is loaded?
by default it mods the files on the fly every time, but you can set it up in cache mode where it will mod it once and save it.

OpenCart commercial mods and development http://spotonsolutions.net
Layered Navigation
Shipment Tracking
Vehicle Year/Make/Model Filter

Xsecrets
Guru Member
Posts
5017
Joined
Sun Oct 25, 2009 3:51 am
Location - FL US
Top

Re: Admin access IP Logging

Quote

Post by ifyouseek » Mon Mar 07, 2011 2:29 am

ok cool, is it compatiable with 1.4.7?
ifyouseek
Active Member
Posts
153
Joined
Thu May 06, 2010 4:40 pm
Top

Re: Admin access IP Logging

Quote

Post by ifyouseek » Tue Mar 08, 2011 11:17 pm

i have developed this dashboard module further. it now contains 2 tabs, the ip log still it there on a second tab which now mot only logs the arrival ip, it makes another record in the log in BOLD and RED if a failed login is attempted with the ip as usual.

The second feature to this module is a simple chatroom/shoutbox with live updating and refreshing, no javascript, no ajax, no sql, I just used the same tequnique as above, a couple of nested iframes, a form and a little php code to write the submitted text to an html file, not very secure or private but it does the job for me.

The chatbox is good for staff to leave quick notes to each other, i.e. order number#0000 needs this or that done before sending, or something like remember to pay for this today. etc. etc.

I also displayed all failed login attempted on the shoutbox as well as the log, just because the shoutbox is the first thing you see when you log in and you would like to know if someone has been attempting access.

When i'm happy wit it i will attempt to create a vQmod for it, would anyone be intrested in it as i could paste the code like i did for the above.

I bet there is a far easier way of implementing the two features, any examples or suggestions would help, i'm a php noob.
ifyouseek
Active Member
Posts
153
Joined
Thu May 06, 2010 4:40 pm
Top

Re: Admin access IP Logging

Quote

Post by ifyouseek » Wed Mar 09, 2011 12:05 pm

OK i have attempted my first vqmod for this admin messageboard and ip logger. It has worked pretty well i think.

It does require a couple of very small php and html files to be uploaded but these are like independent log files and php tracking files, it doesn't effect any of opencarts core files, is this still considered a full vqmod?

Maybe someone can take this and merge some of the small php files into the vqmod, i'm not to sure if its possible.

Only problem is that the messageboard and ip log text isn't protected and can be viewed by accessing the file directly but it isn't that big a deal as no one can view the admin directory to see the filename.

Plz someone try it and let me know what you think, keep in mind i've never been taught any php or html and pretty much guessed my way through it.

EDIT: i have released v1.1 which fixes Internet Explorer display issues. Visit this thread to download - http://forum.opencart.com/viewtopic.php?f=131&t=28350
ifyouseek
Active Member
Posts
153
Joined
Thu May 06, 2010 4:40 pm
Top
Post Reply
Return to “Modifications”
Who is online

Users browsing this forum: No registered users and 2 guests