Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!


Create a uptime checking system for your site/host/ect
New on LowEndTalk? Please Register and read our Community Rules.

All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.

Create a uptime checking system for your site/host/ect

curtisgcurtisg Banned
edited December 2012 in Tutorials

This is a pretty basic uptime checker I just put together. You will need: database, knowledge of programming(not lots of knowledge) for this I created a api.php file so you can use it as a api, call the check.

API.PHP code:
<?php mysql_connect('host', 'username', 'password') or die(mysql_error()); mysql_select_db('database'); $query = mysql_query('SELECT * FROM checks WHEREip="'.$_GET['ip'].'" ANDowner`="'.$_GET['owner'].'"');

  function ping($host, $port, $timeout) { 
      $tB = microtime(true); 
      $fP = fSockOpen($host, $port, $errno, $errstr, $timeout); 
      if (!$fP) { return "down"; } 
      $tA = microtime(true); 
      return round((($tA - $tB) * 1000), 0)." ms"; 
  }`

 ` while($row = mysql_fetch_assoc($query))
  {
    $em = $row['notification_email'];

    $server = $row['ip'];
    $port = $row['port'];
    $last_status = $row['status'];
    //if($last_status=='ON') { echo 'Last checked: <font color="green">Online</font>'; } else { echo 'Last checked: <font color="red">Offline</font>'; }

    $curr_status = ping($server,$port,10); // server ip: $server, server port: $port, how long till timeout: 10 (you can change it)

    if($curr_status == "down")
    {
        echo "<font color='red'>Offline</font>"; // offline? oh noes
        mysql_query("UPDATE  `checks` SET  `status` =  'OFF' WHERE  `checks`.`id` =".$row['id'].";");
    }
    else
    {
        echo "<font color='green'>Online</font>"; // online? oh yeah :D
        mysql_query("UPDATE  `checks` SET  `status` =  'ON' WHERE  `checks`.`id` =".$row['id'].";");
    }
  }

//mail($em, "Notification from System", "Your server/website/ect looks like its {$curr_status}"); optional

?>`

now what this does is, first of all you would visit myurl/api.php?ip=ip&owner=admin(or whatever username you set in database) then it would check the result, now for database, you need to create a table called checks, structure it like this(id = auto insert):
img-01-tutorial

For some sample content I just put:
img-02-tutorial

Now, if I were to visit: myurl/api.php?ip=127.0.0.1&owner=admin it would ping using the ping function as in the code, now you have a option to email the statuses to the client/yourself/ect.

For every IP you want to check you need to add it into database, then I'd suggest making a CRON job to check statuses every * minutes(ex: 30 minutes or 1 hour) and do the api call for the users service/website/ect.

Thus being able to have a very basic checking system, not the best I know but its a good start for some people who want to make their own.

I hope you liked this guide, have fun.

Comments

  • It appears images messed up.
    1 (image #1)
    2 (image #2)

  • mysql_query()

  • Never said it was the best, just said it was basic @gubbyte

  • joepie91joepie91 Member, Patron Provider
    edited December 2012

    @curtisg said: Never said it was the best, just said it was basic @gubbyte

    No, this is just horribly insecure code, has nothing to do with 'basic'. Lrn2PDO.

    EDIT: Just for clarity, noone should run this script. It's insecure. I can spot one SQLi vulnerability right off the bat and I haven't even looked into it in-depth.

  • @joepie91 said: No, this is just horribly insecure code, has nothing to do with 'basic'. Lrn2PDO.

    EDIT: Just for clarity, noone should run this script. It's insecure. I can spot one SQLi vulnerability right off the bat and I haven't even looked into it in-depth.

    Lol no sanitation in his script.

  • So every time somebody visits this it spams the database without even inserting WHEN it was checked? Great script, easy for remote DoS

  • I don't care if you think its unsecure. It took me 1 minute to create literly so of course its insecure, yeah anyone can remote dos. This is why if you want to use it, you have to secure it yourself.

  • joepie91joepie91 Member, Patron Provider
    edited December 2012

    @curtisg said: I don't care if you think its unsecure. It took me 1 minute to create literly so of course its insecure, yeah anyone can remote dos. This is why if you want to use it, you have to secure it yourself.

    I don't think you really understand this.

    By posting this without any warnings about its security, you are putting others in danger. There is apparently more than one vulnerability in this code. This is negligence. Either you were aware of the risks, and were too lazy to type one line pointing out that you need to secure it yourself (very unlikely), or you simple weren't aware that your code wasn't secure, were caught off-guard, and are now making up some kind of excuse ("yeah well, you have to secure it yourself") so you don't lose face (almost certainly the case).

    Instead of making up an excuse, fix your code and learn how to do things properly.

  • DamianDamian Member
    edited December 2012

    @joepie91: I keep telling this guy his code is terrible. He keeps posting terrible code. You might as well just give up.

    About the only improvement I can see is using WHERE in his SQL statement, but he's still selecting everything.

    Secure and conscious PHP code: not that hard.

    Also, opening a port on a server isn't 'ping'; there's a proper ICMP ping library here: http://www.mangeek.com/portfolio/pinger.html

  • @curtisg you should get your code peer reviewed by peeps with more coding experience than you before posting on a public forum. I know you see this as sharing a quick hack that might help someone, but you're doing more harm than good as it has obvious security weaknesses and zero error checking, This kind of thing doesn't help your credibility either...

  • Above all you really shouldn't need a full-fledged MySQL database for this, SQLite or even flat CSV will do just fine.

  • @craigb said: you should get your code peer reviewed by peeps with more coding experience than you before posting on a public forum

    We tried doing that when he first came around, but he took an ignorant, "fuck-you don't use it" attitude. And who wants to endure that?

  • @curtisg said: You will need: database, knowledge of programming(not lots of knowledge)

    Sorry, but it's you who needs knowledge of programming and lots of it.

  • Come on guys, Curtis is smarter than all of us, he knows that.

    Apparently he has more intelligence than the tech teachers at his school who have masters degrees. I'm worried :S

Sign In or Register to comment.