[insert_php]
error_reporting(0);
if (isset($_GET[“domain”])) {
if (!empty($_GET[“g-recaptcha-response”])) {
//Declare Variables for scanner
$proto = $_GET[“protocol”];
//clean ‘/’ and ‘#’ off end if required
$dmain = rtrim($_GET[“domain”], “/”);
$dmain = rtrim($dmain, “#”);
$dmain = ltrim($dmain);
//Connect to Database
require(get_home_path().’sucu/includes/dbconnect.php’);
//declared status var 0 = clean, 1 = Warnings, 2 = hacked
$status = 0;
//Check to see if cached data is in database
$check = ‘SELECT * FROM scans WHERE Domain = “‘.addslashes($dmain).'”‘;
$check = mysqli_query($dbc, $check);
//If it does not do the following
if(mysqli_num_rows($check) <= 0){
//Create API url
$url = "https://monitor18.sucuri.net/scan-api.php?k=9b47d198ee9d59572defece99a827e4a79bd0c1efbf036ce3a&a=scan&host=".$proto."://".$dmain."&format=serialized";
//Scrap http data from API
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $url);
// Set so curl_exec returns the result instead of outputting it.
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
// Get the response and close the channel.
$response = curl_exec($ch);
curl_close($ch);
//Insert scan into database
$scan = addslashes($response);
$insert = "INSERT INTO scans (Domain, Scan, ScanTime) VALUES ('".addslashes($dmain)."' ,'".$scan."', NOW());";
mysqli_query($dbc, $insert);
//Change Serialized data into array
$data = unserialize($response);
#echo $insert;
} else {
//Pull cached data from database
$cache = 'SELECT Scan FROM scans WHERE Domain like "%'.$dmain.'%"';
$cache = mysqli_query($dbc, $cache);
$response = mysqli_fetch_assoc($cache);
$data = unserialize($response['Scan']);
if ($_GET["rescan"] == 1){
//Create API url
$url = "https://monitor18.sucuri.net/scan-api.php?k=9b47d198ee9d59572defece99a827e4a79bd0c1efbf036ce3a&a=scan&host=".$proto."://".$dmain."&format=serialized";
//Scrap http data from API
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $url);
// Set so curl_exec returns the result instead of outputting it.
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
// Get the response and close the channel.
$response = curl_exec($ch);
curl_close($ch);
//Insert scan into database
$scan = addslashes($response);
$update = "UPDATE scans SET Scan = '".$scan."', ScanTime = NOW() WHERE Domain = '".addslashes($dmain)."'";
mysqli_query($dbc, $update);
//Change Serialized data into array
$data = unserialize($response);
}
}
if (is_array($data)){
echo "
‘;
$lastupdate = ‘SELECT ScanTime FROM scans WHERE Domain like “%’.$dmain.'”‘;
$lastupdate = mysqli_query($dbc, $lastupdate);
$lastupdate = mysqli_fetch_assoc($lastupdate);
echo ‘
Scan Last performed ‘.$lastupdate[“ScanTime”] .’
Clear Cache and Rescan
‘;
} else {
//If it’s not an array the domain was not valid hence the below error
echo ‘
You have entered a invalid domain name please try again
Return ‘;
}
} else {
echo ‘Invalid reCAPTCHA please try again
Return ‘;
}
}
[/insert_php]
[insert_php]
#Debugging
#print_r($data);
[/insert_php]