Site Check


[insert_php]
error_reporting(0);
if (isset($_GET[“domain”])) {
if (!empty($_GET[“g-recaptcha-response”])) {

//Declare Variables for scanner
$proto = $_GET[“protocol”];

//clean ‘/’ and ‘#’ off end if required

$dmain = rtrim($_GET[“domain”], “/”);
$dmain = rtrim($dmain, “#”);
$dmain = ltrim($dmain);

//Connect to Database
require(get_home_path().’sucu/includes/dbconnect.php’);

//declared status var 0 = clean, 1 = Warnings, 2 = hacked
$status = 0;

//Check to see if cached data is in database
$check = ‘SELECT * FROM scans WHERE Domain = “‘.addslashes($dmain).'”‘;
$check = mysqli_query($dbc, $check);

//If it does not do the following
if(mysqli_num_rows($check) <= 0){ //Create API url $url = "https://monitor18.sucuri.net/scan-api.php?k=9b47d198ee9d59572defece99a827e4a79bd0c1efbf036ce3a&a=scan&host=".$proto."://".$dmain."&format=serialized"; //Scrap http data from API $ch = curl_init(); curl_setopt($ch, CURLOPT_URL, $url); // Set so curl_exec returns the result instead of outputting it. curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); // Get the response and close the channel. $response = curl_exec($ch); curl_close($ch); //Insert scan into database $scan = addslashes($response); $insert = "INSERT INTO scans (Domain, Scan, ScanTime) VALUES ('".addslashes($dmain)."' ,'".$scan."', NOW());"; mysqli_query($dbc, $insert); //Change Serialized data into array $data = unserialize($response); #echo $insert; } else { //Pull cached data from database $cache = 'SELECT Scan FROM scans WHERE Domain like "%'.$dmain.'%"'; $cache = mysqli_query($dbc, $cache); $response = mysqli_fetch_assoc($cache); $data = unserialize($response['Scan']); if ($_GET["rescan"] == 1){ //Create API url $url = "https://monitor18.sucuri.net/scan-api.php?k=9b47d198ee9d59572defece99a827e4a79bd0c1efbf036ce3a&a=scan&host=".$proto."://".$dmain."&format=serialized"; //Scrap http data from API $ch = curl_init(); curl_setopt($ch, CURLOPT_URL, $url); // Set so curl_exec returns the result instead of outputting it. curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); // Get the response and close the channel. $response = curl_exec($ch); curl_close($ch); //Insert scan into database $scan = addslashes($response); $update = "UPDATE scans SET Scan = '".$scan."', ScanTime = NOW() WHERE Domain = '".addslashes($dmain)."'"; mysqli_query($dbc, $update); //Change Serialized data into array $data = unserialize($response); } } if (is_array($data)){ echo "

“;

//Check if Malware detected on scan

if (is_array($data[‘OUTDATEDSCAN’])){
$status = ‘1’;
$outofdate = ‘1’;
}
if (is_array($data[‘MALWARE’])) {
$status = ‘2’;
$count = 0;
foreach ($data[‘MALWARE’][‘WARN’] as $info){
foreach ($data[‘MALWARE’][‘WARN’][$count] as $malware) {
if(strpos($malware, ‘DEFACED’) !== false) {
$defaced = ‘1’;
}
if(strpos($malware, ‘javascript malware’) !== false) {
$jsmalware = ‘1’;
}
if(strpos($malware, ‘Known Spam’) !== false) {
$SPAM = ‘1’;
}

}
}
$count++;
}
if(is_array($data[‘BLACKLIST’][‘WARN’])){
$status = ‘2’;
$blacklisted = ‘1’;
}
if ($status == 2) {
echo ‘

Critical Problems Detected: ‘;
if ($defaced == 1){ echo ‘ Defacement of Site‘;}
if ($jsmalware == 1){ echo ‘ Malicious scripts‘;}
if ($SPAM == 1){ echo ‘ Spamming Scripts‘;}
if ($blacklisted == 1){ echo ‘ Blacklisted

‘;}
} elseif($status == 1) {
echo ‘

Warning! ‘;
if ($outofdate == 1){ echo ‘Out of Date software detected please see Website Information for more details

‘;}
} else {
echo ‘

No Problems detected.

‘;
}
if(is_array($data[‘SYSTEM’][‘ERROR’])){
echo “Error: “;
foreach ($data[‘SYSTEM’][‘ERROR’] as $info){ echo $info.’
‘;}
}

//Results Tab
echo ”

“;

//Black Listing Tab
echo “

“;
if ( $blacklisted == 1) {
echo “

Warning Blacklisting Detected

“;
} else {
echo “

No Blacklisting Detected

“;
}
echo “

“;

if ( $blacklisted == 1) {
$count = 0;
foreach ($data[‘BLACKLIST’][‘WARN’] as $info){
echo ‘

‘;
foreach ($data[‘BLACKLIST’][‘WARN’][$count] as $blacklist) {
echo ‘

‘;
}
$count++;
echo ‘

‘;
}
}
$count = 0;
foreach ($data[‘BLACKLIST’][‘INFO’] as $info){
echo ‘

‘;
foreach ($data[‘BLACKLIST’][‘INFO’][$count] as $blacklist) {
echo “

“;

}
$count++;
echo ‘

‘;

}
echo ‘

‘.$blacklist.’
“.$blacklist.”

‘;

$lastupdate = ‘SELECT ScanTime FROM scans WHERE Domain like “%’.$dmain.'”‘;
$lastupdate = mysqli_query($dbc, $lastupdate);
$lastupdate = mysqli_fetch_assoc($lastupdate);

echo ‘

Scan Last performed ‘.$lastupdate[“ScanTime”] .’

Clear Cache and Rescan
‘;

} else {

//If it’s not an array the domain was not valid hence the below error
echo ‘
You have entered a invalid domain name please try again

Return ‘;
}
} else {
echo ‘Invalid reCAPTCHA please try again
Return ‘;
}
}

[/insert_php]

Please Enter Domain

Disclaimer: Secure Web Services Site Check is a free & remote scanner. Although we do our best to provide the best results, 100% accuracy is not realistic, and not guaranteed.
Please note that the initial scan can take up to several minutes to complete.

[insert_php]
#Debugging
#print_r($data);
[/insert_php]