<?php

/**
 * AVE.cms - Модуль Who is online
 *
 * @package AVE.cms
 * @subpackage module_WhoIsOnline
 * @since 2.09
 * @filesource
 */

// http://freegeoip.net/json/5.228.62.191

if (!defined('BASE_DIR')) exit;

if (defined('ACP'))
	$modul =
	[
		'ModuleName'			=> "Who is online",
		'ModuleSysName'			=> "whoisonline",
		'ModuleVersion'			=> "1.0",
		'ModuleDescription'		=> "Данный модуль предназначен для отображения присутствующих на сайте пользователей с гео-информацией.",
		'ModuleAutor'			=> "AVE.cms Team",
		'ModuleCopyright'		=> "&copy; AVE.cms Team 2016",
		'ModuleStatus'			=> 1,
		'ModuleIsFunction'		=> 1,
		'ModuleTemplate'		=> 0,
		'ModuleAdminEdit'		=> 0,
		'ModuleFunction'		=> 'mod_online',
		'ModuleTag'				=> '[mod_online]',
		'ModuleTagLink'			=> null,
		'ModuleAveTag'			=> '#\\\[mod_online]#',
		'ModulePHPTag'			=> "<?php mod_online(); ?>"
	];

function mod_online()
{
?>
<link rel="stylesheet" type="text/css" href="<?php echo ABS_PATH; ?>modules/whoisonline/css/styles.css" />
<script type="text/javascript" src="<?php echo ABS_PATH; ?>modules/whoisonline/js/widget.js"></script>
<div class="onlineWidget affix affix-top" data-spy="affix" data-offset-top="100" data-offset-bottom="400">
	<div class="pnl"><img class="preloader" src="<?php echo ABS_PATH; ?>modules/whoisonline/images/preloader.gif" alt="Loading.." width="22" height="22" /></div>
	<div class="cnt"></div>
	<div class="lbl">онлайн</div>
	<div class="arw"></div>
</div>
<?php
}

if (! defined('ACP') && isset($_REQUEST['module']) && $_REQUEST['module'] == 'whoisonline')
{
	function get_tag($tag, $xml)
	{
		$match = array();

		preg_match_all('/<' . $tag . '>(.*)<\/' . $tag . '>$/imU', $xml, $match);

		return $match[1];
	}

	function is_bot()
	{
		/* This function will check whether the visitor is a search engine robot */

		$botlist = array("Teoma", "alexa", "froogle", "Gigabot", "inktomi",
			"looksmart", "URL_Spider_SQL", "Firefly", "NationalDirectory",
			"Ask Jeeves", "TECNOSEEK", "InfoSeek", "WebFindBot", "girafabot",
			"crawler", "www.galaxy.com", "Googlebot", "Scooter", "Slurp",
			"msnbot", "appie", "FAST", "WebBug", "Spade", "ZyBorg", "rabaz",
			"Baiduspider", "Feedfetcher-Google", "TechnoratiSnoop", "Rankivabot",
			"Mediapartners-Google", "Sogou web spider", "WebAlta Crawler",
			"TweetmemeBot", "Butterfly", "Twitturls", "Me.dium", "Twiceler");

		foreach ($botlist as $bot)
		{
			if (strpos($_SERVER['HTTP_USER_AGENT'], $bot) !== false) return true;	// Is a bot
		}

		return false;	// Not a bot
	}

	if (empty($_REQUEST['action']) || is_bot()) die();

	switch ($_REQUEST['action'])
	{
		case 'online':
			$stringIp = $_SERVER['REMOTE_ADDR'];

			$intIp = ip2long($stringIp);

			// Checking wheter the visitor is already marked as being online:
			$counted = $AVE_DB->Query("
				SELECT 1
				FROM " . PREFIX . "_module_who_is_online
				WHERE ip = " . $intIp
			)->NumRows();

			if (! $counted)
			{
				// This user is not in the database, so we must fetch
				// the geoip data and insert it into the online table:

				if (! empty($_COOKIE['geoData']))
				{
					// A "geoData" cookie has been previously set by the script, so we will use it

					// Always escape any user input, including cookies:
					list($city, $countryName, $countryAbbrev) = explode('|', stripslashes(strip_tags($_COOKIE['geoData'])));
				}
				else
				{
					// Making an API call to Hostip:

					$xml = json_decode(file_get_contents('http://freegeoip.net/json/' . $stringIp), true);

					$city = $xml['city'];
					$countryName = $xml['country_name'];
					$countryAbbrev = $xml['country_code'];

					// Setting a cookie with the data, which is set to expire in a month:
					setcookie('geoData', $city . '|' . $countryName . '|' . $countryAbbrev, time()+60*60*24*30,'/');
				}

				//$countryName = str_replace('(Unknown Country?)', 'UNKNOWN', $countryName);

				// In case the Hostip API fails:

				if (! $countryName)
				{
					$countryName = 'UNKNOWN';
					$countryAbbrev = 'XX';
					$city = '(Unknown City?)';
				}

				$AVE_DB->Query("
					INSERT INTO " . PREFIX . "_module_who_is_online
					SET
						ip          = " . $intIp . ",
						city        = '" . addslashes($city) . "',
						country     = '" . addslashes($countryName) . "',
						countrycode = '" . addslashes($countryAbbrev) . "'
				");
			}
			else
			{
				// If the visitor is already online, just update the dt value of the row:
				$AVE_DB->Query("
					UPDATE " . PREFIX . "_module_who_is_online
					SET dt = NOW()
					WHERE ip = " . $intIp
				);
			}

			// Removing entries not updated in the last 10 minutes:
			$AVE_DB->Query("
				DELETE
				FROM " . PREFIX . "_module_who_is_online
				WHERE dt < SUBTIME(NOW(),'0 0:10:0')
			");

			// Counting all the online visitors:
			list($totalOnline) = $AVE_DB->Query("
				SELECT COUNT(*)
				FROM " . PREFIX . "_module_who_is_online
			")->FetchArray();

			// Outputting the number as plain text:
			echo $totalOnline;
			exit;

		case 'geodata':
			// Selecting the top 15 countries with the most visitors:
			$sql = $AVE_DB->Query("
				SELECT
					countryCode,
					country,
					COUNT(*) AS total
				FROM " . PREFIX . "_module_who_is_online
				GROUP BY countryCode
				ORDER BY total DESC
				LIMIT 15
			");
			while ($row = $sql->FetchRow())
			{
				echo '
				<div class="geoRow">
					<div class="flag"><img src="' . ABS_PATH . 'modules/whoisonline/images/countryflags/' . mb_strtolower($row->countryCode) . '.gif" width="16" height="11" /></div>
					<div class="country" title="' . htmlspecialchars($row->country) . '">' . $row->country . '</div>
					<div class="people">' . $row->total . '</div>
				</div>
				';
			}
			exit;
	}
	exit;
}

?>