#!/usr/bin/perl -w
## script to set up cookie logging and site logging
## regurgitates javiscript to be executed on the browser
## should log the refferer info and stuff and create a database entry for the session
## if it was hosted on the same system as the server, it could have access to the cookies
use strict;
use Time::HiRes qw(gettimeofday);
use DBI;

my $dbh = DBI->connect("DBI:mysql:tracker:localhost","track","wave9283", {RaiseError => 1} );
my $sth; #our SQL statement handle
my $sth2;
my $sth3;
my $sth4;
my $formpro='www.odysseyexpeditions.com/tracker';
my $machineID = $ENV{'REMOTE_ADDR'} || '0.0.0.0';
my $referrer = $ENV{'HTTP_REFERER'} || 'none';
my $ip = $ENV{'REMOTE_ADDR'} || '0.0.0.0';
# This is the structure of the tracker mysql database
#
#   Table- Machines  Fields- MachineID, MachineText
#   Table- Sessions  Fields- SessionID, MachineID, ScreenHeight, ScreenWidth, IP
#   Table- Views     Fields- ViewsID, SessionID, PageID, ReferrerID, TargetID, StartTime, ExitTime
#   Table- Resources Fields- ResourceID, URL, Title


#thinking maybe, look at referrer, if it is from odyex, marinebiology, or odysseyexpeditions properties, then look for session and machine id in database that last visited that page and make this machine id the same instead of creating a new one
$referrer=substr($referrer,0,255);
my $referrerID;

if ($referrer)  {
    $sth = $dbh->prepare("SELECT ResourceID FROM Resources WHERE URL = '$referrer'");
    $sth->execute();
    ($referrerID) = $sth->fetchrow_array;
    if (!$referrerID) {  #The referrer is not currently in the Resources Table, Ad it
        $sth = $dbh->prepare("INSERT INTO Resources (URL) VALUES ('$referrer')");
        $sth->execute();
        $sth = $dbh->prepare("SELECT ResourceID FROM Resources WHERE URL = '$referrer'");
        $sth->execute();
        ($referrerID) = $sth->fetchrow_array;
    }
}
if (!$referrerID) {$referrerID=""}

my @sessionIDs;
my $sessionID;
my $found = 0;
my @machines;
my $machineText;
my $sessionscount=0;
my @sessions;
my $themachineID;

#select max session from same ip
$sth = $dbh->prepare("SELECT MachineID FROM Sessions WHERE IP = '$ip' ORDER BY SessionID DESC LIMIT 0,1");
$sth->execute();
($themachineID) = $sth->fetchrow_array;
if ($themachineID){
	$sth3 = $dbh->prepare("SELECT MachineText FROM Machines WHERE MachineID = '$themachineID'");
	$sth3->execute();
	($machineText) = $sth3->fetchrow_array;
	$found=1;
}

my $foundTime;
if ($machineText && $machineText =~ /.*:(.*)/){
	$foundTime=$1;
}
my $site;
my $rawtimenow=gettimeofday;
my $timenow=gettimeofday;
$timenow=~s/\.//;

my $lengthdigitadd=(15-length($timenow));
my $digitsadded =0;
while($digitsadded<$lengthdigitadd) {
    $timenow.="0";
    $digitsadded++;
}
my $time=$timenow;

if ($found){
	$time = $foundTime;
}
if (!$time){
	$time="123456778912345";
}


$site=param('site');
if (!$site) {$site='NO-SITE'}
if (!$machineID) {$machineID='NO-REMOTE-IP'}

use CGI qw(:standard);
use POSIX qw(strftime);

#print header(-type  =>  'text/javascript',
print header(-type  =>  'text/html',
        # date in the past
        -expires       => 'Sat, 26 Jul 1997 05:00:00 GMT',
        # always modified
        -Last_Modified => strftime('%a, %d %b %Y %H:%M:%S GMT', gmtime),
        # HTTP/1.0
        -Pragma        => 'no-cache',
        # HTTP/1.1
        -Cache_Control => join(', ', qw(
                no-store
                no-cache
                must-revalidate
                post-check=0
                pre-check=0
        )),
);



print <<Jscript;
function getQueryVariable(variable) {
  var query = window.location.search.substring(1);
  var vars = query.split("&");
  for (var i=0;i<vars.length;i++) {
    var pair = vars[i].split("=");
    if (pair[0] == variable) {
      return pair[1];
    }
  } 
} 
z=document; 
source=(getQueryVariable("source")+" "+z.referrer); 
ot_b="http"+(z.URL.indexOf('https:')==0?'s://':'://')+'$formpro'; 
t2=escape(z.title);

ti=t2; 
if (t2.indexOf('%u')!=-1) ti=escape(t2); 
cd=(new Date("December 31, 2023")).toGMTString();
cld=new Date();
fv=false;
ac=false; 
if(typeof(top.document)=="object") ot_r=top.document;
else ot_r=z; 
if(ot_r.location!=z.referrer)ot_r=z; 
if(z.referrer.indexOf(z.domain)==-1){f_sc("origref",source,cd,"/")};
if(z.cookie.indexOf('origref')==-1){f_sc("origref",source,cd,"/")};
if(z.cookie.indexOf('machine-id') != -1){
 ac=true; 
 }else{ 
 	if(z.cookie.indexOf('machine-id')==-1){
 		f_sc("machine-id","$machineID:$time",cd,"/");
 	} 
 	if(z.cookie.indexOf('machine-id') != -1) ac=true; 
 } 
 rc=f_rc("machine-id");
 lc=escape(z.location);ot_t0=$time; 
 function f_log() { 
 	ot_im=new Image(1,1); 
 	ot_im.src=ot_b+'/collect.pl?p=1&mid='+rc +'&fv='+fv+'&cld='+escape(cld) +'&sh='+screen.height+'&sw='+screen.width +'&sc='+screen.colorDepth +'&lc='+lc+'&ref='+escape(ot_r.referrer) +'&t0='+ot_t0+'&ti='+ti+'&si=$site'; 
 } 
 function f_sc(n,v,h,p,d,s){ 
 	fv=true; 
 	z.cookie=n+'='+escape(v)+((h)?(';expires='+h):'')+((p)?';path='+p:'')+((d)?';domain='+d:'')+((s && (s==true))?'; secure':'');
 } 
 function f_rc(n){ 
 	if(z.cookie==''){
 		return false;
 	}else{ 
 		var fc,lc;
 		var tbc=z.cookie;fc=tbc.indexOf(n);var NN2Hack=fc+n.length; if((fc != -1) && (tbc.charAt(NN2Hack)=='=')){ fc += n.length+1;lc=tbc.indexOf(';',fc); if(lc==-1)lc=tbc.length;return unescape(tbc.substring(fc,lc)); }else{return false;} } } function ot_f() { e=event.srcElement; ep=e.parentElement; if (ep.tagName=="A" || ep.tagName=="AREA") e = ep; else { if (ep.parentElement) { epp=ep.parentElement; if (epp.tagName=="A" || epp.tagName=="AREA") e = epp; } } isA=(e.tagName=="A" || e.tagName=="AREA")?1:0; isL=(isA && e.href)?1:0; if (!isL) return; if (e.href.indexOf(z.domain)!=-1 || e.href.indexOf("/")==1) return; ot_im=new Image(1,1); ot_im.src=ot_b+'/collect_.pl?p=3&mid='+rc+'&t0='+ot_t0+'&ms='+escape(e.href)+'&lc='+lc+'&ti='+ti+'&si=$site'; } function _j(ms){ n=new Date();et=n.getTime()+ms; while(true){n=new Date();if(n.getTime()>et)return;} } function _bye(){ if(navigator.userAgent.toLowerCase().indexOf('safari') != -1) return; ot_im=new Image(1,1); ot_im.src=ot_b+'/collect_.pl?p=2&mid='+rc+'&t0='+ot_t0+'&ms=gone&lc='+lc+'&ti='+ti+'&si=$site'; _j(250); } function ot_e(ot_m, ot_u, ot_n){ return true; } if (z.getElementById && z.createElement){ if (window.attachEvent){ window.attachEvent("onunload",_bye); z.attachEvent("onclick",ot_f); } } f_log();
Jscript