Recent Topics
  1. b2evolution CMS Support Forums
  2. b2evolution Support
  3. Plugins & Extensions
  4. [Hack] Hiding Stats for those not logged in

[Hack] Hiding Stats for those not logged in

1 Sep 03, 2005 01:31    

There is no magic here with this, but I thought I would share it.

What I'm doing is blocking the stats page from displaying if
someone is not logged in.

Basically all it is wrapping the code in an IF statment.

And here it is.....

Open file /skins/_stats.php

This is the main "_stats.php" under the skins folder.

Find line 16

if( !defined('DB_USER') ) die( 'Please, do not access this page directly.' );

and add right below it

if( is_logged_in() ) {

and around line 107 find.

	<?php
	}
?>

and change it to read

<?php
     }
 }
else  echo ('You must be logged in to view the Statistics');?>

Now save this file.

Now when you or anyone else is not logged in the stats will not be shown.

Now on to the "Referers" section of you actual skin.
** Your skin might or might have this as part of it **

open file /skins/skin_name/_main.php

Find the "Referers" section, it could be on the sidebar section.

Look for this

	<?php if (! $stats)
	{ ?>

and replace it with

	<?php if( is_logged_in() ) {
	 if (! $stats)
	{ ?>

And then find

<?php } ?>


This needs to be the at the bottom of the "Referers" loop or things could get ulgy.

Replace it with

<?php } } ?>

This should also cut down on CPU usage as well :D

And that should do it.

Have fun,
Jon

EDIT: I just had to change the CODE's to the new PHP :D

Back to top

2 Sep 24, 2005 03:10

You're still sending a 200 (OK) response header to spam bots, though, so they won't even realize that the stats page is gone.

If you want to actually cut down on your referer spam, try this at the very top of your _main.php file:

if( $_GET['disp'] == 'stats' && !is_logged_in())
{
  header('HTTP/1.1 400 Gone');
  die('Sorry, you must be logged in to view stats.');
}

Note that this has to go at the VERY top of the file, before any text has been sent to the browser. Even a space or carriage-return will make php choke on the call to header().

Sending a 410 Gone header has the added benefit of getting your stats page removed from any search engines that might crawl by it.

Better yet, if you decide that it's not worth the invitation of a honeypot of free links, you could add something like this to your .htaccess file:

RewriteCond %{QUERY_STRING} disp=stats [NC]
RewriteRule ^.*$ - [G,L]

This way, you'll save even more server usage, because the system won't even bother parsing the request or loading a php file, connecting to a database, etc. It'll just say "You want stats?? NO STATS FOR YOU!!"

I've cut down my referer spam by about 90% in the last few days by doing this. The (very minor) downside is that I can't share my stats with the world, but that's not a big deal. People generally don't care about other people's stats.

[EDIT] More on this at http://isaacschlueter.com/2005/09/dont-publish-stats/

Back to top


Form is loading...