Hi,
Wednesday, October 15, 2003, 2:25:13 PM, you wrote:
TR> wtmp is a binary file and the format can vary between old and new versions of
TR> linux. You will need to have a look at struct utmp in, for example,
/usr/include/bits/utmp.h
TR> This location can vary from system to system as well.
TR> NOTE do not meddle with the wtmp file by opening it in anything other than
TR> readonly mode as all kinds of nasty things can happen if that file gets
TR> corrupted.
TR> --
TR> regards,
TR> Tom
This may help if you are on a newish Linux:
<?php
//use for debug
function hexDumpChar($str,$len){
//echo 'Len '.strlen($str);
$strlen = strlen($str);
for($z=0;$z < $strlen;$z+=$len){
$left = $strlen - $z;
$jlen = ($left > $len)? $len:$left;
for($j=$z;$j<$z+$jlen;$j++){
printf(" %02x",ord($str[$j]));
}
echo ' ';
for($j=$z;$j<$z+$jlen;$j++){
printf(" %c",ord($str[$j]));
}
echo '<br>';
}
echo '<br>';
}
//utmp valid types
define('UT_UNKNOWN',0);
define('RUN_LVL',1);
define('BOOT_TIME',2);
define('NEW_TIME',3);
define('OLD_TIME',4);
define('INIT_PROCESS',5);
define('LOGIN_PROCESS',6);
define('USER_PROCESS',7);
define('DEAD_PROCESS',8);
define('ACCOUNTING',9);
$types = array('uk','Run Level','Boot Time','New Time','Old Time','Init','Login
Start','User Login','Logout','Accounting');
$wtmp = '/var/log/wtmp';
if($fp = fopen($wtmp, 'r')){
echo '<table border="1" cellpadding="4" cellspacing="0">';
echo '
<tr><td>Type</td><td>Pid</td><td>Line</td><td>Inittab</td><td>User</td><td>Host</td><td>Date</td><td>Unknown</td></tr>';
while($buf = fread($fp,384)){
//hexDumpChar($buf,16);
$row = unpack("Vtype/Vpid",substr($buf,0,8));
switch($row['type']){
case RUN_LVL:
case BOOT_TIME:
case NEW_TIME:
case OLD_TIME:
case INIT_PROCESS:
case LOGIN_PROCESS:
case USER_PROCESS:
case DEAD_PROCESS:
case ACCOUNTING:
$line = substr($buf,8,32);
$inittab = substr($buf,40,4);
$user = substr($buf,44,32);
$host = substr($buf,76,256);
$date =
unpack("Vterm/Vexit/Vdate/Vuk",substr($buf,332,16));
//print_r($row);
echo '<tr><td>'.$row['type'].'
'.$types[$row['type']].'</td><td>'.$row['pid'].'</td><td>'.trim($line).'</td>';
echo
'<td>'.trim($inittab).'</td><td>'.trim($user).'</td><td>'.trim($host).'</td>';
echo '<td>'.date("d/m/Y
H:i:s",$date['date']).'</td><td>'.$date['uk'].'</td></tr>';
break;
default:
echo ' <tr><td colspan="8" style="color: Red;">Crap
entry '.$row['type'].'</td></tr>';
break;
}
}
echo '</table>';
fclose($fp);
}
?>
--
regards,
Tom
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
