Auto Scan
Overview
The Enhanced Gallery Scanner (new.check.php) is a comprehensive URL scanning tool that validates gallery links for various quality, security, and compliance issues. It uses AJAX-based asynchronous processing to scan galleries without page reloads, providing real-time progress tracking and detailed violation reports. The scanner supports 29 different scan tests ranging from basic 404 checks to advanced SEO spam and browser hijacking detection.
Location: Navigate to Admin Panel → Galleries → Scanner or access via the "Gallery Scanner" button on the Gallery Admin page.
[Screenshot: new-check-main-view]
Getting to This Page
- Log in to the Admin Panel
- Navigate to Galleries → Gallery Admin
- Click the Gallery Scanner or Scanner button in the navigation
- Alternatively, navigate directly to
new.check.php
This page scans external gallery URLs for various issues. It does NOT scan locally hosted content. Galleries marked with
noscan=1 or in immune categories are automatically skipped.
System Requirements
This page requires the following system dependencies to function properly. Network connectivity is essential for URL scanning.
PHP Requirements
Required PHP Extensions
Required PHP Functions
Folder Permissions
Network Requirements
- Has outbound HTTP/HTTPS access
- Is not blocked by the target sites
- Has sufficient bandwidth for concurrent scanning
Features & UI Elements
Page Header
[Screenshot: new-check-header]
Category Selection
[Screenshot: new-check-categories]
Gallery Filter Options
[Screenshot: new-check-filters]
Scan Tests Section
The scanner supports 29 different tests organized in two columns:
Basic Tests (Left Column)
Advanced Tests (Right Column)
Action Settings Section
[Screenshot: new-check-actions]
For each violation type, you can configure the action:
AJAX Processing Settings
[Screenshot: new-check-ajax-settings]
Scan Controls
Progress Display
[Screenshot: new-check-progress]
Emoji Legend Reference
Basic Tests:
- ❌ = 404 Error
- 📏 = Size Changed
- 🐌 = Slow Server
- ⚠️ = JavaScript
- 📸 = Flash
- 🪟 = Popups
- 🖼️ = iFrames
- 🔄 = Redirects
Content Tests:
- 🖼️💥 = Broken Images
- 🎬 = Video Content
- 📊 = Image Issues
- 📜 = No 2257
- ©️ = DMCA Risk
- 🚫 = Banned Words
- 🔞 = No Age Gate
- 🌍 = Geo-Blocked
Security Tests:
- 🔒 = SSL Issues
- 📱 = Mobile Issues
- 🔁 = Infinite Loops
- 🕷️ = Browser Hijack
- 🔖 = Forced Bookmarks
- 💬 = Console Flood
- 🖱️ = Right-Click Block
SEO Tests:
- 👻 = Hidden Text
- 🔤 = Keyword Stuff
- 🎭 = Cloaking
- 📈 = Analytics Spam
- 👁️ = Excessive Tracking
- 🍪 = Cookie Abuse
Actions:
- 🚩 = Flagged
- 🚫 = Disabled
- 🗑️ = Deleted
- ⛔ = Blacklisted
Completion Summary
[Screenshot: new-check-complete]
After scan completes:
Step-by-Step Usage
Running a Basic Scan
- Navigate to Admin Panel → Galleries → Scanner
- Click Select All Categories or check specific categories
- Verify Scan Approved and Scan Pending are checked
- Review the default scan tests (most are enabled)
- Ensure all Action Settings are set to Flag Only
- Set Concurrent Requests to 2 and Request Delay to 1 Second
- Click Start AJAX Scanning
- Monitor the progress display
- Review results in the verbose output area
- When complete, click View Reports to see flagged galleries
Always start with "Flag Only" for all actions to preview what would be affected before enabling destructive actions.
Scanning Specific Categories
- Leave Select All Categories unchecked
- Check only the categories you want to scan
- This reduces scan time for targeted cleanup
Using Different Action Levels
Conservative approach:
- All actions set to Flag Only
- Review reports manually
- Decide per-gallery what to do
Moderate approach:
- 404 Errors: Disable
- Banned Words: Disable
- Everything else: Flag Only
Aggressive approach:
- 404 Errors: Delete
- Banned Words: Blacklist
- Use with caution on trusted data only
Pausing and Resuming
- Click Pause Scanning during a scan
- Review current results
- Click Resume Scanning to continue
- Or click Stop Scanning to end
Interpreting Results
Each scan result shows:
- Gallery ID and category
- URL (truncated)
- Load time in milliseconds
- Violation emojis (if any)
- Action emojis (what was done)
- Details (violation specifics)
Example:
[10:15:23] Gallery 12345 [Amateur]: http://example.com/gall... - 1250ms - Violations: ⚠️ 🪟 Actions: 🚩 (javascript: 5 instances, popups: 2 instances)
Scan Test Details
404 Error Check
Detects when a gallery URL returns HTTP 404 Not Found.
Triggers: HTTP response code 404
Recommendation: Disable or delete galleries with 404 errors
Checksum/Size Check
Compares current page content size with stored filesize value in database.
Triggers: Content size differs by more than 20% from stored value
Recommendation: Flag for manual review (content may have changed legitimately)
Server Speed Check
Flags galleries that load slower than the configured threshold.
Triggers: Load time exceeds $serverspeed (default 3000ms)
Recommendation: Flag for review - may indicate poor quality hosting
JavaScript Detection
Scans page content for JavaScript code.
Patterns detected:
<script>tagsjavascript:URLs.jsfile references- Event handlers (onclick, onload, etc.)
Recommendation: Flag - JavaScript may be legitimate or malicious
Banned Words Check
Scans page content for prohibited terms.
Sources:
$badwordconfig variable (comma-separated)- Built-in list of illegal content indicators
Recommendation: Blacklist galleries with banned words
SSL Issues Check
Validates HTTPS configuration.
Checks:
- SSL certificate validity
- Certificate expiration
- Mixed content (HTTP resources on HTTPS page)
Recommendation: Flag for review
AJAX Endpoints
ajaxgetgalleries
Purpose: Fetch list of gallery IDs to scan
Method: POST
Parameters: Same filter options as the form
Response:
{
"success": true,
"totalgalleries": 1500,
"galleryids": [1, 2, 3, ...]
}
ajaxscan
Purpose: Scan a single gallery
Method: POST
Parameters:
galleryid- Gallery to scancheck- Scan test flagsaction- Action settings
Response:
{
"success": true,
"galleryid": 123,
"galleryurl": "http://example.com/gallery/",
"gallerycategory": "Amateur",
"gallerystatus": "Approved",
"loadtime": 1250.5,
"httpcode": 200,
"contentlength": 45678,
"violations": ["JAVASCRIPT", "POPUPS"],
"violationdetails": {
"javascript": "5 instances found",
"popups": "2 instances (window.open)"
},
"actionstaken": ["Flagged"],
"error": false,
"errormessage": ""
}
Security Features
CSRF Protection
All AJAX requests are protected with CSRF tokens:
- Token generated per session using
bin2hex(randombytes(32)) - Stored in
$SESSION['galleryscannercsrftoken'] - Validated on each AJAX request
Protected Galleries
Galleries are automatically skipped if:
noscan = 1in tblTgp- Category has
immune = 1in tblCategories
Safe Error Handling
- Database errors logged but not exposed
- Invalid requests return generic error messages
- All user input sanitized before queries
Troubleshooting
Common Errors
"Database connection failed"
Cause: Cannot connect to MySQL
Solution:
- Check database credentials in config.inc.php
- Verify MySQL service is running
- Check server error logs
"Failed to connect" / "CONNECTIONERROR"
Cause: Cannot reach gallery URL
Solution:
- Verify the URL is accessible in a browser
- Check if your server IP is blocked
- The site may be offline
"Gallery not found"
Cause: Invalid galleryid passed to ajaxscan
Solution:
- Gallery may have been deleted
- Refresh the page and start new scan
Scan stalls at 0%
Cause: JavaScript error or network issue
Solution:
- Check browser console for errors
- Verify no ad-blockers interfering
- Try with lower concurrent requests
Too many violations flagged
Cause: Scan tests may be too aggressive
Solution:
- Review which tests are enabled
- Some tests (like JavaScript) may flag legitimate content
- Adjust thresholds based on your needs
Debug Tips
- Check browser Network tab - See AJAX requests/responses
- Check browser Console - JavaScript errors appear here
- Start with 1 concurrent request - Easier to debug
- Test on small category first - Faster iteration
- Check tblReports - See what violations were recorded
Violation Codes Reference
The reasons field in tblReports is a 32-character string where each position represents a violation type:
X = violation present, - = not checked or clean
Translatable Strings
The following strings should be added to backendtranslations.md:
newchecktitle = "Enhanced Gallery Scanner"
newcheckbreadcrumb = "Scanner"
newcheckback = "Back to Galleries"
newcheckbulkimport = "Bulk Import"
newcheckhome = "Admin Home"
newcheckselectcategories = "Select Categories to Scan"
newcheckselectall = "Select All Categories"
newcheckfilteroptions = "Gallery Filter Options"
newcheckscanonsite = "Scan Only On Site"
newcheckscanall = "Scan All in Database"
newcheckscanpartners = "Scan Partners Only"
newcheckskipsponsors = "Skip Sponsors"
newcheckscanapproved = "Scan Approved"
newcheckscanpending = "Scan Pending"
newcheckscanwaiting = "Scan Waiting"
newcheckscandisabled = "Scan Disabled"
newcheckselecttests = "Select Tests to Perform"
newcheckactionsettings = "Action Settings"
newcheckviolationtype = "Violation Type"
newcheckflagonly = "Flag Only"
newcheckdisable = "Disable"
newcheckdelete = "Delete"
newcheckblacklist = "Blacklist"
newcheckajaxsettings = "AJAX Processing Settings"
newcheckconcurrent = "Concurrent Requests"
newcheckdelay = "Request Delay"
newcheckwarning = "WARNING: Automatic delete and blacklist actions are PERMANENT!"
newcheckstart = "Start AJAX Scanning"
newcheckpause = "Pause Scanning"
newcheckresume = "Resume Scanning"
newcheckstop = "Stop Scanning"
newcheckcancel = "Cancel"
newcheckinitializing = "Initializing scan..."
newcheckprocessed = "Processed"
newcheckviolations = "Violations"
newcheckactions = "Actions"
newcheckspeed = "galleries/min"
newcheckcomplete = "Scan Complete!"
newchecksummary = "Summary"
newchecktotalprocessed = "Total Processed"
newchecktotalviolations = "Total Violations"
newcheckcleangalleries = "Clean Galleries"
newchecktopviolations = "Top Violations"
newcheckactionstaken = "Actions Taken"
newcheckflagged = "Flagged"
newcheckdisabled = "Disabled"
newcheckdeleted = "Deleted"
newcheckblacklisted = "Blacklisted"
newchecknewscan = "Start New Scan"
newcheckviewreports = "View Reports"
newchecktest404 = "404 Error Check"
newchecktestchecksum = "Checksum/Size Check"
newchecktestspeed = "Server Speed Check"
newchecktestjavascript = "JavaScript Detection"
newchecktestflash = "Flash Detection"
newchecktestpopups = "Popup Detection"
newchecktestiframe = "iFrame Detection"
newchecktestredirects = "Redirect Check"
newchecktestbrokenimages = "Broken Images Check"
newchecktestvideo = "Video Content Detection"
newchecktestimages = "Image File Quality Check"
newchecktest2257 = "2257 Compliance Check"
newchecktestdmca = "DMCA/Copyright Detection"
newchecktestbanned = "Banned Words Check"
newchecktestage = "Age Verification Check"
newchecktestgeo = "Geo-Restriction Detection"
newchecktestssl = "SSL/HTTPS Issues"
newchecktestmobile = "Mobile Compatibility"
newchecktestloops = "Infinite Loops"
newchecktesthijacking = "Browser Hijacking"
newchecktestbookmarks = "Forced Bookmarks"
newchecktestconsole = "Console Flooding"
newchecktestrightclick = "Right-Click Disabled"
newchecktesthidden = "Hidden Text"
newcheckteststuffing = "Keyword Stuffing"
newchecktestcloaking = "Cloaking Detection"
newchecktestanalytics = "Analytics Overload"
newchecktesttracking = "Excessive Tracking Pixels"
newchecktestcookies = "Cookie Abuse"Version History
Related Documentation
- Gallery Administration - Managing galleries
- Bulk Gallery Import - Importing galleries
- Reports - Viewing violation reports
- Categories Administration - Category immunity settings