Inicio Explorar Ayuda
Iniciar sesión
fusionpbx
/
fusionpbx-app-device_logs
espejo de https://github.com/fusionpbx/fusionpbx-app-device_logs.git
2
0
Fork 0
Archivos Incidencias 0 Wiki
Árbol: 7f90aee8b3
Ramas Etiquetas
fusionpbx-app-d...
/
device_logs.php

device_logs.php 14 KB
Histórico Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322 
  1. <?php
    2. 

  2. /*
    3. 

  3. 	Copyright (c) 2019-2023 Mark J Crane <[email protected]>
    4. 

  4. 	
    5. 

  5. 	Redistribution and use in source and binary forms, with or without
    6. 

  6. 	modification, are permitted provided that the following conditions
    7. 

  7. 	are met:
    8. 

  8. 

  9. 		1. Redistributions of source code must retain the above copyright
    10. 

  10. 		notice, this list of conditions and the following disclaimer.
    11. 

  11. 	
    12. 

  12. 		2. Redistributions in binary form must reproduce the above copyright
    13. 

  13. 		notice, this list of conditions and the following disclaimer in the
    14. 

  14. 		documentation and/or other materials provided with the distribution.
    15. 

  15. 

  16. 	THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS "AS IS" AND
    17. 

  17. 	ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
    18. 

  18. 	IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
    19. 

  19. 	ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
    20. 

  20. 	FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
    21. 

  21. 	DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
    22. 

  22. 	OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
    23. 

  23. 	HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
    24. 

  24. 	LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
    25. 

  25. 	OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
    26. 

  26. 	SUCH DAMAGE.
    27. 

  27. */
    28. 

  28. 

  29. //includes files
    30. 

  30. 	require_once dirname(__DIR__, 2) . "/resources/require.php";
    31. 

  31. 	require_once "resources/check_auth.php";
    32. 

  32. 	require_once "resources/paging.php";
    33. 

  33. 

  34. //check permissions
    35. 

  35. 	if (permission_exists('device_log_view')) {
    36. 

  36. 		//access granted
    37. 

  37. 	}
    38. 

  38. 	else {
    39. 

  39. 		echo "access denied";
    40. 

  40. 		exit;
    41. 

  41. 	}
    42. 

  42. 

  43. //add multi-lingual support
    44. 

  44. 	$language = new text;
    45. 

  45. 	$text = $language->get();
    46. 

  46. 

  47. //set additional variables
    48. 

  48. 	$search = $_GET["search"] ?? '';
    49. 

  49. 	$show = $_GET["show"] ?? '';
    50. 

  50. 

  51. //set from session variables
    52. 

  52. 	$list_row_edit_button = !empty($_SESSION['theme']['list_row_edit_button']['boolean']) ? $_SESSION['theme']['list_row_edit_button']['boolean'] : 'false';
    53. 

  53. 

  54. //get the http post data
    55. 

  55. 	if (!empty($_POST['device_logs']) && is_array($_POST['device_logs'])) {
    56. 

  56. 		$action = $_POST['action'];
    57. 

  57. 		$search = $_POST['search'];
    58. 

  58. 		$device_logs = $_POST['device_logs'];
    59. 

  59. 	}
    60. 

  60. 

  61. //process the http post data by action
    62. 

  62. 	if (!empty($action) && is_array($device_logs) && @sizeof($device_logs) != 0) {
    63. 

  63. 		switch ($action) {
    64. 

  64. 			case 'copy':
    65. 

  65. 				if (permission_exists('device_log_add')) {
    66. 

  66. 					$obj = new device_logs;
    67. 

  67. 					$obj->copy($device_logs);
    68. 

  68. 				}
    69. 

  69. 				break;
    70. 

  70. 			case 'toggle':
    71. 

  71. 				if (permission_exists('device_log_edit')) {
    72. 

  72. 					$obj = new device_logs;
    73. 

  73. 					$obj->toggle($device_logs);
    74. 

  74. 				}
    75. 

  75. 				break;
    76. 

  76. 			case 'delete':
    77. 

  77. 				if (permission_exists('device_log_delete')) {
    78. 

  78. 					$obj = new device_logs;
    79. 

  79. 					$obj->delete($device_logs);
    80. 

  80. 				}
    81. 

  81. 				break;
    82. 

  82. 		}
    83. 

  83. 

  84. 		header('Location: device_logs.php'.($search != '' ? '?search='.urlencode($search) : null));
    85. 

  85. 		exit;
    86. 

  86. 	}
    87. 

  87. 

  88. //get order and order by
    89. 

  89. 	$order_by = $_GET["order_by"] ?? '';
    90. 

  90. 	$order = $_GET["order"] ?? '';
    91. 

  91. 

  92. //set the time zone
    93. 

  93. 	if (isset($_SESSION['domain']['time_zone']['name'])) {
    94. 

  94. 		$time_zone = $_SESSION['domain']['time_zone']['name'];
    95. 

  95. 	}
    96. 

  96. 	else {
    97. 

  97. 		$time_zone = date_default_timezone_get();
    98. 

  98. 	}
    99. 

  99. 

  100. //add the search string
    101. 

  101. 	if (isset($_GET["search"]) && $_GET["search"] != '') {
    102. 

  102. 		$search =  strtolower($_GET["search"]);
    103. 

  103. 	}
    104. 

  104. 

  105. //get the count
    106. 

  106. 	$sql = "select count(device_log_uuid) \n";
    107. 

  107. 	$sql .= "from v_device_logs \n";
    108. 

  108. 	if ($show == "all" && permission_exists('device_log_all')) {
    109. 

  109. 		$sql .= "where true \n";
    110. 

  110. 	}
    111. 

  111. 	else {
    112. 

  112. 		$sql .= "where (domain_uuid = :domain_uuid or domain_uuid is null) ";
    113. 

  113. 		$parameters['domain_uuid'] = $domain_uuid;
    114. 

  114. 	}
    115. 

  115. 	if (isset($search)) {
    116. 

  116. 		$sql .= "and (";
    117. 

  117. 		$sql .= "	lower(device_address) like :search ";
    118. 

  118. 		$sql .= "	or lower(request_scheme) like :search ";
    119. 

  119. 		$sql .= "	or lower(http_host) like :search ";
    120. 

  120. 		$sql .= "	or lower(server_port) like :search ";
    121. 

  121. 		$sql .= "	or lower(server_protocol) like :search ";
    122. 

  122. 		$sql .= "	or lower(query_string) like :search ";
    123. 

  123. 		$sql .= "	or lower(remote_address) like :search ";
    124. 

  124. 		$sql .= "	or lower(http_user_agent) like :search ";
    125. 

  125. 		$sql .= "	or lower(http_status) like :search ";
    126. 

  126. 		$sql .= "	or lower(http_status_code) like :search ";
    127. 

  127. 		$sql .= ") ";
    128. 

  128. 		$parameters['search'] = '%'.$search.'%';
    129. 

  129. 	}
    130. 

  130. 	$database = new database;
    131. 

  131. 	$num_rows = $database->select($sql, $parameters, 'column');
    132. 

  132. 

  133. //prepare to page the results
    134. 

  134. 	$rows_per_page = (!empty($_SESSION['domain']['paging']['numeric'])) ? $_SESSION['domain']['paging']['numeric'] : 50;
    135. 

  135. 	$param = $search ? "&search=".$search : null;
    136. 

  136. 	$param .= ($show == 'all' && permission_exists('device_log_all')) ? "&show=all" : null;
    137. 

  137. 	$page = isset($_GET['page']) ? $_GET['page'] : 0;
    138. 

  138. 	list($paging_controls, $rows_per_page) = paging($num_rows, $param, $rows_per_page);
    139. 

  139. 	list($paging_controls_mini, $rows_per_page) = paging($num_rows, $param, $rows_per_page, true);
    140. 

  140. 	$offset = $rows_per_page * $page;
    141. 

  141. 

  142. //get the list
    143. 

  143. 	$sql = "select \n";
    144. 

  144. 	$sql .= "d.domain_uuid, \n";
    145. 

  145. 	$sql .= "device_log_uuid, \n";
    146. 

  146. 	$sql .= "device_uuid, \n";
    147. 

  147. 	$sql .= "d.domain_name, \n";
    148. 

  148. 	$sql .= "timestamp, \n";
    149. 

  149. 	$sql .= "to_char(timezone(:time_zone, timestamp), 'DD Mon YYYY') as date_formatted, \n";
    150. 

  150. 	$sql .= "to_char(timezone(:time_zone, timestamp), 'HH12:MI:SS am') as time_formatted, \n";
    151. 

  151. 	$sql .= "device_address, \n";
    152. 

  152. 	$sql .= "request_scheme, \n";
    153. 

  153. 	$sql .= "http_host, \n";
    154. 

  154. 	$sql .= "server_port, \n";
    155. 

  155. 	$sql .= "server_protocol, \n";
    156. 

  156. 	$sql .= "query_string, \n";
    157. 

  157. 	$sql .= "remote_address, \n";
    158. 

  158. 	$sql .= "http_user_agent, \n";
    159. 

  159. 	$sql .= "http_status, \n";
    160. 

  160. 	$sql .= "http_status_code, \n";
    161. 

  161. 	$sql .= "http_content_body \n";
    162. 

  162. 	$sql .= "from v_device_logs as l, v_domains as d \n";
    163. 

  163. 	if ($show == "all" && permission_exists('device_log_all')) {
    164. 

  164. 		$sql .= "where true \n";
    165. 

  165. 	}
    166. 

  166. 	else {
    167. 

  167. 		$sql .= "where (l.domain_uuid = :domain_uuid or l.domain_uuid is null) \n";
    168. 

  168. 		$parameters['domain_uuid'] = $domain_uuid;
    169. 

  169. 	}
    170. 

  170. 	$sql .= "and l.domain_uuid = d.domain_uuid \n";
    171. 

  171. 	if (isset($search)) {
    172. 

  172. 		$sql .= "and ( \n";
    173. 

  173. 		$sql .= "	lower(device_address) like :search \n";
    174. 

  174. 		$sql .= "	or lower(request_scheme) like :search \n";
    175. 

  175. 		$sql .= "	or lower(http_host) like :search \n";
    176. 

  176. 		$sql .= "	or lower(server_port) like :search \n";
    177. 

  177. 		$sql .= "	or lower(server_protocol) like :search \n";
    178. 

  178. 		$sql .= "	or lower(query_string) like :search \n";
    179. 

  179. 		$sql .= "	or lower(remote_address) like :search \n";
    180. 

  180. 		$sql .= "	or lower(http_user_agent) like :search \n";
    181. 

  181. 		$sql .= "	or lower(http_status) like :search \n";
    182. 

  182. 		$sql .= "	or lower(http_status_code) like :search \n";
    183. 

  183. 		$sql .= ") ";
    184. 

  184. 		$parameters['search'] = '%'.$search.'%';
    185. 

  185. 	}
    186. 

  186. 	$parameters['time_zone'] = $time_zone;
    187. 

  187. 	$sql .= order_by($order_by, $order, 'timestamp', 'desc');
    188. 

  188. 	$sql .= limit_offset($rows_per_page, $offset);
    189. 

  189. 	$database = new database;
    190. 

  190. 	$device_logs = $database->select($sql, $parameters, 'all');
    191. 

  191. 	unset($sql, $parameters);
    192. 

  192. 

  193. //create token
    194. 

  194. 	$object = new token;
    195. 

  195. 	$token = $object->create($_SERVER['PHP_SELF']);
    196. 

  196. 

  197. //include the header
    198. 

  198. 	$document['title'] = $text['title-device_logs'];
    199. 

  199. 	require_once "resources/header.php";
    200. 

  200. 

  201. //show the content
    202. 

  202. 	echo "<div class='action_bar' id='action_bar'>\n";
    203. 

  203. 	echo "	<div class='heading'><b>".$text['title-device_logs']." (".$num_rows.")</b></div>\n";
    204. 

  204. 	echo "	<div class='actions'>\n";
    205. 

  205. 	if (permission_exists('device_log_add')) {
    206. 

  206. 		echo button::create(['type'=>'button','label'=>$text['button-add'],'icon'=>$_SESSION['theme']['button_icon_add'],'id'=>'btn_add','link'=>'device_log_edit.php']);
    207. 

  207. 	}
    208. 

  208. 	if (permission_exists('device_log_delete') && $device_logs) {
    209. 

  209. 		echo button::create(['type'=>'button','label'=>$text['button-delete'],'icon'=>$_SESSION['theme']['button_icon_delete'],'name'=>'btn_delete','onclick'=>"modal_open('modal-delete','btn_delete');"]);
    210. 

  210. 	}
    211. 

  211. 	echo 		"<form id='form_search' class='inline' method='get'>\n";
    212. 

  212. 	if (permission_exists('device_log_all')) {
    213. 

  213. 		if ($show == 'all') {
    214. 

  214. 			echo "		<input type='hidden' name='show' value='all'>\n";
    215. 

  215. 		}
    216. 

  216. 		else {
    217. 

  217. 			echo button::create(['type'=>'button','label'=>$text['button-show_all'],'icon'=>$_SESSION['theme']['button_icon_all'],'link'=>'?show=all']);
    218. 

  218. 		}
    219. 

  219. 	}
    220. 

  220. 	echo 		"<input type='text' class='txt list-search' name='search' id='search' value=\"".escape($search)."\" placeholder=\"".$text['label-search']."\" onkeydown='list_search_reset();'>";
    221. 

  221. 	echo button::create(['label'=>$text['button-search'],'icon'=>$_SESSION['theme']['button_icon_search'],'type'=>'submit','id'=>'btn_search','style'=>($search != '' ? 'display: none;' : null)]);
    222. 

  222. 	echo button::create(['label'=>$text['button-reset'],'icon'=>$_SESSION['theme']['button_icon_reset'],'type'=>'button','id'=>'btn_reset','link'=>'device_logs.php','style'=>($search == '' ? 'display: none;' : null)]);
    223. 

  223. 	if (!empty($paging_controls_mini)) {
    224. 

  224. 		echo 	"<span style='margin-left: 15px;'>".$paging_controls_mini."</span>\n";
    225. 

  225. 	}
    226. 

  226. 	echo "		</form>\n";
    227. 

  227. 	echo "	</div>\n";
    228. 

  228. 	echo "	<div style='clear: both;'></div>\n";
    229. 

  229. 	echo "</div>\n";
    230. 

  230. 

  231. 	if (permission_exists('device_log_add') && $device_logs) {
    232. 

  232. 		echo modal::create(['id'=>'modal-copy','type'=>'copy','actions'=>button::create(['type'=>'button','label'=>$text['button-continue'],'icon'=>'check','id'=>'btn_copy','style'=>'float: right; margin-left: 15px;','collapse'=>'never','onclick'=>"modal_close(); list_action_set('copy'); list_form_submit('form_list');"])]);
    233. 

  233. 	}
    234. 

  234. 	if (permission_exists('device_log_edit') && $device_logs) {
    235. 

  235. 		echo modal::create(['id'=>'modal-toggle','type'=>'toggle','actions'=>button::create(['type'=>'button','label'=>$text['button-continue'],'icon'=>'check','id'=>'btn_toggle','style'=>'float: right; margin-left: 15px;','collapse'=>'never','onclick'=>"modal_close(); list_action_set('toggle'); list_form_submit('form_list');"])]);
    236. 

  236. 	}
    237. 

  237. 	if (permission_exists('device_log_delete') && $device_logs) {
    238. 

  238. 		echo modal::create(['id'=>'modal-delete','type'=>'delete','actions'=>button::create(['type'=>'button','label'=>$text['button-continue'],'icon'=>'check','id'=>'btn_delete','style'=>'float: right; margin-left: 15px;','collapse'=>'never','onclick'=>"modal_close(); list_action_set('delete'); list_form_submit('form_list');"])]);
    239. 

  239. 	}
    240. 

  240. 

  241. 	echo $text['description-device_logs']."\n";
    242. 

  242. 	echo "<br /><br />\n";
    243. 

  243. 

  244. 	echo "<form id='form_list' method='post'>\n";
    245. 

  245. 	echo "<input type='hidden' id='action' name='action' value=''>\n";
    246. 

  246. 	echo "<input type='hidden' name='search' value=\"".escape($search)."\">\n";
    247. 

  247. 

  248. 	echo "<table class='list'>\n";
    249. 

  249. 	echo "<tr class='list-header'>\n";
    250. 

  250. 	if (permission_exists('device_log_add') || permission_exists('device_log_edit') || permission_exists('device_log_delete')) {
    251. 

  251. 		echo "	<th class='checkbox'>\n";
    252. 

  252. 		echo "		<input type='checkbox' id='checkbox_all' name='checkbox_all' onclick='list_all_toggle();' ".(!empty($device_logs) ?: "style='visibility: hidden;'").">\n";
    253. 

  253. 		echo "	</th>\n";
    254. 

  254. 	}
    255. 

  255. 	if ($show == 'all' && permission_exists('device_log_all')) {
    256. 

  256. 		echo th_order_by('domain_name', $text['label-domain'], $order_by, $order);
    257. 

  257. 	}
    258. 

  258. 	echo "<th class='left'>".$text['label-date']."</th>\n";
    259. 

  259. 	echo "<th class='left hide-md-dn'>".$text['label-time']."</th>\n";
    260. 

  260. 	echo th_order_by('device_address', $text['label-device_address'], $order_by, $order);
    261. 

  261. 	echo "<th class='left hide-sm-dn'>".$text['label-request_scheme']."</th>\n";
    262. 

  262. 	echo "<th class='left hide-md-dn'>".$text['label-http_host']."</th>\n";
    263. 

  263. 	echo "<th class='left hide-md-dn'>".$text['label-server_port']."</th>\n";
    264. 

  264. 	echo "<th class='left hide-md-dn'>".$text['label-server_protocol']."</th>\n";
    265. 

  265. 	echo "<th class='left hide-md-dn'>".$text['label-query_string']."</th>\n";
    266. 

  266. 	echo th_order_by('remote_address', $text['label-remote_address'], $order_by, $order);
    267. 

  267. 	echo "<th class='left hide-md-dn'>".$text['label-http_user_agent']."</th>\n";
    268. 

  268. 	echo "<th class='left hide-md-dn'>".$text['label-http_status']."</th>\n";
    269. 

  269. 	echo "<th class='left hide-md-dn'>".$text['label-http_status_code']."</th>\n";
    270. 

  270. 	if (permission_exists('device_log_edit') && $list_row_edit_button == 'true') {
    271. 

  271. 		echo "	<td class='action-button'>&nbsp;</td>\n";
    272. 

  272. 	}
    273. 

  273. 	echo "</tr>\n";
    274. 

  274. 

  275. 	if (is_array($device_logs) && @sizeof($device_logs) != 0) {
    276. 

  276. 		$x = 0;
    277. 

  277. 		foreach ($device_logs as $row) {
    278. 

  278. 			if (permission_exists('device_log_edit')) {
    279. 

  279. 				$list_row_url = "device_log_edit.php?id=".urlencode($row['device_log_uuid']);
    280. 

  280. 			}
    281. 

  281. 			echo "<tr class='list-row' href='".$list_row_url."'>\n";
    282. 

  282. 			if (permission_exists('device_log_add') || permission_exists('device_log_edit') || permission_exists('device_log_delete')) {
    283. 

  283. 				echo "	<td class='checkbox'>\n";
    284. 

  284. 				echo "		<input type='checkbox' name='device_logs[$x][checked]' id='checkbox_".$x."' value='true' onclick=\"if (!this.checked) { document.getElementById('checkbox_all').checked = false; }\">\n";
    285. 

  285. 				echo "		<input type='hidden' name='device_logs[$x][uuid]' value='".escape($row['device_log_uuid'])."' />\n";
    286. 

  286. 				echo "	</td>\n";
    287. 

  287. 			}
    288. 

  288. 			if ($show == 'all' && permission_exists('device_log_all')) {
    289. 

  289. 				echo "	<td>".escape($_SESSION['domains'][$row['domain_uuid']]['domain_name'])."</td>\n";
    290. 

  290. 			}
    291. 

  291. 			echo "	<td>".escape($row['date_formatted'])."</td>\n";
    292. 

  292. 			echo "	<td class='left hide-md-dn'>".escape($row['time_formatted'])."</td>\n";
    293. 

  293. 			echo "	<td>".escape($row['device_address'])."</td>\n";
    294. 

  294. 			echo "	<td class='left hide-sm-dn'>".escape($row['request_scheme'])."</td>\n";
    295. 

  295. 			echo "	<td class='left hide-md-dn'>".escape($row['http_host'])."</td>\n";
    296. 

  296. 			echo "	<td class='left hide-md-dn'>".escape($row['server_port'])."</td>\n";
    297. 

  297. 			echo "	<td class='left hide-md-dn'>".escape($row['server_protocol'])."</td>\n";
    298. 

  298. 			echo "	<td class='left hide-md-dn'>".escape($row['query_string'])."</td>\n";
    299. 

  299. 			echo "	<td>".escape($row['remote_address'])."</td>\n";
    300. 

  300. 			echo "	<td class='left hide-md-dn'>".escape($row['http_user_agent'])."</td>\n";
    301. 

  301. 			echo "	<td class='left hide-md-dn'>".escape($row['http_status'])."</td>\n";
    302. 

  302. 			echo "	<td class='left hide-md-dn'>".escape($row['http_status_code'])."</td>\n";
    303. 

  303. 			if (permission_exists('device_log_edit') && $list_row_edit_button == 'true') {
    304. 

  304. 				echo "	<td class='action-button'>\n";
    305. 

  305. 				echo button::create(['type'=>'button','title'=>$text['button-edit'],'icon'=>$_SESSION['theme']['button_icon_edit'],'link'=>$list_row_url]);
    306. 

  306. 				echo "	</td>\n";
    307. 

  307. 			}
    308. 

  308. 			echo "</tr>\n";
    309. 

  309. 			$x++;
    310. 

  310. 		}
    311. 

  311. 	}
    312. 

  312. 

  313. 	echo "</table>\n";
    314. 

  314. 	echo "<br />\n";
    315. 

  315. 	echo "<div align='center'>".$paging_controls."</div>\n";
    316. 

  316. 	echo "<input type='hidden' name='".$token['name']."' value='".$token['hash']."'>\n";
    317. 

  317. 	echo "</form>\n";
    318. 

  318. 

  319. //include the footer
    320. 

  320. 	require_once "resources/footer.php";
    321. 

  321. 

  322. ?>
    323.