2
0

ManageErrors.php 14 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379
  1. <?php
  2. /**
  3. * The main purpose of this file is to show a list of all errors that were
  4. * logged on the forum, and allow filtering and deleting them.
  5. *
  6. * Simple Machines Forum (SMF)
  7. *
  8. * @package SMF
  9. * @author Simple Machines http://www.simplemachines.org
  10. * @copyright 2013 Simple Machines and individual contributors
  11. * @license http://www.simplemachines.org/about/smf/license.php BSD
  12. *
  13. * @version 2.1 Alpha 1
  14. */
  15. if (!defined('SMF'))
  16. die('No direct access...');
  17. /**
  18. * View the forum's error log.
  19. * This function sets all the context up to show the error log for maintenance.
  20. * It requires the maintain_forum permission.
  21. * It is accessed from ?action=admin;area=logs;sa=errorlog.
  22. *
  23. * @uses the Errors template and error_log sub template.
  24. */
  25. function ViewErrorLog()
  26. {
  27. global $scripturl, $txt, $context, $modSettings, $user_profile, $filter, $boarddir, $sourcedir, $themedir, $smcFunc;
  28. // Viewing contents of a file?
  29. if (isset($_GET['file']))
  30. return ViewFile();
  31. // Check for the administrative permission to do this.
  32. isAllowedTo('admin_forum');
  33. // Templates, etc...
  34. loadLanguage('ManageMaintenance');
  35. loadTemplate('Errors');
  36. // You can filter by any of the following columns:
  37. $filters = array(
  38. 'id_member' => $txt['username'],
  39. 'ip' => $txt['ip_address'],
  40. 'session' => $txt['session'],
  41. 'url' => $txt['error_url'],
  42. 'message' => $txt['error_message'],
  43. 'error_type' => $txt['error_type'],
  44. 'file' => $txt['file'],
  45. 'line' => $txt['line'],
  46. );
  47. // Set up the filtering...
  48. if (isset($_GET['value'], $_GET['filter']) && isset($filters[$_GET['filter']]))
  49. $filter = array(
  50. 'variable' => $_GET['filter'],
  51. 'value' => array(
  52. 'sql' => in_array($_GET['filter'], array('message', 'url', 'file')) ? base64_decode(strtr($_GET['value'], array(' ' => '+'))) : $smcFunc['db_escape_wildcard_string']($_GET['value']),
  53. ),
  54. 'href' => ';filter=' . $_GET['filter'] . ';value=' . $_GET['value'],
  55. 'entity' => $filters[$_GET['filter']]
  56. );
  57. // Deleting, are we?
  58. if (isset($_POST['delall']) || isset($_POST['delete']))
  59. deleteErrors();
  60. // Just how many errors are there?
  61. $result = $smcFunc['db_query']('', '
  62. SELECT COUNT(*)
  63. FROM {db_prefix}log_errors' . (isset($filter) ? '
  64. WHERE ' . $filter['variable'] . ' LIKE {string:filter}' : ''),
  65. array(
  66. 'filter' => isset($filter) ? $filter['value']['sql'] : '',
  67. )
  68. );
  69. list ($num_errors) = $smcFunc['db_fetch_row']($result);
  70. $smcFunc['db_free_result']($result);
  71. // If this filter is empty...
  72. if ($num_errors == 0 && isset($filter))
  73. redirectexit('action=admin;area=logs;sa=errorlog' . (isset($_REQUEST['desc']) ? ';desc' : ''));
  74. // Clean up start.
  75. if (!isset($_GET['start']) || $_GET['start'] < 0)
  76. $_GET['start'] = 0;
  77. // Do we want to reverse error listing?
  78. $context['sort_direction'] = isset($_REQUEST['desc']) ? 'down' : 'up';
  79. // Set the page listing up.
  80. $context['page_index'] = constructPageIndex($scripturl . '?action=admin;area=logs;sa=errorlog' . ($context['sort_direction'] == 'down' ? ';desc' : '') . (isset($filter) ? $filter['href'] : ''), $_GET['start'], $num_errors, $modSettings['defaultMaxMessages']);
  81. $context['start'] = $_GET['start'];
  82. // Find and sort out the errors.
  83. $request = $smcFunc['db_query']('', '
  84. SELECT id_error, id_member, ip, url, log_time, message, session, error_type, file, line
  85. FROM {db_prefix}log_errors' . (isset($filter) ? '
  86. WHERE ' . $filter['variable'] . ' LIKE {string:filter}' : '') . '
  87. ORDER BY id_error ' . ($context['sort_direction'] == 'down' ? 'DESC' : '') . '
  88. LIMIT ' . $_GET['start'] . ', ' . $modSettings['defaultMaxMessages'],
  89. array(
  90. 'filter' => isset($filter) ? $filter['value']['sql'] : '',
  91. )
  92. );
  93. $context['errors'] = array();
  94. $members = array();
  95. for ($i = 0; $row = $smcFunc['db_fetch_assoc']($request); $i ++)
  96. {
  97. $search_message = preg_replace('~&lt;span class=&quot;remove&quot;&gt;(.+?)&lt;/span&gt;~', '%', $smcFunc['db_escape_wildcard_string']($row['message']));
  98. if ($search_message == $filter['value']['sql'])
  99. $search_message = $smcFunc['db_escape_wildcard_string']($row['message']);
  100. $show_message = strtr(strtr(preg_replace('~&lt;span class=&quot;remove&quot;&gt;(.+?)&lt;/span&gt;~', '$1', $row['message']), array("\r" => '', '<br />' => "\n", '<' => '&lt;', '>' => '&gt;', '"' => '&quot;')), array("\n" => '<br />'));
  101. $context['errors'][$row['id_error']] = array(
  102. 'alternate' => $i %2 == 0,
  103. 'member' => array(
  104. 'id' => $row['id_member'],
  105. 'ip' => $row['ip'],
  106. 'session' => $row['session']
  107. ),
  108. 'time' => timeformat($row['log_time']),
  109. 'timestamp' => $row['log_time'],
  110. 'url' => array(
  111. 'html' => htmlspecialchars((substr($row['url'], 0, 1) == '?' ? $scripturl : '') . $row['url']),
  112. 'href' => base64_encode($smcFunc['db_escape_wildcard_string']($row['url']))
  113. ),
  114. 'message' => array(
  115. 'html' => $show_message,
  116. 'href' => base64_encode($search_message)
  117. ),
  118. 'id' => $row['id_error'],
  119. 'error_type' => array(
  120. 'type' => $row['error_type'],
  121. 'name' => isset($txt['errortype_'.$row['error_type']]) ? $txt['errortype_'.$row['error_type']] : $row['error_type'],
  122. ),
  123. 'file' => array(),
  124. );
  125. if (!empty($row['file']) && !empty($row['line']))
  126. {
  127. // Eval'd files rarely point to the right location and cause havoc for linking, so don't link them.
  128. $linkfile = strpos($row['file'], 'eval') === false || strpos($row['file'], '?') === false; // De Morgan's Law. Want this true unless both are present.
  129. $context['errors'][$row['id_error']]['file'] = array(
  130. 'file' => $row['file'],
  131. 'line' => $row['line'],
  132. 'href' => $scripturl . '?action=admin;area=logs;sa=errorlog;file=' . base64_encode($row['file']) . ';line=' . $row['line'],
  133. 'link' => $linkfile ? '<a href="' . $scripturl . '?action=admin;area=logs;sa=errorlog;file=' . base64_encode($row['file']) . ';line=' . $row['line'] . '" onclick="return reqWin(this.href, 600, 480, false);">' . $row['file'] . '</a>' : $row['file'],
  134. 'search' => base64_encode($row['file']),
  135. );
  136. }
  137. // Make a list of members to load later.
  138. $members[$row['id_member']] = $row['id_member'];
  139. }
  140. $smcFunc['db_free_result']($request);
  141. // Load the member data.
  142. if (!empty($members))
  143. {
  144. // Get some additional member info...
  145. $request = $smcFunc['db_query']('', '
  146. SELECT id_member, member_name, real_name
  147. FROM {db_prefix}members
  148. WHERE id_member IN ({array_int:member_list})
  149. LIMIT ' . count($members),
  150. array(
  151. 'member_list' => $members,
  152. )
  153. );
  154. while ($row = $smcFunc['db_fetch_assoc']($request))
  155. $members[$row['id_member']] = $row;
  156. $smcFunc['db_free_result']($request);
  157. // This is a guest...
  158. $members[0] = array(
  159. 'id_member' => 0,
  160. 'member_name' => '',
  161. 'real_name' => $txt['guest_title']
  162. );
  163. // Go through each error and tack the data on.
  164. foreach ($context['errors'] as $id => $dummy)
  165. {
  166. $memID = $context['errors'][$id]['member']['id'];
  167. $context['errors'][$id]['member']['username'] = $members[$memID]['member_name'];
  168. $context['errors'][$id]['member']['name'] = $members[$memID]['real_name'];
  169. $context['errors'][$id]['member']['href'] = empty($memID) ? '' : $scripturl . '?action=profile;u=' . $memID;
  170. $context['errors'][$id]['member']['link'] = empty($memID) ? $txt['guest_title'] : '<a href="' . $scripturl . '?action=profile;u=' . $memID . '">' . $context['errors'][$id]['member']['name'] . '</a>';
  171. }
  172. }
  173. // Filtering anything?
  174. if (isset($filter))
  175. {
  176. $context['filter'] = &$filter;
  177. // Set the filtering context.
  178. if ($filter['variable'] == 'id_member')
  179. {
  180. $id = $filter['value']['sql'];
  181. loadMemberData($id, false, 'minimal');
  182. $context['filter']['value']['html'] = '<a href="' . $scripturl . '?action=profile;u=' . $id . '">' . $user_profile[$id]['real_name'] . '</a>';
  183. }
  184. elseif ($filter['variable'] == 'url')
  185. $context['filter']['value']['html'] = '\'' . strtr(htmlspecialchars((substr($filter['value']['sql'], 0, 1) == '?' ? $scripturl : '') . $filter['value']['sql']), array('\_' => '_')) . '\'';
  186. elseif ($filter['variable'] == 'message')
  187. {
  188. $context['filter']['value']['html'] = '\'' . strtr(htmlspecialchars($filter['value']['sql']), array("\n" => '<br />', '&lt;br /&gt;' => '<br />', "\t" => '&nbsp;&nbsp;&nbsp;', '\_' => '_', '\\%' => '%', '\\\\' => '\\')) . '\'';
  189. $context['filter']['value']['html'] = preg_replace('~&amp;lt;span class=&amp;quot;remove&amp;quot;&amp;gt;(.+?)&amp;lt;/span&amp;gt;~', '$1', $context['filter']['value']['html']);
  190. }
  191. elseif ($filter['variable'] == 'error_type')
  192. {
  193. $context['filter']['value']['html'] = '\'' . strtr(htmlspecialchars($filter['value']['sql']), array("\n" => '<br />', '&lt;br /&gt;' => '<br />', "\t" => '&nbsp;&nbsp;&nbsp;', '\_' => '_', '\\%' => '%', '\\\\' => '\\')) . '\'';
  194. }
  195. else
  196. $context['filter']['value']['html'] = &$filter['value']['sql'];
  197. }
  198. $context['error_types'] = array();
  199. $context['error_types']['all'] = array(
  200. 'label' => $txt['errortype_all'],
  201. 'description' => isset($txt['errortype_all_desc']) ? $txt['errortype_all_desc'] : '',
  202. 'url' => $scripturl . '?action=admin;area=logs;sa=errorlog' . ($context['sort_direction'] == 'down' ? ';desc' : ''),
  203. 'is_selected' => empty($filter),
  204. );
  205. $sum = 0;
  206. // What type of errors do we have and how many do we have?
  207. $request = $smcFunc['db_query']('', '
  208. SELECT error_type, COUNT(*) AS num_errors
  209. FROM {db_prefix}log_errors
  210. GROUP BY error_type
  211. ORDER BY error_type = {string:critical_type} DESC, error_type ASC',
  212. array(
  213. 'critical_type' => 'critical',
  214. )
  215. );
  216. while ($row = $smcFunc['db_fetch_assoc']($request))
  217. {
  218. // Total errors so far?
  219. $sum += $row['num_errors'];
  220. $context['error_types'][$sum] = array(
  221. 'label' => (isset($txt['errortype_' . $row['error_type']]) ? $txt['errortype_' . $row['error_type']] : $row['error_type']) . ' (' . $row['num_errors'] . ')',
  222. 'description' => isset($txt['errortype_' . $row['error_type'] . '_desc']) ? $txt['errortype_' . $row['error_type'] . '_desc'] : '',
  223. 'url' => $scripturl . '?action=admin;area=logs;sa=errorlog' . ($context['sort_direction'] == 'down' ? ';desc' : '') . ';filter=error_type;value=' . $row['error_type'],
  224. 'is_selected' => isset($filter) && $filter['value']['sql'] == $smcFunc['db_escape_wildcard_string']($row['error_type']),
  225. );
  226. }
  227. $smcFunc['db_free_result']($request);
  228. // Update the all errors tab with the total number of errors
  229. $context['error_types']['all']['label'] .= ' (' . $sum . ')';
  230. // Finally, work out what is the last tab!
  231. if (isset($context['error_types'][$sum]))
  232. $context['error_types'][$sum]['is_last'] = true;
  233. else
  234. $context['error_types']['all']['is_last'] = true;
  235. // And this is pretty basic ;).
  236. $context['page_title'] = $txt['errlog'];
  237. $context['has_filter'] = isset($filter);
  238. $context['sub_template'] = 'error_log';
  239. createToken('admin-el');
  240. }
  241. /**
  242. * Delete all or some of the errors in the error log.
  243. * It applies any necessary filters to deletion.
  244. * This should only be called by ViewErrorLog().
  245. * It attempts to TRUNCATE the table to reset the auto_increment.
  246. * Redirects back to the error log when done.
  247. */
  248. function deleteErrors()
  249. {
  250. global $filter, $smcFunc;
  251. // Make sure the session exists and is correct; otherwise, might be a hacker.
  252. checkSession();
  253. validateToken('admin-el');
  254. // Delete all or just some?
  255. if (isset($_POST['delall']) && !isset($filter))
  256. $smcFunc['db_query']('truncate_table', '
  257. TRUNCATE {db_prefix}log_errors',
  258. array(
  259. )
  260. );
  261. // Deleting all with a filter?
  262. elseif (isset($_POST['delall']) && isset($filter))
  263. $smcFunc['db_query']('', '
  264. DELETE FROM {db_prefix}log_errors
  265. WHERE ' . $filter['variable'] . ' LIKE {string:filter}',
  266. array(
  267. 'filter' => $filter['value']['sql'],
  268. )
  269. );
  270. // Just specific errors?
  271. elseif (!empty($_POST['delete']))
  272. {
  273. $smcFunc['db_query']('', '
  274. DELETE FROM {db_prefix}log_errors
  275. WHERE id_error IN ({array_int:error_list})',
  276. array(
  277. 'error_list' => array_unique($_POST['delete']),
  278. )
  279. );
  280. // Go back to where we were.
  281. redirectexit('action=admin;area=logs;sa=errorlog' . (isset($_REQUEST['desc']) ? ';desc' : '') . ';start=' . $_GET['start'] . (isset($filter) ? ';filter=' . $_GET['filter'] . ';value=' . $_GET['value'] : ''));
  282. }
  283. // Back to the error log!
  284. redirectexit('action=admin;area=logs;sa=errorlog' . (isset($_REQUEST['desc']) ? ';desc' : ''));
  285. }
  286. /**
  287. * View a file specified in $_REQUEST['file'], with php highlighting on it
  288. * Preconditions:
  289. * - file must be readable,
  290. * - full file path must be base64 encoded,
  291. * - user must have admin_forum permission.
  292. * The line number number is specified by $_REQUEST['line']...
  293. * The function will try to get the 20 lines before and after the specified line.
  294. */
  295. function ViewFile()
  296. {
  297. global $context, $txt, $boarddir, $sourcedir, $cachedir;
  298. // Check for the administrative permission to do this.
  299. isAllowedTo('admin_forum');
  300. // Decode the file and get the line
  301. $file = realpath(base64_decode($_REQUEST['file']));
  302. $real_board = realpath($boarddir);
  303. $real_source = realpath($sourcedir);
  304. $real_cache = realpath($cachedir);
  305. $basename = strtolower(basename($file));
  306. $ext = strrchr($basename, '.');
  307. $line = isset($_REQUEST['line']) ? (int) $_REQUEST['line'] : 0;
  308. // Make sure the file we are looking for is one they are allowed to look at
  309. if ($ext != '.php' || (strpos($file, $real_board) === false && strpos($file, $real_source) === false) || ($basename == 'settings.php' || $basename == 'settings_bak.php') || strpos($file, $real_cache) !== false || !is_readable($file))
  310. fatal_lang_error('error_bad_file', true, array(htmlspecialchars($file)));
  311. // get the min and max lines
  312. $min = $line - 20 <= 0 ? 1 : $line - 20;
  313. $max = $line + 21; // One additional line to make everything work out correctly
  314. if ($max <= 0 || $min >= $max)
  315. fatal_lang_error('error_bad_line');
  316. $file_data = explode('<br />', highlight_php_code(htmlspecialchars(implode('', file($file)))));
  317. // We don't want to slice off too many so lets make sure we stop at the last one
  318. $max = min($max, max(array_keys($file_data)));
  319. $file_data = array_slice($file_data, $min-1, $max - $min);
  320. $context['file_data'] = array(
  321. 'contents' => $file_data,
  322. 'min' => $min,
  323. 'target' => $line,
  324. 'file' => strtr($file, array('"' => '\\"')),
  325. );
  326. loadTemplate('Errors');
  327. $context['template_layers'] = array();
  328. $context['sub_template'] = 'show_file';
  329. }
  330. ?>