'web_js')); $string = $_POST['message']; $file = !empty($_POST['file']) ? preg_replace('/\w+:\/\/[\w.:]+\//', '', $_POST['file']) : ''; if ( !empty($_POST['line']) ) { $line = validInt($_POST['line']); } else { $line = NULL; } $levels = array_flip(ZM\Logger::$codes); if ( !isset($levels[$_POST['level']]) ) { ZM\Panic('Unexpected logger level '.$_POST['level']); } $level = $levels[$_POST['level']]; ZM\Logger::fetch()->logPrint($level, $string, $file, $line); } else { ZM\Error('Invalid log create: '.print_r($_POST, true)); } } function queryRequest() { // Offset specifies the starting row to return, used for pagination $offset = 0; if ( isset($_REQUEST['offset']) ) { if ( ( !is_int($_REQUEST['offset']) and !ctype_digit($_REQUEST['offset']) ) ) { ZM\Error('Invalid value for offset: ' . $_REQUEST['offset']); } else { $offset = $_REQUEST['offset']; } } // Limit specifies the number of rows to return $limit = 100; if ( isset($_REQUEST['limit']) ) { if ( ( !is_int($_REQUEST['limit']) and !ctype_digit($_REQUEST['limit']) ) ) { ZM\Error('Invalid value for limit: ' . $_REQUEST['limit']); } else { $limit = $_REQUEST['limit']; } } // The table we want our data from $table = 'Logs'; // The names of the dB columns in the log table we are interested in $columns = array('TimeKey', 'Component', 'ServerId', 'Pid', 'Code', 'Message', 'File', 'Line'); // The names of columns shown in the log view that are NOT dB columns in the database $col_alt = array('DateTime', 'Server'); $sort = 'TimeKey'; if ( isset($_REQUEST['sort']) ) { $sort = $_REQUEST['sort']; if ( $sort == 'DateTime' ) $sort = 'TimeKey'; } if ( !in_array($sort, array_merge($columns, $col_alt)) ) { ZM\Error('Invalid sort field: ' . $sort); return; } // Order specifies the sort direction, either asc or desc $order = (isset($_REQUEST['order']) and (strtolower($_REQUEST['order']) == 'asc')) ? 'ASC' : 'DESC'; $col_str = implode(', ', $columns); $data = array(); $query = array(); $query['values'] = array(); $likes = array(); $where = ''; // There are two search bars in the log view, normal and advanced // Making an exuctive decision to ignore the normal search, when advanced search is in use // Alternatively we could try to do both // // Advanced search contains an array of "column name" => "search text" pairs // Bootstrap table sends json_ecoded array, which we must decode $advsearch = isset($_REQUEST['filter']) ? json_decode($_REQUEST['filter'], JSON_OBJECT_AS_ARRAY) : array(); // Search contains a user entered string to search on $search = isset($_REQUEST['search']) ? $_REQUEST['search'] : ''; if ( count($advsearch) ) { foreach ( $advsearch as $col=>$text ) { if ( !in_array($col, array_merge($columns, $col_alt)) ) { ZM\Error("'$col' is not a searchable column name"); continue; } // Don't use wildcards on advanced search //$text = '%' .$text. '%'; array_push($likes, $col.' LIKE ?'); array_push($query['values'], $text); } $wherevalues = $query['values']; $where = ' WHERE (' .implode(' OR ', $likes). ')'; } else if ( $search != '' ) { $search = '%' .$search. '%'; foreach ( $columns as $col ) { array_push($likes, $col.' LIKE ?'); array_push($query['values'], $search); } $wherevalues = $query['values']; $where = ' WHERE (' .implode(' OR ', $likes). ')'; } $query['sql'] = 'SELECT ' .$col_str. ' FROM `' .$table. '` ' .$where. ' ORDER BY ' .$sort. ' ' .$order. ' LIMIT ?, ?'; array_push($query['values'], $offset, $limit); $data['totalNotFiltered'] = dbFetchOne('SELECT count(*) AS Total FROM ' .$table, 'Total'); if ( $search != '' || count($advsearch) ) { $data['total'] = dbFetchOne('SELECT count(*) AS Total FROM ' .$table.$where , 'Total', $wherevalues); } else { $data['total'] = $data['totalNotFiltered']; } $rows = array(); $results = dbFetchAll($query['sql'], NULL, $query['values']); if ( !$results ) { return $data; } foreach ( $results as $row ) { $row['DateTime'] = strftime('%Y-%m-%d %H:%M:%S', intval($row['TimeKey'])); $Server = new ZM\Server($row['ServerId']); $row['Server'] = $Server->Name(); // First strip out any html tags // Second strip out all characters that are not ASCII 32-126 (yes, 126) $row['Message'] = preg_replace('/[^\x20-\x7E]/', '', strip_tags($row['Message'])); $rows[] = $row; } $data['rows'] = $rows; $data['logstate'] = logState(); $data['updated'] = preg_match('/%/', DATE_FMT_CONSOLE_LONG) ? strftime(DATE_FMT_CONSOLE_LONG) : date(DATE_FMT_CONSOLE_LONG); return $data; }