diff options
Diffstat (limited to 'modules-available/syslog/page.inc.php')
-rw-r--r-- | modules-available/syslog/page.inc.php | 84 |
1 files changed, 49 insertions, 35 deletions
diff --git a/modules-available/syslog/page.inc.php b/modules-available/syslog/page.inc.php index 6c1a0a16..401d9dd8 100644 --- a/modules-available/syslog/page.inc.php +++ b/modules-available/syslog/page.inc.php @@ -25,6 +25,20 @@ class Page_SysLog extends Page } Util::redirect('?do=syslog'); } + if (Request::isPost()) { + $pairs = []; + foreach (['search', 'filter', 'not', 'machineuuid'] as $key) { + $val = Request::any($key, false, 'string'); + if (!empty($val)) { + if ($key === 'not') { + $val = (bool)$val; + } + $pairs[$key] = $val; + } + Session::set('log_' . $key, $pairs[$key] ?? false, false); + } + Util::redirect('?do=syslog&' . http_build_query($pairs)); + } User::assertPermission('*'); } @@ -40,64 +54,63 @@ class Page_SysLog extends Page } $cutoff = strtotime('-1 month'); - $res = Database::simpleQuery("SELECT logtypeid, Count(*) AS counter FROM clientlog WHERE dateline > $cutoff GROUP BY logtypeid ORDER BY counter ASC"); + $res = Database::simpleQuery("SELECT logtypeid, Count(*) AS counter + FROM clientlog + WHERE dateline > $cutoff + GROUP BY logtypeid ORDER BY counter ASC"); $types = array(); - while ($row = $res->fetch(PDO::FETCH_ASSOC)) { + foreach ($res as $row) { $types[$row['logtypeid']] = $row; } - if (Request::get('filter') !== false) { + if (Request::get('filter') !== false || Request::get('search') !== false) { + $search = Request::get('search'); $filter = Request::get('filter'); - $not = Request::get('not') ? 'NOT' : ''; - } elseif (Request::post('filter') !== false) { - $filter = Request::post('filter'); - $not = Request::post('not') ? 'NOT' : ''; - - Session::set('log_filter', $filter); - Session::set('log_not', $not); - Session::save(); + $not = Request::get('not', false, 'bool'); } else { + $search = Session::get('log_search'); $filter = Session::get('log_filter'); - $not = Session::get('log_not') ? 'NOT' : ''; + $not = (bool)Session::get('log_not'); } + $qArgs = []; + $whereClause = '1'; if (!empty($filter)) { - $filterList = explode(',', $filter); - $whereClause = array(); + $whereClause .= ' AND ( '; + if ($not) { + $whereClause .= 'NOT '; + } + $filterList = array_unique(explode(',', $filter)); foreach ($filterList as $filterItem) { - $filterItem = preg_replace('/[^a-z0-9_\-]/', '', trim($filterItem)); - if (empty($filterItem) || in_array($filterItem, $whereClause)) continue; - $whereClause[] = "'$filterItem'"; if (!isset($types[$filterItem])) { $types[$filterItem] = ['logtypeid' => $filterItem, 'counter' => '']; } } - if (!empty($whereClause)) $whereClause = ' WHERE logtypeid ' . $not . ' IN (' . implode(', ', $whereClause) . ')'; + $whereClause .= "logtypeid IN (:typeids) )"; + $qArgs['typeids'] = $filterList; + } + if (!empty($search)) { + $qArgs['search'] = '%' . str_replace(array('=', '_', '%', '*', '?'), array('==', '=_', '=%', '%', '_'), $search) . '%'; + $whereClause .= " AND description LIKE :search ESCAPE '='"; } - if (!isset($whereClause) || empty($whereClause)) $whereClause = ''; if (Request::get('machineuuid')) { - if (empty($whereClause)) - $whereClause .= ' WHERE '; - else - $whereClause .= ' AND '; - - $whereClause .= "machineuuid='" . preg_replace('/[^0-9a-zA-Z\-]/', '', Request::get('machineuuid', '', 'string')) . "'"; + $whereClause .= " AND machineuuid = :uuid"; + $qArgs['uuid'] = Request::get('machineuuid', '', 'string'); } $allowedLocations = User::getAllowedLocations("view"); $joinClause = ""; if (!in_array(0, $allowedLocations)) { $joinClause = "INNER JOIN machine USING (machineuuid)"; - if (empty($whereClause)) - $whereClause .= ' WHERE '; - else - $whereClause .= ' AND '; - - $whereClause .= 'locationid IN (:allowedLocations)'; + $whereClause .= ' AND locationid IN (:allowedLocations)'; + $qArgs['allowedLocations'] = $allowedLocations; } $lines = array(); - $paginate = new Paginate("SELECT logid, dateline, logtypeid, clientlog.clientip, clientlog.machineuuid, description, extra FROM clientlog $joinClause $whereClause ORDER BY logid DESC", 50); - $res = $paginate->exec(array("allowedLocations" => $allowedLocations)); - while ($row = $res->fetch(PDO::FETCH_ASSOC)) { + $paginate = new Paginate("SELECT logid, dateline, logtypeid, clientlog.clientip, clientlog.machineuuid, description, extra + FROM clientlog $joinClause + WHERE $whereClause + ORDER BY logid DESC", 50); + $res = $paginate->exec($qArgs); + foreach ($res as $row) { $row['date'] = Util::prettyTime($row['dateline']); $row['icon'] = $this->eventToIconName($row['logtypeid']); $lines[] = $row; @@ -105,6 +118,7 @@ class Page_SysLog extends Page $paginate->render('page-syslog', array( 'filter' => $filter, + 'search' => $search, 'not' => $not, 'list' => $lines, 'types' => json_encode(array_values($types)), @@ -112,7 +126,7 @@ class Page_SysLog extends Page )); } - private function eventToIconName($event) + private function eventToIconName(string $event): string { switch ($event) { case 'session-open': |