janis/ma
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Update export_log.php

Browse Source
This commit is contained in:
jakani24
2024-03-09 15:29:51 +01:00
parent 433a445109
commit e279e92e1a
1 changed files with 91 additions and 218 deletions
Download Patch File Download Diff File Expand all files Collapse all files

295
src/server/cyberhex-code/system/secure_zone/php/export_log.php
View File

@@ -11,238 +11,111 @@ if (!isset($_SESSION['username']) or !isset($_SESSION["login"])) {
$username = $_SESSION['username']; $username = $_SESSION['username'];
$perms = $_SESSION["perms"]; $perms = $_SESSION["perms"];
$email = $_SESSION["email"]; $email = $_SESSION["email"];
if($perms[2]!=="1"){ if ($perms[2] !== "1") {
header("location:/system/insecure_zone/php/no_access.php"); header("location:/system/insecure_zone/php/no_access.php");
$block=1; $block = 1;
exit(); exit();
}else{ } else {
$block=0; $block = 0;
} }
?> ?>
<!DOCTYPE html> <!DOCTYPE html>
<html lang="en"> <html lang="en">
<head> <head>
<meta name="viewport" content="width=device-width, initial-scale=1"> <meta name="viewport" content="width=device-width, initial-scale=1">
<link href="https://cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/css/bootstrap.min.css" rel="stylesheet" integrity="sha384-EVSTQN3/azprG1Anm3QDgpJLIm9Nao0Yz1ztcQTwFspd3yD65VohhpuuCOmLASjC" crossorigin="anonymous"> <link href="https://cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/css/bootstrap.min.css" rel="stylesheet"
<script src="https://cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/js/bootstrap.bundle.min.js" integrity="sha384-MrcW6ZMFYlzcLA8Nl+NtUVF0sA7MsXsP1UyJoMp4YLEuNSfAP+JcXn/tWtIaxVXM" crossorigin="anonymous"></script> integrity="sha384-EVSTQN3/azprG1Anm3QDgpJLIm9Nao0Yz1ztcQTwFspd3yD65VohhpuuCOmLASjC" crossorigin="anonymous">
<title>Change Password</title> <script src="https://cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/js/bootstrap.bundle.min.js"
integrity="sha384-MrcW6ZMFYlzcLA8Nl+NtUVF0sA7MsXsP1UyJoMp4YLEuNSfAP+JcXn/tWtIaxVXM" crossorigin="anonymous">
</script>
<title>Export Log</title>
</head> </head>
<body> <body>
<div class="container mt-5"> <div class="container mt-5">
<div class="row justify-content-center"> <div class="row justify-content-center">
<div class="col-md-12"> <div class="col-md-12">
<div class="card"> <div class="card">
<div class="card-header"> <div class="card-header">
<h4>Export log</h4> <h4>Export Log</h4>
</div> </div>
<div class="card-body" style="overflow-x:auto"> <div class="card-body" style="overflow-x:auto">
<p>You can use filters before you export the log. The filter preview is below.</p> <p>You can use filters before you export the log. The filter preview is below.</p>
<a href="export_log.php?export=true">Export log</a> <a href="export_log.php?export=true">Export log</a>
<!-- table with all users => delete button --> <!-- table with all users => delete button -->
<?php <?php
//include db pw //include db pw
include "../../../config.php"; include "../../../config.php";
//delete entry if requested and if user has rights to do that //delete entry if requested and if user has rights to do that
if(isset($_GET["export"])){ if (isset($_GET["export"])) {
$conn = new mysqli($DB_SERVERNAME, $DB_USERNAME, $DB_PASSWORD, $DB_DATABASE); $conn = new mysqli($DB_SERVERNAME, $DB_USERNAME, $DB_PASSWORD, $DB_DATABASE);
if ($conn->connect_error) { if ($conn->connect_error) {
die("Connection failed: " . $conn->connect_error); die("Connection failed: " . $conn->connect_error);
} }
//list out the log entrys and add them to a .csv file.
//get num of entrys
$sql = "SELECT count(*) AS log_count FROM log";
$stmt = $conn->prepare($sql);
// Execute the statement
$stmt->execute();
// Get the result
$result = $stmt->get_result();
$row = $result->fetch_assoc();
$num_of_log_entrys=$row["log_count"];
$stmt->close();
$conn->close();
//now we got the ammount of netrys, write them to file
$conn = new mysqli($DB_SERVERNAME, $DB_USERNAME, $DB_PASSWORD, $DB_DATABASE);
if ($conn->connect_error) {
die("Connection failed: " . $conn->connect_error);
}
$last_id=-1;
$export_file = fopen("/var/www/html/export/cyberhex_log_export.csv", 'w');
if($export_file===null){
echo '<br><div class="alert alert-danger" role="alert">
Error creating export file.
</div>';
}else{
fwrite($export_file,"id;loglevel;logtext;machine_id;time\r\n");
while($num_of_log_entrys!=0){
$sql = "SELECT * FROM log where id > $last_id";
$stmt = $conn->prepare($sql);
// Execute the statement
$stmt->execute();
// Get the result
$result = $stmt->get_result();
$row = $result->fetch_assoc();
$last_id=$row["id"];
$loglevel=$row["loglevel"];
$logtext=$row["logtext"];
$machine_id=$row["machine_id"];
$time=$row["time"];
$show=true;
//evaluate filter, decide if entry should be shown or not
if(isset($_GET["loglevel"]) && $_GET["loglevel"]!==""){
if(stripos($loglevel,$_GET["loglevel"])===false){
$show=false;
}
}if(isset($_GET["logtext"]) && $_GET["logtext"]!==""){
if(stripos($logtext,$_GET["logtext"])===false){
$show=false;
}
}if(isset($_GET["machine_id"]) && $_GET["machine_id"]!==""){
if(stripos($machine_id,$_GET["machine_id"])===false){
$show=false;
}
}if(isset($_GET["time"]) && $_GET["time"]!==""){
if(stripos($time,$_GET["time"])===false){
$show=false;
}
}
if($show==true){
fwrite($export_file,$last_id.";");
fwrite($export_file,$loglevel.";");
fwrite($export_file,$logtext.";");
fwrite($export_file,$machine_id.";");
fwrite($export_file,$time."\r\n");
}
$stmt->close();
$num_of_log_entrys--;
}
$conn->close();
fclose($export_file);
echo '<br><div class="alert alert-success" role="alert">
Export file created <a href="/export/cyberhex_log_export.csv" download>Download</a>
</div>';
}
}
//get count of log entrys $export_file_path = "/var/www/html/export/cyberhex_log_export.csv";
// Create a connection
$conn = new mysqli($DB_SERVERNAME, $DB_USERNAME, $DB_PASSWORD, $DB_DATABASE);
// Check the connection $filter_query = "";
if ($conn->connect_error) { // Apply filters if present
die("Connection failed: " . $conn->connect_error); if (isset($_GET["loglevel"])) {
} $filter_query .= "&loglevel=" . urlencode($_GET["loglevel"]);
$sql = "SELECT count(*) AS log_count FROM log"; }
$stmt = $conn->prepare($sql); if (isset($_GET["logtext"])) {
// Execute the statement $filter_query .= "&logtext=" . urlencode($_GET["logtext"]);
$stmt->execute(); }
// Get the result if (isset($_GET["machine_id"])) {
$result = $stmt->get_result(); $filter_query .= "&machine_id=" . urlencode($_GET["machine_id"]);
$row = $result->fetch_assoc(); }
$num_of_log_entrys=$row["log_count"]; if (isset($_GET["time"])) {
$stmt->close(); $filter_query .= "&time=" . urlencode($_GET["time"]);
$conn->close(); }
//list out log => id, loglevel, logtext, machine_id $export_file = fopen($export_file_path, 'w');
// Create a connection if ($export_file === false) {
$conn = new mysqli($DB_SERVERNAME, $DB_USERNAME, $DB_PASSWORD, $DB_DATABASE); echo '<br><div class="alert alert-danger" role="alert">
Error creating export file.
</div>';
} else {
fwrite($export_file, "id;loglevel;logtext;machine_id;time\r\n");
// Check the connection $sql = "SELECT * FROM log";
if ($conn->connect_error) {
die("Connection failed: " . $conn->connect_error);
}
$last_id=-1;
//create the table header
echo('<table class="table" style="overflow-x:auto">');
echo('<thead>');
echo('<tr>');
echo('<th>Entry id</th><th>Loglevel</th><th>Logtext</th><th>Machine id</th><th>Time & date</th>');
echo('</tr>');
echo('</thead>');
echo('<tbody>');
//filter options => if user allready applied filter we preview it in the form // Apply filters if present
if(isset($_GET["loglevel"])) if (!empty($filter_query)) {
$loglevel_ss=$_GET["loglevel"]; //put the loglevel search string to that and afterwards show it in the filter optionss. so a user sees what he has filtered for $sql .= " WHERE 1=1";
else parse_str(substr($filter_query, 1), $filter_array);
$loglevel_ss="Loglevel"; foreach ($filter_array as $key => $value) {
$sql .= " AND $key LIKE '%" . $conn->real_escape_string($value) . "%'";
}
}
if(isset($_GET["logtext"])) $result = $conn->query($sql);
$logtext_ss=$_GET["logtext"];
else
$logtext_ss="Logtext";
if(isset($_GET["machine_id"])) if ($result->num_rows > 0) {
$machine_id_ss=$_GET["machine_id"]; while ($row = $result->fetch_assoc()) {
else fwrite($export_file, "{$row['id']};{$row['loglevel']};{$row['logtext']};{$row['machine_id']};{$row['time']}\r\n");
$machine_id_ss="Machine id"; }
}
if(isset($_GET["time"])) fclose($export_file);
$time_ss=$_GET["time"]; echo '<br><div class="alert alert-success" role="alert">
else Export file created <a href="' . $export_file_path . '" download>Download</a>
$time_ss="Date & time"; </div>';
echo('<tr>'); }
echo('<form action="export_log.php" method="get">');
echo('<td><button type="submit" class="btn btn-primary btn-block">Filter</button></td>');
echo('<td><input type="text" class="form-control" name="loglevel" placeholder="'.$loglevel_ss.'"></td>');
echo('<td><input type="text" class="form-control" name="logtext" placeholder="'.$logtext_ss.'"></td>');
echo('<td><input type="text" class="form-control" name="machine_id" placeholder="'.$machine_id_ss.'"></td>');
echo('<td><input type="text" class="form-control" name="time" placeholder="'.$time_ss.'"></td>');
echo('</form>');
echo('</tr>');
while($num_of_log_entrys!=0){ $conn->close();
$sql = "SELECT * FROM log where id > $last_id"; }
$stmt = $conn->prepare($sql);
// Execute the statement // Display log entries with filters
$stmt->execute(); include "view_log.php";
// Get the result ?>
$result = $stmt->get_result(); </div>
$row = $result->fetch_assoc();
$last_id=$row["id"];
$loglevel=$row["loglevel"];
$logtext=$row["logtext"];
$machine_id=$row["machine_id"];
$time=$row["time"];
$show=true;
//evaluate filter, decide if entry should be shown or not
if(isset($_GET["loglevel"]) && $_GET["loglevel"]!==""){
if(stripos($loglevel,$_GET["loglevel"])===false){
$show=false;
}
}if(isset($_GET["logtext"]) && $_GET["logtext"]!==""){
if(stripos($logtext,$_GET["logtext"])===false){
$show=false;
}
}if(isset($_GET["machine_id"]) && $_GET["machine_id"]!==""){
if(stripos($machine_id,$_GET["machine_id"])===false){
$show=false;
}
}if(isset($_GET["time"]) && $_GET["time"]!==""){
if(stripos($time,$_GET["time"])===false){
$show=false;
}
}
if($show==true){
echo('<tr>');
echo('<td>'.$last_id.'</td>');
echo('<td>'.$loglevel.'</td>');
echo('<td>'.$logtext.'</td>');
echo('<td>'.$machine_id.'</td>');
echo('<td>'.$time.'</td>');
echo('</tr>');
}
$stmt->close();
$num_of_log_entrys--;
}
echo('</tbody>');
echo('</table>');
$conn->close();
?>
</div> </div>
</div> </div>
</div> </div>
</div> </div>
</div>
</body> </body>
</html> </html>