function ViewErrorLog() { global $scripturl, $txt, $context, $modSettings, $user_profile, $filter, $boarddir, $sourcedir, $themedir, $smcFunc; // Viewing contents of a file? if (isset($_GET['file'])) { return ViewFile(); } // Check for the administrative permission to do this. isAllowedTo('admin_forum'); // Templates, etc... loadLanguage('ManageMaintenance'); loadTemplate('Errors'); // You can filter by any of the following columns: $filters = array('id_member' => $txt['username'], 'ip' => $txt['ip_address'], 'session' => $txt['session'], 'url' => $txt['error_url'], 'message' => $txt['error_message'], 'error_type' => $txt['error_type'], 'file' => $txt['file'], 'line' => $txt['line']); // Set up the filtering... if (isset($_GET['value'], $_GET['filter']) && isset($filters[$_GET['filter']])) { $filter = array('variable' => $_GET['filter'], 'value' => array('sql' => in_array($_GET['filter'], array('message', 'url', 'file')) ? base64_decode(strtr($_GET['value'], array(' ' => '+'))) : $smcFunc['db_escape_wildcard_string']($_GET['value'])), 'href' => ';filter=' . $_GET['filter'] . ';value=' . $_GET['value'], 'entity' => $filters[$_GET['filter']]); } // Deleting, are we? if (isset($_POST['delall']) || isset($_POST['delete'])) { deleteErrors(); } // Just how many errors are there? $result = $smcFunc['db_query']('', ' SELECT COUNT(*) FROM {db_prefix}log_errors' . (isset($filter) ? ' WHERE ' . $filter['variable'] . ' LIKE {string:filter}' : ''), array('filter' => isset($filter) ? $filter['value']['sql'] : '')); list($num_errors) = $smcFunc['db_fetch_row']($result); $smcFunc['db_free_result']($result); // If this filter is empty... if ($num_errors == 0 && isset($filter)) { redirectexit('action=admin;area=logs;sa=errorlog' . (isset($_REQUEST['desc']) ? ';desc' : '')); } // Clean up start. if (!isset($_GET['start']) || $_GET['start'] < 0) { $_GET['start'] = 0; } // Do we want to reverse error listing? $context['sort_direction'] = isset($_REQUEST['desc']) ? 'down' : 'up'; // Set the page listing up. $context['page_index'] = constructPageIndex($scripturl . '?action=admin;area=logs;sa=errorlog' . ($context['sort_direction'] == 'down' ? ';desc' : '') . (isset($filter) ? $filter['href'] : ''), $_GET['start'], $num_errors, $modSettings['defaultMaxMessages']); $context['start'] = $_GET['start']; // Find and sort out the errors. $request = $smcFunc['db_query']('', ' SELECT id_error, id_member, ip, url, log_time, message, session, error_type, file, line FROM {db_prefix}log_errors' . (isset($filter) ? ' WHERE ' . $filter['variable'] . ' LIKE {string:filter}' : '') . ' ORDER BY id_error ' . ($context['sort_direction'] == 'down' ? 'DESC' : '') . ' LIMIT ' . $_GET['start'] . ', ' . $modSettings['defaultMaxMessages'], array('filter' => isset($filter) ? $filter['value']['sql'] : '')); $context['errors'] = array(); $members = array(); for ($i = 0; $row = $smcFunc['db_fetch_assoc']($request); $i++) { $search_message = preg_replace('~<span class="remove">(.+?)</span>~', '%', $smcFunc['db_escape_wildcard_string']($row['message'])); if ($search_message == $filter['value']['sql']) { $search_message = $smcFunc['db_escape_wildcard_string']($row['message']); } $show_message = strtr(strtr(preg_replace('~<span class="remove">(.+?)</span>~', '$1', $row['message']), array("\r" => '', '<br />' => "\n", '<' => '<', '>' => '>', '"' => '"')), array("\n" => '<br />')); $context['errors'][$row['id_error']] = array('alternate' => $i % 2 == 0, 'member' => array('id' => $row['id_member'], 'ip' => $row['ip'], 'session' => $row['session']), 'time' => timeformat($row['log_time']), 'timestamp' => $row['log_time'], 'url' => array('html' => htmlspecialchars((substr($row['url'], 0, 1) == '?' ? $scripturl : '') . $row['url']), 'href' => base64_encode($smcFunc['db_escape_wildcard_string']($row['url']))), 'message' => array('html' => $show_message, 'href' => base64_encode($search_message)), 'id' => $row['id_error'], 'error_type' => array('type' => $row['error_type'], 'name' => isset($txt['errortype_' . $row['error_type']]) ? $txt['errortype_' . $row['error_type']] : $row['error_type']), 'file' => array()); if (!empty($row['file']) && !empty($row['line'])) { // Eval'd files rarely point to the right location and cause havoc for linking, so don't link them. $linkfile = strpos($row['file'], 'eval') === false || strpos($row['file'], '?') === false; // De Morgan's Law. Want this true unless both are present. $context['errors'][$row['id_error']]['file'] = array('file' => $row['file'], 'line' => $row['line'], 'href' => $scripturl . '?action=admin;area=logs;sa=errorlog;file=' . base64_encode($row['file']) . ';line=' . $row['line'], 'link' => $linkfile ? '<a href="' . $scripturl . '?action=admin;area=logs;sa=errorlog;file=' . base64_encode($row['file']) . ';line=' . $row['line'] . '" onclick="return reqWin(this.href, 600, 400, false);">' . $row['file'] . '</a>' : $row['file'], 'search' => base64_encode($row['file'])); } // Make a list of members to load later. $members[$row['id_member']] = $row['id_member']; } $smcFunc['db_free_result']($request); // Load the member data. if (!empty($members)) { // Get some additional member info... $request = $smcFunc['db_query']('', ' SELECT id_member, member_name, real_name FROM {db_prefix}members WHERE id_member IN ({array_int:member_list}) LIMIT ' . count($members), array('member_list' => $members)); while ($row = $smcFunc['db_fetch_assoc']($request)) { $members[$row['id_member']] = $row; } $smcFunc['db_free_result']($request); // This is a guest... $members[0] = array('id_member' => 0, 'member_name' => '', 'real_name' => $txt['guest_title']); // Go through each error and tack the data on. foreach ($context['errors'] as $id => $dummy) { $memID = $context['errors'][$id]['member']['id']; $context['errors'][$id]['member']['username'] = $members[$memID]['member_name']; $context['errors'][$id]['member']['name'] = $members[$memID]['real_name']; $context['errors'][$id]['member']['href'] = empty($memID) ? '' : $scripturl . '?action=profile;u=' . $memID; $context['errors'][$id]['member']['link'] = empty($memID) ? $txt['guest_title'] : '<a href="' . $scripturl . '?action=profile;u=' . $memID . '">' . $context['errors'][$id]['member']['name'] . '</a>'; } } // Filtering anything? if (isset($filter)) { $context['filter'] =& $filter; // Set the filtering context. if ($filter['variable'] == 'id_member') { $id = $filter['value']['sql']; loadMemberData($id, false, 'minimal'); $context['filter']['value']['html'] = '<a href="' . $scripturl . '?action=profile;u=' . $id . '">' . $user_profile[$id]['real_name'] . '</a>'; } elseif ($filter['variable'] == 'url') { $context['filter']['value']['html'] = '\'' . strtr(htmlspecialchars((substr($filter['value']['sql'], 0, 1) == '?' ? $scripturl : '') . $filter['value']['sql']), array('\\_' => '_')) . '\''; } elseif ($filter['variable'] == 'message') { $context['filter']['value']['html'] = '\'' . strtr(htmlspecialchars($filter['value']['sql']), array("\n" => '<br />', '<br />' => '<br />', "\t" => ' ', '\\_' => '_', '\\%' => '%', '\\\\' => '\\')) . '\''; $context['filter']['value']['html'] = preg_replace('~&lt;span class=&quot;remove&quot;&gt;(.+?)&lt;/span&gt;~', '$1', $context['filter']['value']['html']); } elseif ($filter['variable'] == 'error_type') { $context['filter']['value']['html'] = '\'' . strtr(htmlspecialchars($filter['value']['sql']), array("\n" => '<br />', '<br />' => '<br />', "\t" => ' ', '\\_' => '_', '\\%' => '%', '\\\\' => '\\')) . '\''; } else { $context['filter']['value']['html'] =& $filter['value']['sql']; } } $context['error_types'] = array(); $context['error_types']['all'] = array('label' => $txt['errortype_all'], 'description' => isset($txt['errortype_all_desc']) ? $txt['errortype_all_desc'] : '', 'url' => $scripturl . '?action=admin;area=logs;sa=errorlog' . ($context['sort_direction'] == 'down' ? ';desc' : ''), 'is_selected' => empty($filter)); $sum = 0; // What type of errors do we have and how many do we have? $request = $smcFunc['db_query']('', ' SELECT error_type, COUNT(*) AS num_errors FROM {db_prefix}log_errors GROUP BY error_type ORDER BY error_type = {string:critical_type} DESC, error_type ASC', array('critical_type' => 'critical')); while ($row = $smcFunc['db_fetch_assoc']($request)) { // Total errors so far? $sum += $row['num_errors']; $context['error_types'][$sum] = array('label' => (isset($txt['errortype_' . $row['error_type']]) ? $txt['errortype_' . $row['error_type']] : $row['error_type']) . ' (' . $row['num_errors'] . ')', 'description' => isset($txt['errortype_' . $row['error_type'] . '_desc']) ? $txt['errortype_' . $row['error_type'] . '_desc'] : '', 'url' => $scripturl . '?action=admin;area=logs;sa=errorlog' . ($context['sort_direction'] == 'down' ? ';desc' : '') . ';filter=error_type;value=' . $row['error_type'], 'is_selected' => isset($filter) && $filter['value']['sql'] == $smcFunc['db_escape_wildcard_string']($row['error_type'])); } $smcFunc['db_free_result']($request); // Update the all errors tab with the total number of errors $context['error_types']['all']['label'] .= ' (' . $sum . ')'; // Finally, work out what is the last tab! if (isset($context['error_types'][$sum])) { $context['error_types'][$sum]['is_last'] = true; } else { $context['error_types']['all']['is_last'] = true; } // And this is pretty basic ;). $context['page_title'] = $txt['errlog']; $context['has_filter'] = isset($filter); $context['sub_template'] = 'error_log'; }
$filePath = ISC_BASE_PATH . '/' . GetConfig('ImageDirectory') . '/configured_products/' . $fileName; $fileType = $fieldFile['filetype']; ViewFile($filePath, $fileType, $fileName); } //if the field image path is not saved in the database yet, read from session, this is the cart page and order confirmation page. if (isset($_GET['prodfield']) && isset($_GET['cartitem'])) { if (!isset($_SESSION['CART']['ITEMS'][$_GET['cartitem']]['product_fields'][$_GET['prodfield']]['fileName'])) { header("HTTP/1.0 404 Not Found"); exit; } $file = $_SESSION['CART']['ITEMS'][$_GET['cartitem']]['product_fields'][$_GET['prodfield']]; $imagedir = ISC_BASE_PATH . '/' . GetConfig('ImageDirectory') . '/configured_products_tmp/'; $fileName = ltrim(basename(' ' . $file['fileName'])); $filePath = $imagedir . $fileName; $fileType = $file['fileType']; ViewFile($filePath, $fileType, $fileName); } function ViewFile($filePath = '', $fileType = '', $fileName = '') { if (!trim($filePath) || !trim($fileType) || !trim($fileName)) { header("HTTP/1.0 404 Not Found"); exit; } // check if it's valid mime type if (!preg_match('/^[a-z\\.\\/\\-\\_]*$/', $fileType)) { header("HTTP/1.0 404 Not Found"); exit; } header("Content-type: " . $fileType); header('Pragma: public'); header('Content-Length: ' . filesize($filePath));