function _getRecords_preview($schemaIn, $options) { global $CURRENT_USER, $schema; // these globals are used by the functions called below $schema = $schemaIn; // get productionRecord from database if 'num' was supplied $previewNum = intval(@$_REQUEST['preview:num']); list($productionRecords, ) = getRecords(array('tableName' => @$options['tableName'], 'where' => "num = {$previewNum}", 'ignoreHidden' => true, 'ignorePublishDate' => true, 'ignoreRemoveDate' => true, 'loadPseudoFields' => false, 'loadCreatedBy' => false, 'allowSearch' => false, 'loadUploads' => false)); $productionRecord = @$productionRecords[0]; // security: check access require_once SCRIPT_DIR . "/lib/admin_functions.php"; require_once SCRIPT_DIR . "/lib/user_functions.php"; require_once SCRIPT_DIR . "/lib/login_functions.php"; $CURRENT_USER = getCurrentUserFromCMS(); // v2.51 support preview even if website membership enabled with different accounts table and separate login global $hasEditorAccess; // needed by /lib/common.php _getRecordValuesFromFormInput $hasEditorAccess = userSectionAccess($options['tableName']) >= 9; $hasAuthorAccess = userSectionAccess($options['tableName']) >= 6; $userOwnsRecord = !$productionRecord || $CURRENT_USER['num'] == $productionRecord['createdByUserNum']; // user is creating record (no num) or is owner if (!$CURRENT_USER) { die(t("You must be logged in to use this feature!")); } if (!$hasAuthorAccess) { die(t("You don't have permissions to access this menu.")); } if (!$hasEditorAccess && !$userOwnsRecord) { die(sprintf(t("You don't have permission to access these records: %s"), $productionRecord['createdByUserNum'])); } // build up our record from form input $record = _getRecordValuesFromFormInput('preview:'); // if this is an existing record, load any fields not supplied by form input $record['num'] = $previewNum; if ($productionRecord) { $record = array_merge($productionRecord, $record); } else { $record = _addUndefinedDefaultsToNewRecord($record, getMySqlColsAndType(mysql_escape(getTableNameWithPrefix($options['tableName'])))); } // if there was no production record available, default some fields if (@$schema['updatedByUserNum']) { $record['updatedByUserNum'] = $CURRENT_USER['num']; } if (@$schema['updatedDate']) { $record['updatedDate'] = date('Y-m-d H:i:s'); } $filenameValue = getFilenameFieldValue($record, @$schema['_filenameFields']); $record['_filename'] = rtrim($filenameValue, '-'); if (@(!$schema['_detailPage'])) { $record['_link'] = "javascript:alert('Set Detail Page Url for this section in: Admin > Section Editors > Viewer Urls')"; } elseif (@$options['useSeoUrls']) { $record['_link'] = PREFIX_URL . @$schema['_detailPage'] . '/' . $filenameValue . $record['num'] . "/"; } else { $record['_link'] = PREFIX_URL . @$schema['_detailPage'] . '?' . $filenameValue . $record['num']; } $rows = array($record); // Add pseudo-fields if (@$options['loadPseudoFields']) { _getRecords_addPseudoFields($rows, $options, $schema); } // Add uploads if (@$options['loadUploads']) { // single record sections: don't use preSaveTempId so if no record has ever been created yet make sure 'num' is set to 1 _getRecords_addUploadFields($rows, $options, $schema, $_REQUEST['preview:preSaveTempId']); } // Add createdBy.fields to records if (@$options['loadCreatedBy'] && @$schema['createdByUserNum']) { _getRecords_joinTable($rows, $options, 'accounts'); } // Add joinTable fields if (@$options['joinTable']) { _getRecords_joinTable($rows, $options); } // get List Details $listDetails = array(); if ($options['loadListDetails']) { $listDetails = _getRecords_getListDetails($options, 1, 1, $schema); } return array($rows, $listDetails, $schema); }
function _errorlog_logErrorRecord($logType, $logData) { // limit errors logged per session (to prevent infinite loops from logging infinite errors) $maxErrorsPerPage = 25; $maxErrorsReached = false; static $totalErrorsLogged = 0; $totalErrorsLogged++; if ($totalErrorsLogged > $maxErrorsPerPage + 1) { return; } // ignore any errors after max error limit if ($totalErrorsLogged > $maxErrorsPerPage) { $maxErrorsReached = true; } // get summary of CMS user data $CMS_USER = getCurrentUserFromCMS(); $subsetFields = array(); foreach (array('num', 'username') as $field) { if (isset($CMS_USER[$field])) { $subsetFields[$field] = $CMS_USER[$field]; } } $subsetFields['_tableName'] = 'accounts'; $cms_user_summary = print_r($subsetFields, true); // get summary of WEB user data $WEB_USER = getCurrentUser(); $subsetFields = array(); foreach (array('num', 'username') as $field) { if (isset($WEB_USER[$field])) { $subsetFields[$field] = $WEB_USER[$field]; } } $subsetFields['_tableName'] = accountsTable(); $web_user_summary = print_r($subsetFields, true); // create error message if ($maxErrorsReached) { $errorMessage = t(sprintf("Max error limit reached! Only the first %s errors per page will be logged.", $maxErrorsPerPage)); } else { if (isset($logData['errno'])) { $errorName = _errorLog_erronoToConstantName($logData['errno']); } else { $errorName = 'UNKNOWN_ERROR'; } $errorMessage = "{$errorName}: " . (isset($logData['errstr']) ? $logData['errstr'] : ''); } // create $logDataSummary without $logDataSummary = $logData; if (array_key_exists('errcontext', $logData)) { $logDataSummary['errcontext'] = "*** in symbol table field above ***"; } // create log record data $colsToValues = array('dateLogged=' => 'NOW()', 'updatedDate=' => 'NOW()', 'updatedByuserNum' => '0', 'error' => $errorMessage, 'url' => thisPageUrl(), 'filepath' => isset($logData['errfile']) ? $logData['errfile'] : '', 'line_num' => isset($logData['errline']) ? $logData['errline'] : '', 'user_cms' => isset($CMS_USER['num']) ? $cms_user_summary : '', 'user_web' => isset($WEB_USER['num']) ? $web_user_summary : '', 'http_user_agent' => isset($_SERVER['HTTP_USER_AGENT']) ? $_SERVER['HTTP_USER_AGENT'] : '', 'remote_addr' => isset($_SERVER['REMOTE_ADDR']) ? $_SERVER['REMOTE_ADDR'] : '', 'request_vars' => print_r($_REQUEST, true), 'get_vars' => print_r($_GET, true), 'post_vars' => print_r($_POST, true), 'cookie_vars' => print_r($_COOKIE, true), 'session_vars' => isset($_SESSION) ? print_r($_SESSION, true) : '', 'server_vars' => print_r($_SERVER, true), 'symbol_table' => isset($logData['errcontext']) ? print_r($logData['errcontext'], true) : '', 'raw_log_data' => print_r($logDataSummary, true), 'email_sent' => 0); // insert record $newRecordNum = mysql_insert('_error_log', utf8_force($colsToValues, true)); // remove old log records $maxRecords = 900; $buffer = 100; // only erase records when we're this many over (to avoid erasing records every time) if (mysql_count('_error_log') > $maxRecords + $buffer) { $oldestRecordToSave_query = "SELECT * FROM `{$GLOBALS['TABLE_PREFIX']}_error_log` ORDER BY `num` DESC LIMIT 1 OFFSET " . ($maxRecords - 1); $oldestRecordToSave = mysql_get_query($oldestRecordToSave_query); if (!empty($oldestRecordToSave['num'])) { mysql_delete('_error_log', null, "num < {$oldestRecordToSave['num']}"); } } // send email update if ($GLOBALS['SETTINGS']['advanced']['phpEmailErrors']) { register_shutdown_function('_errorlog_sendEmailAlert'); } }
// cron.php - command line script script to run scheduled background tasks // Ask your web admin to have this script to run every minute using a cronjob or scheduled task // If you server or host doesn't scripts running as frequently as one minute apart, run it as frequently as they support (eg: every 5 minutes) // Example command line: php -q /path/to/cron.php // For basic example plugin see: /plugins/cron-example.php // load viewer library chdir(dirname(__FILE__)); // change dir to the directory the script is in (so relative paths below work). require_once 'lib/init.php'; // send headers (for running through web) if (!inCLI()) { header("Content-type: text/plain"); header("Content-Disposition: inline; filename='output.txt'"); // Force IE to display as text and not download file $CMS_USER = getCurrentUserFromCMS(); // security check for web access - don't show cron filepaths unless logged in if (!@$CMS_USER['isAdmin']) { die(t("You must be logged in as Admin to run this script from the web!")); } // security check for web access - don't show cron filepaths unless logged in ob_disable(); // Turn off browser buffering ignore_user_abort(true); // continue running even if user clicks stop on their browser session_write_close(); // v2.51 - End the current session and store session data so locked session data doesn't prevent concurrent access to CMS by user while backup in progress } // ignore PHP's max_execution_time directive set_time_limit(0); // Show cronjob instructions and web warning