-
Notifications
You must be signed in to change notification settings - Fork 4
/
Copy pathlogs.php
184 lines (156 loc) · 5.2 KB
/
logs.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
<?php
//go_functions.php gives us access to the isSuperAdmin function
require_once "go_functions.php";
//go.php handles the session and xss check for admin
//pages and pages where a session is necessary
require_once "go.php";
//header.php looks pretty
require_once "header.php";
require_once "admin_nav.php";
?>
<div class="content">
<div id="response"></div>
<?php
//Create a table of codes so we know which
//ones have been flagged and how many times
try {
//Keep non-superadmins out of this page
if (!isSuperAdmin()) {
die("You do not have permission to view this page");
}
$urlSearchQuery = "";
$search_code = '';
if (!empty($_GET['code'])) {
$search_code = strip_tags(str_replace(["'", '"'], '', $_GET['code']));
$urlSearchQuery .= '&code='.$search_code;
}
$search_user = '';
if (!empty($_GET['user'])) {
$search_user = strip_tags(str_replace(["'", '"'], '', $_GET['user']));
$urlSearchQuery .= '&user='.$search_user;
}
$search_sort = 'DESC';
if (!empty($_GET['sort'])) {
if ($_GET['sort'] == 'ASC') {
$search_sort = 'ASC';
}
$urlSearchQuery .= '&sort='.$search_sort;
}
$search_per_page = 50;
if (!empty($_GET['pp'])) {
$search_per_page = max(50, intval($_GET['pp']));
$urlSearchQuery .= '&pp='.$search_per_page;
}
//We want to know the code, the number of times flagged
//the destination, any aliases, and any comments
$where = "";
$queryArgs = [];
if (!empty($search_code)) {
$where .= " AND (code LIKE :code_like OR alias LIKE :alias_like)";
$queryArgs[':code_like'] = str_replace('*', '%', $search_code);
$queryArgs[':alias_like'] = str_replace('*', '%', $search_code);
}
if (!empty($search_user)) {
$where .= " AND user_display_name LIKE :user_like";
$queryArgs[':user_like'] = str_replace('*', '%', $search_user);
}
$select = $connection->prepare("
SELECT
COUNT(*)
FROM
log
WHERE TRUE $where
;");
$select->execute($queryArgs);
$total = intval($select->fetchColumn());
$select->closeCursor();
$page = 1;
if (!empty($_GET['page'])) {
$page = max(1, intval($_GET['page']));
}
$pageSize = $search_per_page;
$offset = intval(($page - 1) * $pageSize);
$totalPages = ceil($total/$pageSize);
//We want to know the code, the number of times flagged
//the destination, any aliases, and any comments
$select2 = $connection->prepare("
SELECT
*
FROM
log
WHERE TRUE $where
ORDER BY
id $search_sort
LIMIT $offset, $pageSize
;");
$select2->execute($queryArgs);
ob_start();
?>
<p class="pagination"><?php
print "<a href='logs.php?". $urlSearchQuery ."'>«</a> ";
$start = max(1, $page - 10);
for ($i = $start; $i < $page; $i++) {
print "<a href='logs.php?page=".$i."&". $urlSearchQuery ."'>".$i."</a> ";
}
print $page." ";
$end = min($totalPages, $page + 10);
for ($i = $page + 1; $i <= $end; $i++) {
print "<a href='logs.php?page=".$i."&". $urlSearchQuery ."'>".$i."</a> ";
}
$last = $totalPages;
print "<a href='logs.php?page=".$last."&". $urlSearchQuery ."'>»</a> ";
?></p>
<?php
$pagination = ob_get_clean();
?>
<h1>GO Logs</h1>
<form action="logs.php" method="get">
<strong>Search by... </strong>
<label>Code/Alias: <input type="text" name="code" value="<?php print $search_code; ?>"></label>
<label>Username: <input type="text" name="user" value="<?php print $search_user; ?>"></label>
<select name="sort">
<option value="DESC"<?php print (($search_sort == 'DESC')?' selected="selected"':''); ?>>Newest First</option>
<option value="ASC"<?php print (($search_sort == 'ASC')?' selected="selected"':''); ?>>Oldest First</option>
</select>
<select name="pp">
<option value="50"<?php print (($search_per_page == 50)?' selected="selected"':''); ?>>50 per page</option>
<option value="100"<?php print (($search_per_page == 100)?' selected="selected"':''); ?>>100 per page</option>
<option value="200"<?php print (($search_per_page == 200)?' selected="selected"':''); ?>>200 per page</option>
<option value="500"<?php print (($search_per_page == 500)?' selected="selected"':''); ?>>500 per page</option>
<option value="1000"<?php print (($search_per_page == 1000)?' selected="selected"':''); ?>>1000 per page</option>
<option value="10000"<?php print (($search_per_page == 10000)?' selected="selected"':''); ?>>10,000 per page</option>
</select>
<input type="submit" value="Search">
<br><em>Use asterisks (*) as wild cards in search.</em>
</form>
<?php print $pagination; ?>
<table class="logs_table">
<tr>
<th>Date</th>
<th>Domain</th>
<th>Code</th>
<th>Alias</th>
<th>User</th>
<th>Description</th>
</tr><?php
//Make each row
foreach ($select2->fetchAll() as $row) {?>
<tr>
<td><?php print $row['tstamp']; ?></td>
<td><?php print $row['institution']; ?></td>
<!-- the code -->
<td><?php print"<a href='info.php?code=".$row['code']."'>".$row['code']."</a>";?></td>
<td><?php print $row['alias']; ?></td>
<!-- the # of flags -->
<td><?php print $row['user_display_name']; ?></td>
<td><?php print $row['description'];?></td>
</tr>
<?php } /*end foreach ($select->fetchAll() as $row) { */ ?>
</table>
<?php print $pagination; ?>
<?php //now catch any exceptions
} catch (Throwable $e) {
var_dump($e);
throw $e;
}
require_once "footer.php";