[phpBB Debug] PHP Warning: in file [ROOT]/includes/crs/crs_misc_functions.php on line 37: mime_content_type(): Empty filename or path
[phpBB Debug] PHP Warning: in file [ROOT]/includes/crs/crs_misc_functions.php on line 37: mime_content_type(): Empty filename or path
Zen Cart 源代码 admin_activity.php

Zen Cart 源代码 admin_activity.php




下载文件

文件名: admin_activity.php
文件类型: PHP文件
文件大小: 16.65 KiB
MD5: fdc68d271e08da08f187462025f63f0d

admin_activity.php - 关闭高亮
  1. <?php
  2. /**
  3.  * Admin Activity Log Viewer/Archiver
  4.  *
  5.  * @package admin
  6.  * @copyright Copyright 2003-2012 Zen Cart Development Team
  7.  * @copyright Portions Copyright 2003 osCommerce
  8.  * @license http://www.zen-cart.com/license/2_0.txt GNU Public License V2.0
  9.  * @version GIT: $Id: Author: DrByte  Tue Aug 28 16:03:47 2012 -0400 Modified in v1.5.1 $
  10.  *
  11.  * @TODO: prettify so on-screen output is more friendly, perhaps adding pagination support etc (using existing "s" and "p" params)
  12.  * @TODO: prettify by hiding postdata until requested, either with hidden layers or other means
  13.  * @TODO: Consider streaming to file line-by-line as an alternate output method in case of RAM blowout with large data quantities or low RAM config on servers.
  14.  */
  15. require ('includes/application_top.php');
  16.  
  17.  
  18. // change destination here for path when using "save to file on server"
  19. if (! defined('DIR_FS_ADMIN_ACTIVITY_EXPORT')) define('DIR_FS_ADMIN_ACTIVITY_EXPORT', DIR_FS_ADMIN . 'backups/');
  20.  
  21. $action = (isset($_GET['action']) ? $_GET['action'] : '');
  22. $start = (isset($_GET['s']) ? (int)$_GET['s'] : 0);
  23. $perpage = (isset($_GET['p']) ? (int)$_GET['p'] : 50);
  24. $available_export_formats[0] = array('id' => '0' , 'text' => 'Export as HTML (ideal for on-screen viewing)', 'format' => 'HTML'); // review on screen
  25. $available_export_formats[1] = array('id' => '1' , 'text' => 'Export to CSV (ideal for importing to spreadsheets)', 'format' => 'CSV'); // export to CSV
  26. //  $available_export_formats[2]=array('id' => '2', 'text' => 'Export to TXT', 'format' => 'TXT');
  27. //  $available_export_formats[3]=array('id' => '3', 'text' => 'Export to XML', 'format' => 'XML');
  28. $save_to_file_checked = (isset($_POST['savetofile']) && zen_not_null($_POST['savetofile']) ? $_POST['savetofile'] : 0);
  29. $post_format = (isset($_POST['format']) && zen_not_null($_POST['format']) ? $_POST['format'] : 1);
  30. $format = $available_export_formats[$post_format]['format'];
  31. $file = (isset($_POST['filename']) ? preg_replace('/[^\w\.-]/', '', $_POST['filename']) : 'admin_activity_archive_' . date('Y-m-d_H-i-s') . '.csv');
  32.  
  33. zen_set_time_limit(600);
  34.  
  35. if ($action != '')
  36. {
  37.   $NL = "\n";
  38.   $limit = '';
  39.   if ($perpage > 0 || $start > 0)
  40.   {
  41.     $limit = ' LIMIT ';
  42.     if ($start > 0) $limit .= (int)$start;
  43.     if ($start > 0 && $perpage > 0) $limit .= ', ';
  44.     if ($perpage > 0) $limit .= (int)$perpage;
  45.   }
  46.   $sort = '';
  47.  
  48.   switch ($action)
  49.   {
  50.     case 'save':
  51.       global $db;
  52.       if ($format == 'CSV')
  53.       {
  54.         $FIELDSTART = '"';
  55.         $FIELDEND = '"';
  56.         $FIELDSEPARATOR = ',';
  57.         $LINESTART = '';
  58.         $LINEBREAK = "\n";
  59.         $sort = ' ASC ';
  60.         $limit = '';
  61.       }
  62.       if ($format == 'TXT')
  63.       {
  64.         $FIELDSTART = '';
  65.         $FIELDEND = '';
  66.         $FIELDSEPARATOR = "\t";
  67.         $LINESTART = '';
  68.         $LINEBREAK = "\n";
  69.         $sort = ' ASC ';
  70.       }
  71.       if ($format == 'HTML')
  72.       {
  73.         $FIELDSTART = '<td>';
  74.         $FIELDEND = '</td>';
  75.         $FIELDSEPARATOR = "";
  76.         $LINESTART = "<tr>";
  77.         $LINEBREAK = "</tr>" . $NL;
  78.         $sort = ' DESC ';
  79.       }
  80.       $sql = "select a.access_date, a.admin_id, u.admin_name, a.ip_address, a.page_accessed, a.page_parameters, a.gzpost, a.flagged, a.attention
  81.              FROM " . TABLE_ADMIN_ACTIVITY_LOG . " a LEFT OUTER JOIN " . TABLE_ADMIN . " u ON a.admin_id = u.admin_id ORDER BY access_date " . $sort . $limit;
  82.       $result = $db->Execute($sql);
  83.       $records = $result->RecordCount();
  84.       if ($records == 0)
  85.       {
  86.         $messageStack->add("No Records Found.", 'error');
  87.       } else
  88.       { //process records
  89.         $i = 0;
  90.         // make a <table> tag if HTML output
  91.         if ($format == "HTML")
  92.         {
  93.           $exporter_output .= '<table border="1">' . $NL;
  94.         }
  95.         // add column headers if CSV or HTML format
  96.         if ($format == "CSV" || $format == "HTML")
  97.         {
  98.           $exporter_output .= $LINESTART;
  99.           $exporter_output .= $FIELDSTART . "timestamp" . $FIELDEND;
  100.           $exporter_output .= $FIELDSEPARATOR;
  101.           $exporter_output .= $FIELDSTART . "admin_user" . $FIELDEND;
  102.           $exporter_output .= $FIELDSEPARATOR;
  103.           $exporter_output .= $FIELDSTART . "ip_address" . $FIELDEND;
  104.           $exporter_output .= $FIELDSEPARATOR;
  105.           $exporter_output .= $FIELDSTART . "page_accessed" . $FIELDEND;
  106.           $exporter_output .= $FIELDSEPARATOR;
  107.           $exporter_output .= $FIELDSTART . "parameters" . $FIELDEND;
  108.           $exporter_output .= $FIELDSEPARATOR;
  109.           $exporter_output .= $FIELDSTART . "flagged" . $FIELDEND;
  110.           $exporter_output .= $FIELDSEPARATOR;
  111.           $exporter_output .= $FIELDSTART . "attention" . $FIELDEND;
  112.           $exporter_output .= $FIELDSEPARATOR;
  113.           $exporter_output .= $FIELDSTART . "postdata" . $FIELDEND;
  114.           $exporter_output .= $LINEBREAK;
  115.         }
  116.         // headers - XML
  117.         if ($format == "XML")
  118.         {
  119.           $exporter_output .= '<?xml version="1.0" encoding="' . CHARSET . '"?>' . "\n";
  120.         }
  121.         // output real data
  122.         while (! $result->EOF)
  123.         {
  124.           $i ++;
  125.           $postoutput = '';
  126.           if ($format == "XML")
  127.           {
  128.             $postoutput = nl2br(print_r(json_decode(@gzinflate($result->fields['gzpost'])), true));
  129.             $exporter_output .= "<admin_activity_log>\n";
  130.             $exporter_output .= "  <row>\n";
  131.             $exporter_output .= "    <access_date>" . $result->fields['access_date'] . "</access_date>\n";
  132.             $exporter_output .= "    <admin_id>" . $result->fields['admin_id'] . "</admin_id>\n";
  133.             $exporter_output .= "    <admin_name>" . htmlspecialchars($result->fields['admin_name'], ENT_COMPAT, CHARSET, TRUE) . "</admin_name>\n";
  134.             $exporter_output .= "    <ip_address>" . $result->fields['ip_address'] . "</ip_address>\n";
  135.             $exporter_output .= "    <page_accessed>" . $result->fields['page_accessed'] . "</page_accessed>\n";
  136.             $exporter_output .= "    <page_parameters>" . htmlspecialchars($result->fields['page_parameters'], ENT_COMPAT, CHARSET, TRUE) . "</page_parameters>\n";
  137.             $exporter_output .= "    <flagged>" . htmlspecialchars($result->fields['flagged'], ENT_COMPAT, CHARSET, TRUE) . "</flagged>\n";
  138.             $exporter_output .= "    <attention>" . htmlspecialchars($result->fields['attention'], ENT_COMPAT, CHARSET, TRUE) . "</attention>\n";
  139.             $exporter_output .= "    <postdata>" . $postoutput . "</postdata>\n";
  140.             $exporter_output .= "  </row>\n";
  141.           } else
  142.           { // output non-XML data-format
  143.             $postoutput = print_r(json_decode(@gzinflate($result->fields['gzpost'])), true);
  144.             if ($format == 'HTML') {
  145.               $postoutput = nl2br(zen_output_string_protected($postoutput));
  146.             } else {
  147.               $postoutput = nl2br($postoutput);
  148.             }
  149.             $exporter_output .= $LINESTART;
  150.             $exporter_output .= $FIELDSTART . $result->fields['access_date'] . $FIELDEND;
  151.             $exporter_output .= $FIELDSEPARATOR;
  152.             $exporter_output .= $FIELDSTART . $result->fields['admin_id'] . ' ' . $result->fields['admin_name'] . $FIELDEND;
  153.             $exporter_output .= $FIELDSEPARATOR;
  154.             $exporter_output .= $FIELDSTART . $result->fields['ip_address'] . $FIELDEND;
  155.             $exporter_output .= $FIELDSEPARATOR;
  156.             $exporter_output .= $FIELDSTART . $result->fields['page_accessed'] . $FIELDEND;
  157.             $exporter_output .= $FIELDSEPARATOR;
  158.             $exporter_output .= $FIELDSTART . $result->fields['page_parameters'] . $FIELDEND;
  159.             $exporter_output .= $FIELDSEPARATOR;
  160.             $exporter_output .= $FIELDSTART . $result->fields['flagged'] . $FIELDEND;
  161.             $exporter_output .= $FIELDSEPARATOR;
  162.             $exporter_output .= $FIELDSTART . $result->fields['attention'] . $FIELDEND;
  163.             $exporter_output .= $FIELDSEPARATOR;
  164.             $exporter_output .= $FIELDSTART . $postoutput . $FIELDEND;
  165.             $exporter_output .= $LINEBREAK;
  166.           }
  167.           $result->MoveNext();
  168.         }
  169.         if ($format == "HTML")
  170.         {
  171.           $exporter_output .= $NL . "</table>";
  172.         }
  173.         if ($format == "XML")
  174.         {
  175.           $exporter_output .= "</admin_activity_log>\n";
  176.         }
  177.         // theoretically, $i should == $records at this point.
  178.         // status message
  179.         if ($format != "HTML") $messageStack->add($records . TEXT_PROCESSED, 'success');
  180.         // begin streaming file contents
  181.         if ($save_to_file_checked != 1)
  182.         { // not saving to a file, so do regular output
  183.           if ($format == "CSV" || $format == "TXT" || $format == "XML")
  184.           {
  185.             if ($format == "CSV" || $format == "TXT")
  186.             {
  187.               $content_type = 'text/x-csv';
  188.             } elseif ($format == "XML")
  189.             {
  190.               $content_type = 'text/xml; charset=' . CHARSET;
  191.             }
  192.             if (preg_match('/MSIE/', $_SERVER['HTTP_USER_AGENT']))
  193.             {
  194.               header('Content-Type: application/octetstream');
  195. //              header('Content-Type: '.$content_type);
  196. //              header('Content-Disposition: inline; filename="' . $file . '"');
  197.               header('Content-Disposition: attachment; filename=' . $file);
  198.               header("Expires: Mon, 26 Jul 2001 05:00:00 GMT");
  199.               header("Last-Modified: " . gmdate("D, d M Y H:i:s") . " GMT");
  200.               header("Cache-Control: must_revalidate, post-check=0, pre-check=0");
  201.               header("Pragma: public");
  202.               header("Cache-control: private");
  203.             } else
  204.             {
  205.               header('Content-Type: application/x-octet-stream');
  206. //              header('Content-Type: '.$content_type);
  207.               header('Content-Disposition: attachment; filename=' . $file);
  208.               header("Expires: Mon, 26 Jul 2001 05:00:00 GMT");
  209.               header("Last-Modified: " . gmdate("D, d M Y H:i:s") . " GMT");
  210.               header("Pragma: no-cache");
  211.             }
  212.             echo $exporter_output;
  213.             exit();
  214.           } else
  215.           {
  216.             // HTML
  217. ?>
  218. <!doctype html>
  219. <html <?php echo HTML_PARAMS; ?>>
  220. <head>
  221. <meta charset="<?php echo CHARSET; ?>">
  222. <title><?php echo TITLE; ?></title>
  223. <link rel="stylesheet" type="text/css" href="includes/stylesheet.css">
  224. </head>
  225. <body>
  226. <?php
  227.             echo $exporter_output;
  228. ?>
  229. </body>
  230. </html>
  231. <?php
  232.             exit();
  233.           }
  234.         } else
  235.         { //write to file
  236.           //open output file for writing
  237.           $f = fopen(DIR_FS_ADMIN_ACTIVITY_EXPORT . $file, 'w');
  238.           if ($f) {
  239.             fwrite($f, $exporter_output);
  240.             fclose($f);
  241.             //open output file for readback
  242.             $readback = file_get_contents(DIR_FS_ADMIN_ACTIVITY_EXPORT . $file);
  243.           }
  244.           if ($readback !== FALSE && $readback == $exporter_output) {
  245.             $messageStack->add_session(SUCCESS_EXPORT_ADMIN_ACTIVITY_LOG . $file, 'success');
  246.           } else {
  247.             $messageStack->add_session(FAILURE_EXPORT_ADMIN_ACTIVITY_LOG . $file, 'error');
  248.           }
  249.           unset($f);
  250.         } // endif $save_to_file
  251.       } //end if $records for processing not 0
  252.       zen_redirect(zen_href_link(FILENAME_ADMIN_ACTIVITY));
  253.       break;
  254.  
  255. // clean out the admin_activity_log
  256.     case 'clean_admin_activity_log':
  257.       if (isset($_POST['confirm']) && $_POST['confirm'] == 'yes')
  258.       {
  259.         $db->Execute("truncate table " . TABLE_ADMIN_ACTIVITY_LOG);
  260.         $admname = '{' . preg_replace('/[^\w]/', '*', zen_get_admin_name()) . '[' . (int)$_SESSION['admin_id'] . ']}';
  261.         $sql_data_array = array( 'access_date' => 'now()',
  262.                                  'admin_id' => (isset($_SESSION['admin_id'])) ? (int)$_SESSION['admin_id'] : 0,
  263.                                  'page_accessed' =>  'Log reset by ' . $admname . '.',
  264.                                  'page_parameters' => '',
  265.                                  'ip_address' => substr($_SERVER['REMOTE_ADDR'],0,45)
  266.                                  );
  267.         zen_db_perform(TABLE_ADMIN_ACTIVITY_LOG, $sql_data_array);
  268.         $messageStack->add_session(SUCCESS_CLEAN_ADMIN_ACTIVITY_LOG, 'success');
  269.         unset($_SESSION['reset_admin_activity_log']);
  270.         zen_redirect(zen_href_link(FILENAME_ADMIN_ACTIVITY));
  271.       } else {
  272.         $confirmation_needed = TRUE;
  273.       }
  274.     break;
  275.  
  276.   } //end switch / case
  277. } //endif $action
  278. ?>
  279. <!doctype html public "-//W3C//DTD HTML 4.01 Transitional//EN">
  280. <html <?php
  281. echo HTML_PARAMS;
  282. ?>>
  283. <head>
  284. <meta http-equiv="Content-Type" content="text/html; charset=<?php echo CHARSET; ?>">
  285. <title><?php echo TITLE; ?></title>
  286. <link rel="stylesheet" type="text/css" href="includes/stylesheet.css">
  287. <link rel="stylesheet" type="text/css" href="includes/cssjsmenuhover.css" media="all" id="hoverJS">
  288. <script language="javascript" src="includes/menu.js"></script>
  289. <script language="javascript" src="includes/general.js"></script>
  290. <script type="text/javascript">
  291.   <!--
  292.   function init()
  293.   {
  294.     cssjsmenu('navbar');
  295.     if (document.getElementById)
  296.     {
  297.       var kill = document.getElementById('hoverJS');
  298.       kill.disabled = true;
  299.     }
  300.   }
  301.   // -->
  302. </script>
  303. </head>
  304. <body onload="init()">
  305. <!-- header //-->
  306. <?php
  307. require (DIR_WS_INCLUDES . 'header.php');
  308. ?>
  309. <!-- header_eof //-->
  310.  
  311. <!-- body //-->
  312. <table border="0" width="100%" cellspacing="2" cellpadding="2">
  313.     <tr>
  314.         <!-- body_text //-->
  315.         <td width="100%" valign="top">
  316.         <table border="0" width="100%" cellspacing="0" cellpadding="0">
  317.             <tr>
  318.                 <td width="100%">
  319.                 <table border="0" width="100%" cellspacing="0" cellpadding="0">
  320.                     <tr>
  321.                         <td class="pageHeading"><?php echo HEADING_TITLE; ?></td>
  322.                         <td class="pageHeading" align="right"><?php echo zen_draw_separator('pixel_trans.gif', HEADING_IMAGE_WIDTH, HEADING_IMAGE_HEIGHT); ?></td>
  323.                     </tr>
  324.                 </table>
  325.                 </td>
  326.             </tr>
  327.             <tr>
  328.                 <td><?php echo zen_draw_separator('pixel_trans.gif', '1', '10'); ?></td>
  329.             </tr>
  330.  
  331. <?php if ($action == '') { ?>
  332.             <tr><?php echo zen_draw_form('export', FILENAME_ADMIN_ACTIVITY, 'action=save', 'post'); //, 'onsubmit="return check_form(export);"');   ?>
  333.         <td align="center">
  334.                 <table border="0" cellspacing="0" cellpadding="2">
  335.             <tr><td><h2><?php echo HEADING_SUB1; ?></h2></td></tr>
  336.           <tr>
  337.             <td class="main" colspan="2"><?php echo TEXT_INSTRUCTIONS; ?></td>
  338.           </tr>
  339.                     <tr>
  340.                         <td class="main"><strong><?php echo TEXT_ACTIVITY_EXPORT_FORMAT; ?></strong><br /><?php echo zen_draw_pull_down_menu('format', $available_export_formats, $format); ?></td>
  341.                     </tr>
  342.                     <tr>
  343.                         <td colspan="2"><?php echo zen_draw_separator('pixel_trans.gif', '1', '10'); ?></td>
  344.                     </tr>
  345.                     <tr>
  346.                         <td class="main"><strong><?php echo TEXT_ACTIVITY_EXPORT_FILENAME; ?></strong><br /><?php echo zen_draw_input_field('filename', htmlspecialchars($file, ENT_COMPAT, CHARSET, TRUE), ' size="60"'); ?></td>
  347.                     </tr>
  348.                     <tr>
  349.                         <td colspan="2"><?php echo zen_draw_separator('pixel_trans.gif', '1', '10'); ?></td>
  350.                     </tr>
  351.                     <tr>
  352.                         <td class="main"><?php echo zen_draw_checkbox_field('savetofile', '1', $save_to_file_checked); ?> <strong><?php echo TEXT_ACTIVITY_EXPORT_SAVETOFILE; ?></strong><br />
  353.               &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<strong><?php echo TEXT_ACTIVITY_EXPORT_DEST; ?></strong> <em><?php echo DIR_FS_ADMIN_ACTIVITY_EXPORT; ?></em>
  354.               </td>
  355.                     </tr>
  356.                     <tr>
  357.                         <td class="main" align="right"><?php echo zen_image_submit('button_go.gif', IMAGE_GO) . '&nbsp;&nbsp;<a href="' . zen_href_link(FILENAME_ADMIN_ACTIVITY) . '">' . zen_image_button('button_cancel.gif', IMAGE_CANCEL) . '</a>'; ?></td>
  358.                     </tr>
  359.                 </table>
  360.                 </td>
  361.                 </form>
  362.             </tr>
  363.  
  364. <!-- bof: reset admin_activity_log -->
  365.       <tr>
  366.         <td align="center"><table border="0" cellspacing="0" cellpadding="2">
  367.       <tr><td><h2><?php echo HEADING_SUB2; ?></h2></td></tr>
  368.           <tr>
  369.             <td class=<?php echo ($_SESSION['reset_admin_activity_log'] == true ? "alert" : "main"); ?> align="left" valign="top"><?php echo TEXT_INFO_ADMIN_ACTIVITY_LOG; ?></td>
  370.             <td class="main" align="right" valign="middle"><?php echo '<a href="' . zen_href_link(FILENAME_ADMIN_ACTIVITY, 'action=clean_admin_activity_log') . '">' . zen_image_button('button_reset.gif', IMAGE_RESET) . '</a>'; ?></td>
  371.           </tr>
  372.         </table></td>
  373.       </tr>
  374. <!-- eof: reset admin_activity_log -->
  375.  
  376. <?php } elseif ($confirmation_needed) { ?>
  377.   <tr><td><?php echo TEXT_ADMIN_LOG_PLEASE_CONFIRM_ERASE; ?><?php echo zen_draw_form('admin_activity_erase', FILENAME_ADMIN_ACTIVITY, 'action=clean_admin_activity_log'); echo zen_image_submit('button_reset.gif', IMAGE_RESET); ?><input type="hidden" name="confirm" value="yes" /></form></td></tr>
  378.  
  379. <?php } ?>
  380.                 <!-- body_text_eof //-->
  381.         </table>
  382.         <!-- body_eof //--> <!-- footer //-->
  383. <?php require (DIR_WS_INCLUDES . 'footer.php'); ?>
  384. <!-- footer_eof //--> <br />
  385.  
  386. </body>
  387. </html>
  388. <?php require (DIR_WS_INCLUDES . 'application_bottom.php'); ?>


cron