seeddms-code/op/op.RemoveLog.php

<?php
//    MyDMS. Document Management System
//    Copyright (C) 2010 Matteo Lucarelli
//    Copyright (C) 2010-2016 Uwe Steinmann
//
//    This program is free software; you can redistribute it and/or modify
//    it under the terms of the GNU General Public License as published by
//    the Free Software Foundation; either version 2 of the License, or
//    (at your option) any later version.
//
//    This program is distributed in the hope that it will be useful,
//    but WITHOUT ANY WARRANTY; without even the implied warranty of
//    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
//    GNU General Public License for more details.
//
//    You should have received a copy of the GNU General Public License
//    along with this program; if not, write to the Free Software
//    Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.

include("../inc/inc.Settings.php");
include("../inc/inc.Utils.php");
include("../inc/inc.LogInit.php");
include("../inc/inc.Language.php");
include("../inc/inc.Init.php");
include("../inc/inc.Extension.php");
include("../inc/inc.DBInit.php");
include("../inc/inc.ClassUI.php");
include("../inc/inc.Authentication.php");

/* Check if the form data comes from a trusted request */
if(!checkFormKey('removelog')) {
	UI::exitError(getMLText("admin_tools"),getMLText("invalid_request_token"));
}

if (!$user->isAdmin()) {
	UI::exitError(getMLText("admin_tools"),getMLText("access_denied"));
}

if (!isset($_POST["lognames"]) || !is_array($_POST["lognames"])) {
	UI::exitError(getMLText("admin_tools"),getMLText("unknown_id"));
}

$lognames = $_POST["lognames"];
foreach($lognames as $file) {
	$file = basename($file, '.log').'.log';
	if(!file_exists($settings->_contentDir.'log/'.$file)) {
		UI::exitError(getMLText("admin_tools"),getMLText("unknown_id"));
	}

	if (@readlink($settings->_contentDir."current.log")==$settings->_contentDir.'log/'.$file){
		UI::exitError(getMLText("admin_tools"),getMLText("access_denied"));
	}

	if (!SeedDMS_Core_File::removeFile($settings->_contentDir.'log/'.$file)) {
		UI::exitError(getMLText("admin_tools"),getMLText("error_occured"));
	}
}

if(isset($_POST["mode"])) {
	$mode = $_POST["mode"];
} else {
	$mode = 'web';
}


add_log_line("?logname=".implode(",", $_POST["lognames"]));

header("Location:../out/out.LogManagement.php?mode=".$mode);

?>
set to unix line endings 2013-04-11 07:05:36 +00:00			`<?php`
			`// MyDMS. Document Management System`
			`// Copyright (C) 2010 Matteo Lucarelli`
fix copyright in header 2016-08-09 05:34:30 +00:00			`// Copyright (C) 2010-2016 Uwe Steinmann`
set to unix line endings 2013-04-11 07:05:36 +00:00			`//`
			`// This program is free software; you can redistribute it and/or modify`
			`// it under the terms of the GNU General Public License as published by`
			`// the Free Software Foundation; either version 2 of the License, or`
			`// (at your option) any later version.`
			`//`
			`// This program is distributed in the hope that it will be useful,`
			`// but WITHOUT ANY WARRANTY; without even the implied warranty of`
			`// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the`
			`// GNU General Public License for more details.`
			`//`
			`// You should have received a copy of the GNU General Public License`
			`// along with this program; if not, write to the Free Software`
			`// Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.`

			`include("../inc/inc.Settings.php");`
include inc.Utils.php early 2022-11-09 05:40:50 +00:00			`include("../inc/inc.Utils.php");`
set to unix line endings 2013-04-11 07:05:36 +00:00			`include("../inc/inc.LogInit.php");`
			`include("../inc/inc.Language.php");`
include inc/inc.Init.php, new order of include files 2014-12-08 13:47:32 +00:00			`include("../inc/inc.Init.php");`
			`include("../inc/inc.Extension.php");`
			`include("../inc/inc.DBInit.php");`
set to unix line endings 2013-04-11 07:05:36 +00:00			`include("../inc/inc.ClassUI.php");`
			`include("../inc/inc.Authentication.php");`

fix typo 2016-10-05 14:23:22 +00:00			`/* Check if the form data comes from a trusted request */`
- lots of fixes to prevent CSRF attacks 2012-08-29 20:37:22 +00:00			`if(!checkFormKey('removelog')) {`
			`UI::exitError(getMLText("admin_tools"),getMLText("invalid_request_token"));`
			`}`

- move all sources into trunk 2010-10-29 13:19:51 +00:00			`if (!$user->isAdmin()) {`
set to unix line endings 2013-04-11 07:05:36 +00:00			`UI::exitError(getMLText("admin_tools"),getMLText("access_denied"));`
- move all sources into trunk 2010-10-29 13:19:51 +00:00			`}`
set to unix line endings 2013-04-11 07:05:36 +00:00
several log files can be delete in one go 2013-04-11 06:38:47 +00:00			`if (!isset($_POST["lognames"]) \|\| !is_array($_POST["lognames"])) {`
set to unix line endings 2013-04-11 07:05:36 +00:00			`UI::exitError(getMLText("admin_tools"),getMLText("unknown_id"));`
- move all sources into trunk 2010-10-29 13:19:51 +00:00			`}`

several log files can be delete in one go 2013-04-11 06:38:47 +00:00			`$lognames = $_POST["lognames"];`
			`foreach($lognames as $file) {`
fix possible DoS 2022-03-26 17:48:04 +00:00			`$file = basename($file, '.log').'.log';`
fix name for log files 2018-04-03 08:57:29 +00:00			`if(!file_exists($settings->_contentDir.'log/'.$file)) {`
several log files can be delete in one go 2013-04-11 06:38:47 +00:00			`UI::exitError(getMLText("admin_tools"),getMLText("unknown_id"));`
			`}`

fix name for log files 2018-04-03 08:57:29 +00:00			`if (@readlink($settings->_contentDir."current.log")==$settings->_contentDir.'log/'.$file){`
several log files can be delete in one go 2013-04-11 06:38:47 +00:00			`UI::exitError(getMLText("admin_tools"),getMLText("access_denied"));`
			`}`
set to unix line endings 2013-04-11 07:05:36 +00:00
fix name for log files 2018-04-03 08:57:29 +00:00			`if (!SeedDMS_Core_File::removeFile($settings->_contentDir.'log/'.$file)) {`
set to unix line endings 2013-04-11 07:05:36 +00:00			`UI::exitError(getMLText("admin_tools"),getMLText("error_occured"));`
several log files can be delete in one go 2013-04-11 06:38:47 +00:00			`}`
- move all sources into trunk 2010-10-29 13:19:51 +00:00			`}`
several log files can be delete in one go 2013-04-11 06:38:47 +00:00
return to tab on LogManagement page which was previously selected after removing a log file and returning to the LogManagement page, the same tab is selected as before (fixes Bug #30) 2013-04-11 07:02:24 +00:00			`if(isset($_POST["mode"])) {`
			`$mode = $_POST["mode"];`
			`} else {`
			`$mode = 'web';`
			`}`

set to unix line endings 2013-04-11 07:05:36 +00:00
several log files can be delete in one go 2013-04-11 06:38:47 +00:00			`add_log_line("?logname=".implode(",", $_POST["lognames"]));`
set to unix line endings 2013-04-11 07:05:36 +00:00
return to tab on LogManagement page which was previously selected after removing a log file and returning to the LogManagement page, the same tab is selected as before (fixes Bug #30) 2013-04-11 07:02:24 +00:00			`header("Location:../out/out.LogManagement.php?mode=".$mode);`
set to unix line endings 2013-04-11 07:05:36 +00:00
			`?>`