admin/Facilitor
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

FSN#37530 Logfiles niet meer ongeauthenticeerd kunnen opvragen

Browse Source 
svn path=/Website/trunk/; revision=31710
This commit is contained in:
Jos Groot Lipman
2016-11-28 15:54:47 +00:00
parent e52694cd3e
commit f0ce88bc9c
3 changed files with 117 additions and 71 deletions
Download Patch File Download Diff File Expand all files Collapse all files

77
APPL/FAC/fac_StreamFile.asp Normal file
View File

@@ -0,0 +1,77 @@
<%@ Language=JavaScript %>
<% /*
$Revision$
$Id$
File: fac_StreamFile.asp
Description: Streamt een systeemfile. Internal use only, daarom minstens PRSSYS
Parameters:
Context:
Note:
*/ %>
<%
DOCTYPE_Disable = 1; // ook al volgt straks een response.Clear
//if (Application("otap_environment") == "O")
// ANONYMOUS_Allowed = 1;
%>
<!-- #include file="../Shared/common.inc" -->
<!-- #include file="../shared/FlexFiles.inc" -->
<%
user.checkAutorisation("WEB_PRSSYS"); // Sommige files worden we nog strenger
var logger = getQParamInt("logger", -1); // 0=normal, 1=puo_scheduled, 2=puo_immediate. 3=aiai
if (logger == 0)
{
user.checkAutorisation("WEB_FACTAB");
var logfilename = Application(customerId + "_logfilename").replace(/^temp\//, "");
var filePath = Server.MapPath(rooturl + "/") + "/temp";
StreamFile(filePath, logfilename + ".html.log", "text/html", "inline");
Response.End;
}
if (logger == 1 || logger == 2) // Putorders
{
var ago = getQParamInt("ago", 0);
var dt = new Date();
dt.setMonth(dt.getMonth() - ago); // zoveel maanden in het verleden
var month = dt.getMonth() + 1;
var year = dt.getYear();
var schedulelog = logger == 1;
var logname = "putorders" + (schedulelog?"":"I") + "_" + customerId + "_" + year + "_" + padout(month) + ".log";
var path = schedulelog?"../../cust/" + customerId + "/tasks/":"../../temp/";
zipfile(path, logname);
Response.End;
}
if (logger == 3) // AiAi
{
user.checkAutorisation("WEB_FACTAB");
var f = fso.GetFolder(Server.MapPath(rooturl + "/") + "/temp/");
var fname = "";
for (var ff = new Enumerator(f.SubFolders); !ff.atEnd(); ff.moveNext())
{
if (ff.item().Name.match(/^500_error_[0-9]*/))
{
fname = ff.item().Name;
break;
}
}
if (!fname)
abort_with_warning("No AiAi folder");
var ago = getQParamInt("ago", 0);
var dt = new Date();
dt.setDate(dt.getDate() - ago); // zoveel dagen in het verleden
var nowtxt = toISODateString(dt);
var logfilename = "log_" + nowtxt + ".html";
var filePath = Server.MapPath(rooturl + "/") + "/temp/" + fname;
StreamFile(filePath, logfilename, "text/html", "inline");
Response.End;
}
%>

76
APPL/FAC/fac_verify.inc
View File

@@ -8,8 +8,7 @@
Context: Manual call to check installation
Note:
Todo: dbms_utility.get_hash_value (facmgttools.asp UpdateLegenda)
dbms_random.string fac/pass2mail.asp (sms) en shared/sendpassword.asp (email)
Todo: dbms_utility.get_hash_value (cad_thema.asp->UpdateLegenda)
dbms_utility.get_time() (fac/perfmon.asp)
DBMS_UTILITY.COMPILE_SCHEMA diverse
@@ -20,9 +19,6 @@
UTL_MATCH.EDIT_DISTANCE_SIMILARITY
utl_match.jaro_winkler
DBMS_CRYPTO is niet zo maar beschikbaar!
Daarom gebruiken we UTL_RAW, en DBMS_OBFUSCATION_TOOLKIT.MD5
*/ %>
<%
Response.Expires=-1;
@@ -56,52 +52,6 @@ if (Request.Form("saveas").count > 0)
Response.contenttype = "application/octet-stream";
Response.AddHeader("content-disposition","attachment; filename=FACILITOR_verify_" + custID + "_" + toDateString(new Date()) + ".html");
}
if (Request.QueryString("put_log").Count > 0)
{
var schedulelog = Request.QueryString("put_log") == "1";
var year = parseInt(Request.QueryString("year"));
var month = parseInt(Request.QueryString("month"));
var logname = "putorders" + (schedulelog?"":"I") + "_" + custID + "_" + year + "_" + (month<10?"0":"") + month + ".log";
var path = schedulelog?"../../cust/" + custID + "/tasks/":"../../temp/";
zipfile(path, logname);
}
function zipfile(pathname, filename)
{
var oZIP = new ActiveXObject("SLNKDWF.Zip");
var fso = new ActiveXObject("Scripting.FileSystemObject");
var temp = Server.MapPath("../../temp/" + fso.GetTempName());
var iStream = new ActiveXObject("ADODB.Stream")
iStream.Type = 2; // Text
iStream.Open();
iStream.CharSet = "utf-8";
try
{
iStream.LoadFromFile(Server.MapPath(pathname + filename));
}
catch (e)
{
Response.Write("Error opening " + pathname + filename + "<br/><em>"+e.description+"</em>");
Response.End;
}
oZIP.New(temp) //;; Helaas niet *naar* stream
oZIP.ZipFromStream(filename, iStream);
oZIP.Close();
iStream.Close()
var oStream = new ActiveXObject("ADODB.Stream");
oStream.Open;
oStream.Type = 1; // adTypeBinary
oStream.LoadFromFile(temp);
oStream.Position = 0;
fso.DeleteFile(temp);
Response.clear;
Response.contenttype = 'application/zip';
Response.AddHeader("content-disposition", "attachment; filename= \"" + filename + ".zip\"");
Response.BinaryWrite(oStream.read(oStream.Size));
Response.End;
}
%>
<head>
<META HTTP-EQUIV="Pragma" CONTENT="no-cache">
@@ -904,35 +854,19 @@ if (this.S) // (deze test werkt niet vanuit verify.asp.inc)
checker("Logfiles",
function ()
{
try
{
oSLNKDWF = new ActiveXObject("SLNKDWF.About");
}
catch(e)
{
return { result: resultcodes.warning,
message: e.description + "<br>SLNKDWF.DLL not installed. No logfiles download available"};
}
if (Request.ServerVariables("SERVER_PORT") == 443)
proto = "https://";
else
proto = "http://";
zelf = proto + Request.ServerVariables("HTTP_HOST") + Request.ServerVariables("SCRIPT_NAME");
var dt = new Date();
dt.setMonth(dt.getMonth() -1);
var month = dt.getMonth()+1;
var year = dt.getYear();
txt = "putorders_" + custID + "_" + year + "_" + (month<10?"0":"") + month + ".log";
txt += " <a href='" + zelf + "?put_log=1&year=" + year + "&month=" + month + "'>scheduled</a>";
txt += " or <a href='" + zelf + "?put_log=2&year=" + year + "&month=" + month + "'> immediate</a>";
txt += " <a href='fac_StreamFile.asp?logger=1&ago=1'>scheduled</a>";
txt += " or <a href='fac_StreamFile.asp?logger=2&ago=1'> immediate</a>";
var dt = new Date();
var month = dt.getMonth()+1;
var year = dt.getYear();
txt += "<br>putorders_" + custID + "_" + year + "_" + (month<10?"0":"") + month + ".log";
txt += " <a href='" + zelf + "?put_log=1&year=" + year + "&month=" + month + "'>scheduled</a>";
txt += " or <a href='" + zelf + "?put_log=2&year=" + year + "&month=" + month + "'> immediate</a>";
txt += " <a href='fac_StreamFile.asp?logger=1'>scheduled</a>";
txt += " or <a href='fac_StreamFile.asp?logger=2'> immediate</a>";
return { result: resultcodes.ok, message: txt };
}

35
APPL/Shared/FlexFiles.inc
View File

@@ -658,4 +658,39 @@ function StreamFile(filePath, filename, mime, pcontentdp)
oStream = null;
}
function zipfile(pathname, filename)
{
var oZIP = new ActiveXObject("SLNKDWF.Zip");
var fso = new ActiveXObject("Scripting.FileSystemObject");
var temp = Server.MapPath("../../temp/" + fso.GetTempName());
var iStream = new ActiveXObject("ADODB.Stream")
iStream.Type = 2; // Text
iStream.Open();
iStream.CharSet = "utf-8";
try
{
iStream.LoadFromFile(Server.MapPath(pathname + filename));
}
catch (e)
{
Response.Write("Error opening " + pathname + filename + "<br/><em>"+e.description+"</em>");
Response.End;
}
oZIP.New(temp) //;; Helaas niet *naar* stream
oZIP.ZipFromStream(filename, iStream);
oZIP.Close();
iStream.Close()
var oStream = new ActiveXObject("ADODB.Stream");
oStream.Open;
oStream.Type = 1; // adTypeBinary
oStream.LoadFromFile(temp);
oStream.Position = 0;
fso.DeleteFile(temp);
Response.clear;
Response.contenttype = 'application/zip';
Response.AddHeader("content-disposition", "attachment; filename= \"" + filename + ".zip\"");
Response.BinaryWrite(oStream.read(oStream.Size));
Response.End;
}
%>