interface/logview/erx_logview.php

   1 <?php
   2
   3 /**
   4  * interface/logview/erx_logview.php Display NewCrop errors.
   5  *
   6  * @package    OpenEMR
   7  * @subpackage NewCrop
   8  * @link       http://www.open-emr.org
   9  * @author     Eldho Chacko <eldho@zhservices.com>
  10  * @author     Vinish K <vinish@zhservices.com>
  11  * @author     Sam Likins <sam.likins@wsi-services.com>
  12  * @author     Brady Miller <brady.g.miller@gmail.com>
  13  * @copyright  Copyright (c) 2011 ZMG LLC <sam@zhservices.com>
  14  * @copyright  Copyright (c) 2017-2018 Brady Miller <brady.g.miller@gmail.com>
  15  * @license    https://github.com/openemr/openemr/blob/master/LICENSE GNU General Public License 3
  16  */
  17
  18 require_once(__DIR__ . '/../globals.php');
  19
  20 use OpenEMR\Common\Csrf\CsrfUtils;
  21 use OpenEMR\Core\Header;
  22
  23 $error_log_path = $GLOBALS['OE_SITE_DIR'] . '/documents/erx_error';
  24
  25 if (array_key_exists('filename', $_GET)) {
  26     if (!CsrfUtils::verifyCsrfToken($_GET["csrf_token_form"])) {
  27         CsrfUtils::csrfNotVerified();
  28     }
  29
  30     $filename = $_GET['filename'];
  31     check_file_dir_name($filename);
  32 } else {
  33     $filename = '';
  34 }
  35
  36 if (array_key_exists('start_date', $_POST)) {
  37     if (!CsrfUtils::verifyCsrfToken($_POST["csrf_token_form"])) {
  38         CsrfUtils::csrfNotVerified();
  39     }
  40
  41     $start_date = $_POST['start_date'];
  42     check_file_dir_name($start_date); // this is incorporated into filename when seeking, so will check it
  43 } else {
  44     $start_date = '';
  45 }
  46
  47 if ($filename) {
  48     $bat_content = '';
  49
  50     preg_match('/erx_error-\d{4}-\d{1,2}-\d{1,2}\.log/', $filename, $matches);
  51
  52     if ($matches) {
  53         if ($fd = fopen($error_log_path . '/' . $filename, 'r')) {
  54             $bat_content = fread($fd, filesize($error_log_path . '/' . $filename));
  55         }
  56
  57         header('Pragma: public');
  58         header('Expires: 0');
  59         header('Cache-Control: must-revalidate, post-check=0, pre-check=0');
  60         header('Content-Type: application/force-download');
  61         header('Content-Disposition: attachment; filename=' . $filename);
  62         header('Content-Description: File Transfer');
  63         header('Content-Length: ' . strlen($bat_content));
  64
  65         echo $bat_content;
  66
  67         die;
  68     }
  69 }
  70
  71 ?>
  72 <html>
  73     <head>
  74         <?php Header::setupHeader('datetime-picker'); ?>
  75
  76         <script>
  77             $(function () {
  78                 $('.datepicker').datetimepicker({
  79                     <?php $datetimepicker_timepicker = false; ?>
  80                     <?php $datetimepicker_showseconds = false; ?>
  81                     <?php $datetimepicker_formatInput = false; ?>
  82                     <?php require($GLOBALS['srcdir'] . '/js/xl/jquery-datetimepicker-2-5-4.js.php'); ?>
  83                     <?php // can add any additional javascript settings to datetimepicker here; need to prepend first setting with a comma ?>
  84                 });
  85             });
  86         </script>
  87
  88     </head>
  89     <body class="body_top">
  90         <form method="post">
  91         <input type="hidden" name="csrf_token_form" value="<?php echo attr(CsrfUtils::collectCsrfToken()); ?>" />
  92
  93         <span class="title"><?php echo xlt('eRx Logs'); ?></span><br /><br />
  94         <table>
  95             <tr>
  96                 <td>
  97                     <span class="text"><?php echo xlt('Date'); ?>: </span>
  98                 </td>
  99                 <td>
 100                     <input type="text" size="10" class='datepicker' name="start_date" id="start_date" value="<?php echo $start_date ? attr(substr($start_date, 0, 10)) : date('Y-m-d'); ?>" title="<?php echo xla('yyyy-mm-dd Date of service'); ?>" />
 101                 </td>
 102                 <td>
 103                     <input type="submit" class="btn btn-primary btn-sm" name="search_logs" value="<?php echo xla('Search'); ?>" />
 104                 </td>
 105             </tr>
 106         </table>
 107         </form>
 108 <?php
 109
 110     $check_for_file = 0;
 111 if (array_key_exists('search_logs', $_POST)) {
 112     if (!CsrfUtils::verifyCsrfToken($_POST["csrf_token_form"])) {
 113         CsrfUtils::csrfNotVerified();
 114     }
 115
 116     if ($handle = opendir($error_log_path)) {
 117         while (false !== ($file = readdir($handle))) {
 118             $file_as_in_folder = 'erx_error-' . $start_date . '.log';
 119
 120             if ($file != '.' && $file != '..' && $file_as_in_folder == $file) {
 121                 $check_for_file = 1;
 122                 $fd = fopen($error_log_path . '/' . $file, 'r');
 123                 $bat_content = fread($fd, filesize($error_log_path . '/' . $file));
 124                 ?>
 125                 <p><?php echo xlt('Download'); ?>: <a href="erx_logview.php?filename=<?php echo attr_url($file); ?>&csrf_token_form=<?php echo attr_url(CsrfUtils::collectCsrfToken()); ?>"><?php echo text($file); ?></a></p>
 126                 <textarea rows="35" cols="132"><?php echo text($bat_content); ?></textarea>
 127                 <?php
 128             }
 129         }
 130     }
 131
 132     if ($check_for_file == 0) {
 133         echo xlt('No log file exist for the selected date') . ': ' . text($start_date);
 134     }
 135 }
 136
 137 ?>
 138     </body>
 139 </html>