library/ajax/sql_server_status.php

   1 <?php
   2
   3 /**
   4  * sql_server_status.php
   5  *
   6  * @package   OpenEMR
   7  * @link      https://www.open-emr.org
   8  * @author    Jerry Padgett <sjpadgett@gmail.com>
   9  * @copyright Copyright (c) 2020 Jerry Padgett <sjpadgett@gmail.com>
  10  * @license   https://github.com/openemr/openemr/blob/master/LICENSE GNU General Public License 3
  11  */
  12
  13 /*
  14  * I wrote this mainly to show server activity for transaction intensive upgrades
  15  * where the user can know we are still working though no activity from upgrade sequence.
  16  */
  17
  18 $ignoreAuth = true;
  19 // to prevent config.php call keys table oops
  20 $GLOBALS['ongoing_sql_upgrade'] = true;
  21 $GLOBALS['connection_pooling_off'] = true; // force off database connection pooling
  22 require_once(__DIR__ . '/../../interface/globals.php');
  23
  24 use OpenEMR\Common\Csrf\CsrfUtils;
  25
  26 // this will ensure that the only script that can use this ajax call is the sql_upgrade.php script
  27 if (!CsrfUtils::verifyCsrfToken($_POST["csrf_token_form"], 'sqlupgrade')) {
  28     CsrfUtils::csrfNotVerified();
  29 }
  30
  31 $trans_query = <<< strQuery
  32 Select * From INFORMATION_SCHEMA.PROCESSLIST
  33 Where COMMAND <> 'Sleep'
  34 And INFO NOT LIKE '%INFORMATION_SCHEMA.PROCESSLIST%'
  35 And DB = ?;
  36 strQuery;
  37
  38 if (isset($_POST['poll'])) {
  39     $cur_date = date("m/d H:i:s");
  40     $db_in_question = $GLOBALS ['dbase'];
  41     $stat_result = sqlStatementNoLog($trans_query, array($db_in_question));
  42     $q_msg = '';
  43     while ($stat_row = sqlFetchArray($stat_result)) {
  44         // Convert binary characters to a ? character
  45         $stat_row['INFO'] = mb_convert_encoding($stat_row['INFO'], 'UTF-8', 'UTF-8');
  46         // Several preg replaces to ensure no data is passed
  47         $stat_row['INFO'] = preg_replace(['!`.*?`!', '!\'.*?\'!', '!".*?"!', '![^A-Z]+!'], ['', '', '', ' * '], $stat_row['INFO']);
  48         $q_msg .= "<li class='text-primary'>";
  49         $q_msg .= text($cur_date) . "  " . text($_GET['poll']) . " " . text($stat_row['INFO']);
  50         $q_msg .= "</li>";
  51     }
  52
  53     // inform the world!.
  54     header('Cache-Control: no-cache');
  55
  56     echo $q_msg;
  57
  58     exit();
  59 }