-
Notifications
You must be signed in to change notification settings - Fork 31
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Task #228793 chore: Logs implenetation for import ucm functionality #426
base: j4x
Are you sure you want to change the base?
Changes from 2 commits
ade4a10
8462692
fa7c68f
1b4f977
File filter
Filter by extension
Conversations
Jump to
Diff view
Diff view
There are no files selected for viewing
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -19,6 +19,8 @@ | |
use Joomla\CMS\Table\Table; | ||
use Joomla\CMS\Uri\Uri; | ||
use Joomla\CMS\Factory; | ||
use Joomla\CMS\Log\Log; | ||
|
||
|
||
/** | ||
* Items list controller class. | ||
|
@@ -124,6 +126,25 @@ | |
$fieldsArray[$field->name] = $field; | ||
} | ||
|
||
// Logs implemetation | ||
header('Cache-Control: no-cache, must-revalidate'); | ||
header('Content-type: application/json'); | ||
|
||
// Format the date for the log file name | ||
$date = Factory::getDate()->format('Y-m-d_H-i-s'); | ||
$logFileName = 'com_tjucm.import_records_' . $date . '.log.php'; // Ensuring valid filename | ||
|
||
// Register the logger with a valid log file name | ||
Log::addLogger( | ||
array('text_file' => $logFileName), | ||
Log::ALL, | ||
array('com_tjucm') | ||
); | ||
|
||
// Set log file name to session | ||
$session = Factory::getSession(); | ||
$session->set('import_filename', $logFileName); | ||
|
||
// Read the CSV file | ||
$file = fopen($uploadPath, 'r'); | ||
$headerRow = true; | ||
|
@@ -243,16 +264,27 @@ | |
else | ||
{ | ||
$itemData[$fieldName] = trim($value); | ||
|
||
|
||
} | ||
} | ||
} | ||
|
||
// Check if all the required values are present in the row | ||
$isValid = (count(array_intersect_key($itemData, $requiredFieldsName)) == count($requiredFieldsName)); | ||
|
||
$missingFields = array_diff_key($requiredFieldsName, $itemData); | ||
$missingValues = array_values($missingFields); | ||
$missingvaluesString = implode(', ', $missingValues); | ||
|
||
|
||
if (!$isValid || empty($itemData)) | ||
{ | ||
$invalidRows++; | ||
|
||
Log::add(Text::sprintf("COM_TJUCM_IMPORT_FIELD_VALUE_EMPTY_ON_ROW_NO", $invalidRows), Log::INFO, 'com_tjucm'); | ||
Log::add(Text::sprintf("COM_TJUCM_IMPORT_FIELD_VALUE_EMPTY", $missingvaluesString), Log::INFO, 'com_tjucm'); | ||
|
||
} | ||
else | ||
{ | ||
|
@@ -305,7 +337,11 @@ | |
} | ||
|
||
if ($invalidRows) | ||
{ | ||
{ | ||
|
||
Log::add(Text::sprintf("COM_TJUCM_INVALID_IMPORT_RECORD_ROW", $invalidRows), Log::INFO, 'com_tjucm'); | ||
|
||
|
||
$app->enqueueMessage(Text::sprintf('COM_TJUCM_ITEMS_IMPORT_REJECTED_RECORDS', $invalidRows), 'warning'); | ||
} | ||
|
||
|
@@ -314,6 +350,19 @@ | |
$app->enqueueMessage(Text::_('COM_TJUCM_ITEMS_NO_RECORDS_TO_IMPORT'), 'error'); | ||
} | ||
|
||
$session = Factory::getSession(); | ||
|
||
$logFilePath = JPATH_ADMINISTRATOR . '/logs/' . $logFileName; | ||
|
||
$filename = $session->get('import_filename'); | ||
|
||
$downloadUrl = Uri::root() . 'index.php?option=com_tjucm&task=items.downloadLog&file=' . urlencode($filename); | ||
|
||
$app->enqueueMessage(Text::_('COM_TJUCM_ITEMS_LOG_FILE_READY'). | ||
'<a href="' . $downloadUrl . '" target="_blank">'.Text::_('COM_TJUCM_DOWNLOAD_LOG_FILE').'</a>', | ||
'message' | ||
); | ||
|
||
$app->redirect(Uri::root() . 'index.php?option=com_tjucm&view=items&layout=importitems&tmpl=component&client=' . $client); | ||
} | ||
|
||
|
@@ -412,4 +461,41 @@ | |
$app->enqueueMessage(implode("<br>", $msg), 'error'); | ||
} | ||
} | ||
|
||
|
||
/** | ||
* Method to download log file | ||
* | ||
* @return void | ||
* | ||
* @since 1.0 | ||
*/ | ||
public function downloadLog() | ||
{ | ||
$logFileName = Factory::getApplication()->input->getString('file'); | ||
|
||
// Full path to the log file | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. // Construct the full path.
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. Done |
||
$logFilePath = JPATH_ADMINISTRATOR . '/logs/' . $logFileName; | ||
|
||
// Check if the file exists | ||
if (file_exists($logFilePath)) { | ||
// Set headers for file download | ||
header('Content-Description: File Transfer'); | ||
header('Content-Type: application/octet-stream'); | ||
header('Content-Disposition: attachment; filename="' . basename($logFilePath) . '"'); | ||
header('Expires: 0'); | ||
header('Cache-Control: must-revalidate'); | ||
header('Pragma: public'); | ||
header('Content-Length: ' . filesize($logFilePath)); | ||
Check failure Code scanning / SonarCloud I/O function calls should not be vulnerable to path injection attacks High
Change this code to not construct the path from user-controlled data. See more on SonarCloud
|
||
|
||
// Clear output buffer | ||
ob_clean(); | ||
flush(); | ||
|
||
// Read and output the file content | ||
readfile($logFilePath); | ||
Check failure Code scanning / SonarCloud I/O function calls should not be vulnerable to path injection attacks High
Change this code to not construct the path from user-controlled data. See more on SonarCloud
|
||
exit; | ||
} | ||
} | ||
|
||
} |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@punambaravkar
Take only file name from input and use it.
// Use basename() to extract only the filename, preventing directory traversal. and use it in the next lines
$safeFileName = basename(logFileName);
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Done