Admin\Backend change non filled dat part comment

the not filled data or data_binary part is a JSON with "type" set to the type that is used with a general message To decode try to read both sides if data = JSON + "type" and "message" set then data is in data_binary else data_binary holds the type on the left side
Update the Admin\Backend edit log call with query params and different data compressors
2024-10-16 16:45:13 +09:00 · 2024-10-16 16:21:51 +09:00 · 2024-10-16 12:34:48 +09:00 · 2024-10-16 12:18:51 +09:00 · 2024-10-16 12:15:19 +09:00
4 changed files with 230 additions and 72 deletions
--- a/.gitignore
+++ b/.gitignore
@@ -1 +1,2 @@
 .libs
+node_modules/
--- a/www/admin/class_test.admin.backend.php
+++ b/www/admin/class_test.admin.backend.php
@@ -55,7 +55,25 @@ print '<div><h1>' . $PAGE_NAME . '</h1></div>';
 print "SETACL[]: <br>";
 $backend->setACL(['EMPTY' => 'EMPTY']);
 print "ADBEDITLOG: <br>";
-$backend->adbEditLog('CLASSTEST-ADMIN', 'Some info string');
+$backend->adbEditLog('CLASSTEST-ADMIN-BINARY', 'Some info string', 'BINARY');
+$backend->adbEditLog('CLASSTEST-ADMIN-ZLIB', 'Some info string', 'ZLIB');
+$backend->adbEditLog('CLASSTEST-ADMIN-SERIAL', 'Some info string', 'SERIAL');
+$backend->adbEditLog('CLASSTEST-ADMIN-INVALID', 'Some info string', 'INVALID');
+// test with various
+$backend->action = 'TEST ACTION';
+$backend->action_id = 'TEST ACTION ID';
+$backend->action_yes = 'TEST ACTION YES';
+$backend->action_flag = 'TEST ACTION FLAG';
+$backend->action_menu = 'TEST ACTION MENU';
+$backend->action_loaded = 'TEST ACTION LOADED';
+$backend->action_value = 'TEST ACTION VALUE';
+$backend->action_type = 'TEST ACTION TYPE';
+$backend->action_error = 'TEST ACTION ERROR';
+$backend->adbEditLog('CLASSTEST-ADMIN-JSON', [
+	"_GET" => $_GET,
+	"_POST" => $_POST,
+], 'JSON');
+
 print "ADBTOPMENU(0): " . Support::printAr($backend->adbTopMenu(CONTENT_PATH)) . "<br>";
 print "ADBMSG: <br>";
 $backend->adbMsg('info', 'Message: %1$d', [1]);
--- a/www/admin/class_test.error_msg.php
+++ b/www/admin/class_test.error_msg.php
@@ -61,6 +61,8 @@ print "ErrorsIds: <pre>" . $log->prAr($em->getErrorIds()) . "</pre>";
 print "Errors: <pre>" . $log->prAr($em->getErrorMsg()) . "</pre>";
 print "JumpTargets: <pre>" . $log->prAr($em->getJumpTarget()) . "</pre>";

+print "IS info > ok: " . ml::fromName('info')->isHigherThan(ml::ok) . "<br>";
+
 print "</body></html>";

 $log->debug('[END]', '==========================================>');
--- a/www/lib/CoreLibs/Admin/Backend.php
+++ b/www/lib/CoreLibs/Admin/Backend.php
@@ -31,6 +31,8 @@ declare(strict_types=1);

 namespace CoreLibs\Admin;

+use CoreLibs\Convert\Json;
+
 class Backend
 {
 	// page name
@@ -42,7 +44,7 @@ class Backend
 	/** @var array<string> */
 	public array $action_list = [
 		'action', 'action_id', 'action_sub_id', 'action_yes', 'action_flag',
-		'action_menu', 'action_value', 'action_error', 'action_loaded'
+		'action_menu', 'action_value', 'action_type', 'action_error', 'action_loaded'
 	];
 	/** @var string */
 	public string $action;
@@ -61,20 +63,31 @@ class Backend
 	/** @var string */
 	public string $action_value;
 	/** @var string */
+	public string $action_type;
+	/** @var string */
 	public string $action_error;
+
 	// ACL array variable if we want to set acl data from outisde
 	/** @var array<mixed> */
 	public array $acl = [];
 	/** @var int */
 	public int $default_acl;
+
 	// queue key
 	/** @var string */
 	public string $queue_key;
+
+	/** @var array<string> list of allowed types for edit log write */
+	private const WRITE_TYPES = ['BINARY', 'BZIP2', 'LZIP', 'STRING', 'SERIAL', 'JSON'];
+	/** @var array<string> list of available write types for log */
+	private array $write_types_available = [];
+
 	// the current active edit access id
 	/** @var int|null */
 	public int|null $edit_access_id;
 	/** @var string */
 	public string $page_name;
+
 	// error/warning/info messages
 	/** @var array<mixed> */
 	public array $messages = [];
@@ -84,6 +97,7 @@ class Backend
 	public bool $warning = false;
 	/** @var bool */
 	public bool $info = false;
+
 	// internal lang & encoding vars
 	/** @var string */
 	public string $lang_dir = '';
@@ -95,6 +109,7 @@ class Backend
 	public string $domain;
 	/** @var string */
 	public string $encoding;
+
 	/** @var \CoreLibs\Logging\Logging logger */
 	public \CoreLibs\Logging\Logging $log;
 	/** @var \CoreLibs\DB\IO database */
@@ -103,6 +118,7 @@ class Backend
 	public \CoreLibs\Language\L10n $l;
 	/** @var \CoreLibs\Create\Session session class */
 	public \CoreLibs\Create\Session $session;
+
 	// smarty publics [end processing in smarty class]
 	/** @var array<mixed> */
 	public array $DATA = [];
@@ -117,18 +133,20 @@ class Backend
 	/**
 	 * main class constructor
 	 *
-	 * @param \CoreLibs\DB\IO          $db      Database connection class
-	 * @param \CoreLibs\Logging\Logging  $log     Logging class
-	 * @param \CoreLibs\Create\Session $session Session interface class
-	 * @param \CoreLibs\Language\L10n  $l10n    l10n language class
-	 * @param int|null                 $set_default_acl_level Default ACL level
+	 * @param \CoreLibs\DB\IO           $db      Database connection class
+	 * @param \CoreLibs\Logging\Logging $log     Logging class
+	 * @param \CoreLibs\Create\Session  $session Session interface class
+	 * @param \CoreLibs\Language\L10n   $l10n    l10n language class
+	 * @param int|null                  $set_default_acl_level [default=null] Default ACL level
+	 * @param bool                      $init_action_vars [default=true] If the action vars should be set
 	 */
 	public function __construct(
 		\CoreLibs\DB\IO $db,
 		\CoreLibs\Logging\Logging $log,
 		\CoreLibs\Create\Session $session,
 		\CoreLibs\Language\L10n $l10n,
-		?int $set_default_acl_level = null
+		?int $set_default_acl_level = null,
+		bool $init_action_vars = true
 	) {
 		// attach db class
 		$this->db = $db;
@@ -151,9 +169,9 @@ class Backend
 		// set the page name
 		$this->page_name = \CoreLibs\Get\System::getPageName();

-		// set the action ids
-		foreach ($this->action_list as $_action) {
-			$this->$_action = $_POST[$_action] ?? '';
+		// NOTE: if any of the "action" vars are used somewhere, it is recommended to NOT set them here
+		if ($init_action_vars) {
+			$this->adbSetActionVars();
 		}

 		if ($set_default_acl_level === null) {
@@ -170,9 +188,12 @@ class Backend
 		}

 		// queue key
-		if (preg_match("/^(add|save|delete|remove|move|up|down|push_live)$/", $this->action)) {
+		if (preg_match("/^(add|save|delete|remove|move|up|down|push_live)$/", $this->action ?? '')) {
 			$this->queue_key = \CoreLibs\Create\RandomKey::randomKeyGen(3);
 		}
+
+		// check what edit log data write types are allowed
+		$this->adbSetEditLogWriteTypeAvailable();
 	}

 	/**
@@ -183,7 +204,26 @@ class Backend
 		// NO OP
 	}

-	// PUBLIC METHODS |=================================================>
+	// MARK: PRIVATE METHODS
+
+	/**
+	 * set the write types that are allowed
+	 *
+	 * @return void
+	 */
+	private function adbSetEditLogWriteTypeAvailable()
+	{
+		// check what edit log data write types are allowed
+		$this->write_types_available = self::WRITE_TYPES;
+		if (!function_exists('bzcompress')) {
+			$this->write_types_available = array_diff($this->write_types_available, ['BINARY', 'BZIP']);
+		}
+		if (!function_exists('gzcompress')) {
+			$this->write_types_available = array_diff($this->write_types_available, ['LZIP']);
+		}
+	}
+
+	// MARK: PUBLIC METHODS |=================================================>

 	/**
 	 * set internal ACL from login ACL
@@ -195,30 +235,95 @@ class Backend
 		$this->acl = $acl;
 	}

+	/**
+	 * Return current set ACL
+	 *
+	 * @return array<mixed>
+	 */
+	public function adbGetAcl(): array
+	{
+		return $this->acl;
+	}
+
+	/**
+	 * Set _POST action vars if needed
+	 *
+	 * @return void
+	 */
+	public function adbSetActionVars()
+	{
+		// set the action ids
+		foreach ($this->action_list as $_action) {
+			$this->$_action = $_POST[$_action] ?? '';
+		}
+	}
+
 	/**
 	 * writes all action vars plus other info into edit_log table
 	 *
-	 * @param  string              $event      any kind of event description,
-	 * @param  string|array<mixed> $data       any kind of data related to that event
-	 * @param  string              $write_type write type can bei STRING or BINARY
-	 * @param  string|null         $db_schema  override target schema
+	 * @param  string              $event [default='']        any kind of event description,
+	 * @param  string|array<mixed> $data [default='']         any kind of data related to that event
+	 * @param  string              $write_type [default=JSON] write type can be
+	 *                                                        JSON, STRING/SERIEAL, BINARY/BZIP or ZLIB
+	 * @param  string|null         $db_schema [default=null]  override target schema
 	 * @return void
 	 */
 	public function adbEditLog(
 		string $event = '',
 		string|array $data = '',
-		string $write_type = 'STRING',
+		string $write_type = 'JSON',
 		?string $db_schema = null
 	): void {
 		$data_binary = '';
 		$data_write = '';
-		if ($write_type == 'BINARY') {
-			$data_binary = $this->db->dbEscapeBytea((string)bzcompress(serialize($data)));
-			$data_write = 'see bzip compressed data_binary field';
+		// check if write type is valid, if not fallback to JSON
+		if (!in_array($write_type, $this->write_types_available)) {
+			$this->log->warning('Write type not in allowed array, fallback to JSON', context:[
+				"write_type" => $write_type,
+				"write_list" => $this->write_types_available,
+			]);
+			$write_type = 'JSON';
 		}
-		if ($write_type == 'STRING') {
-			$data_binary = '';
-			$data_write = $this->db->dbEscapeString(serialize($data));
+		switch ($write_type) {
+			case 'BINARY':
+			case 'BZIP':
+				$data_binary = $this->db->dbEscapeBytea((string)bzcompress(serialize($data)));
+				$data_write = Json::jsonConvertArrayTo([
+					'type' => 'BZIP',
+					'message' => 'see bzip compressed data_binary field'
+				]);
+				break;
+			case 'ZLIB':
+				$data_binary = $this->db->dbEscapeBytea((string)gzcompress(serialize($data)));
+				$data_write = Json::jsonConvertArrayTo([
+					'type' => 'ZLIB',
+					'message' => 'see zlib compressed data_binary field'
+				]);
+				break;
+			case 'STRING':
+			case 'SERIAL':
+				$data_binary = $this->db->dbEscapeBytea(Json::jsonConvertArrayTo([
+					'type' => 'SERIAL',
+					'message' => 'see serial string data field'
+				]));
+				$data_write = serialize($data);
+				break;
+			case 'JSON':
+				$data_binary = $this->db->dbEscapeBytea(Json::jsonConvertArrayTo([
+					'type' => 'JSON',
+					'message' => 'see json string data field'
+				]));
+				// must be converted to array
+				if (!is_array($data)) {
+					$data = ["data" => $data];
+				}
+				$data_write = Json::jsonConvertArrayTo($data);
+				break;
+			default:
+				$this->log->alert('Invalid type for data compression was set', context:[
+					"write_type" => $write_type
+				]);
+				break;
 		}

 		/** @var string $DB_SCHEMA check schema */
@@ -228,44 +333,62 @@ class Backend
 		} elseif (!empty($this->db->dbGetSchema())) {
 			$DB_SCHEMA = $this->db->dbGetSchema();
 		}
-		$q = "INSERT INTO " . $DB_SCHEMA . ".edit_log "
-			. "(euid, event_date, event, data, data_binary, page, "
-			. "ip, user_agent, referer, script_name, query_string, server_name, http_host, "
-			. "http_accept, http_accept_charset, http_accept_encoding, session_id, "
-			. "action, action_id, action_yes, action_flag, action_menu, action_loaded, action_value, action_error) "
-			. "VALUES "
-			. "(" . $this->db->dbEscapeString(isset($_SESSION['EUID']) && is_numeric($_SESSION['EUID']) ?
-				$_SESSION['EUID'] :
-				'NULL')
-			. ", "
-			. "NOW(), "
-			. "'" . $this->db->dbEscapeString((string)$event) . "', "
-			. "'" . $data_write . "', "
-			. "'" . $data_binary . "', "
-			. "'" . $this->db->dbEscapeString((string)$this->page_name) . "', "
-			. "'" . ($_SERVER["REMOTE_ADDR"] ?? '') . "', "
-			. "'" . $this->db->dbEscapeString($_SERVER['HTTP_USER_AGENT'] ?? '') . "', "
-			. "'" . $this->db->dbEscapeString($_SERVER['HTTP_REFERER'] ?? '') . "', "
-			. "'" . $this->db->dbEscapeString($_SERVER['SCRIPT_FILENAME'] ?? '') . "', "
-			. "'" . $this->db->dbEscapeString($_SERVER['QUERY_STRING'] ?? '') . "', "
-			. "'" . $this->db->dbEscapeString($_SERVER['SERVER_NAME'] ?? '') . "', "
-			. "'" . $this->db->dbEscapeString($_SERVER['HTTP_HOST'] ?? '') . "', "
-			. "'" . $this->db->dbEscapeString($_SERVER['HTTP_ACCEPT'] ?? '') . "', "
-			. "'" . $this->db->dbEscapeString($_SERVER['HTTP_ACCEPT_CHARSET'] ?? '') . "', "
-			. "'" . $this->db->dbEscapeString($_SERVER['HTTP_ACCEPT_ENCODING'] ?? '') . "', "
-			. ($this->session->getSessionId() === false ?
-				"NULL" :
-				"'" . $this->session->getSessionId() . "'")
-			. ", "
-			. "'" . $this->db->dbEscapeString($this->action) . "', "
-			. "'" . $this->db->dbEscapeString($this->action_id) . "', "
-			. "'" . $this->db->dbEscapeString($this->action_yes) . "', "
-			. "'" . $this->db->dbEscapeString($this->action_flag) . "', "
-			. "'" . $this->db->dbEscapeString($this->action_menu) . "', "
-			. "'" . $this->db->dbEscapeString($this->action_loaded) . "', "
-			. "'" . $this->db->dbEscapeString($this->action_value) . "', "
-			. "'" . $this->db->dbEscapeString($this->action_error) . "')";
-		$this->db->dbExec($q, 'NULL');
+		$q = <<<SQL
+		INSERT INTO {DB_SCHEMA}.edit_log (
+			euid, event_date, event, data, data_binary, page,
+			ip, user_agent, referer, script_name, query_string, server_name, http_host,
+			http_accept, http_accept_charset, http_accept_encoding, session_id,
+			action, action_id, action_yes, action_flag, action_menu, action_loaded,
+			action_value, action_type, action_error
+		) VALUES (
+			$1, NOW(), $2, $3, $4, $5,
+			$6, $7, $8, $9, $10, $11, $12,
+			$13, $14, $15, $16,
+			$17, $18, $19, $20, $21, $22,
+			$23, $24, $25
+		)
+		SQL;
+		$this->db->dbExecParams(
+			str_replace(
+				['{DB_SCHEMA}'],
+				[$DB_SCHEMA],
+				$q
+			),
+			[
+				// row 1
+				isset($_SESSION['EUID']) && is_numeric($_SESSION['EUID']) ?
+					$_SESSION['EUID'] : null,
+				(string)$event,
+				$data_write,
+				$data_binary,
+				(string)$this->page_name,
+				// row 2
+				$_SERVER["REMOTE_ADDR"] ?? '',
+				$_SERVER['HTTP_USER_AGENT'] ?? '',
+				$_SERVER['HTTP_REFERER'] ?? '',
+				$_SERVER['SCRIPT_FILENAME'] ?? '',
+				$_SERVER['QUERY_STRING'] ?? '',
+				$_SERVER['SERVER_NAME'] ?? '',
+				$_SERVER['HTTP_HOST'] ?? '',
+				// row 3
+				$_SERVER['HTTP_ACCEPT'] ?? '',
+				$_SERVER['HTTP_ACCEPT_CHARSET'] ?? '',
+				$_SERVER['HTTP_ACCEPT_ENCODING'] ?? '',
+				$this->session->getSessionId() !== false ?
+					$this->session->getSessionId() : null,
+				// row 4
+				$this->action ?? '',
+				$this->action_id ?? '',
+				$this->action_yes ?? '',
+				$this->action_flag ?? '',
+				$this->action_menu ?? '',
+				$this->action_loaded ?? '',
+				$this->action_value ?? '',
+				$this->action_type ?? '',
+				$this->action_error ?? '',
+			],
+			'NULL'
+		);
 	}

 	/**
@@ -515,16 +638,30 @@ class Backend
 		} elseif (!empty($this->db->dbGetSchema())) {
 			$DB_SCHEMA = $this->db->dbGetSchema();
 		}
-		$q = "INSERT INTO " . $DB_SCHEMA . ".live_queue ("
-			. "queue_key, key_value, key_name, type, target, data, group_key, action, associate, file"
-			. ") VALUES ("
-			. "'" . $this->db->dbEscapeString($queue_key) . "', '" . $this->db->dbEscapeString($key_value) . "', "
-			. "'" . $this->db->dbEscapeString($key_name) . "', '" . $this->db->dbEscapeString($type) . "', "
-			. "'" . $this->db->dbEscapeString($target) . "', '" . $this->db->dbEscapeString($data) . "', "
-			. "'" . $this->queue_key . "', '" . $this->action . "', "
-			. "'" . $this->db->dbEscapeString((string)$associate) . "', "
-			. "'" . $this->db->dbEscapeString((string)$file) . "')";
-		$this->db->dbExec($q);
+		$q = <<<SQL
+		INSERT INTO {DB_SCHEMA}.live_queue (
+			queue_key, key_value, key_name, type,
+			target, data, group_key, action, associate, file
+		) VALUES (
+			$1, $2, $3, $4,
+			$5, $6, $7, $8, $9, $10
+		)
+		SQL;
+		// $this->db->dbExec($q);
+		$this->db->dbExecParams(
+			str_replace(
+				['{DB_SCHEMA}'],
+				[$DB_SCHEMA],
+				$q
+			),
+			[
+				$queue_key, $key_value,
+				$key_name, $type,
+				$target, $data,
+				$this->queue_key, $this->action,
+				(string)$associate, (string)$file
+			]
+		);
 	}

 	/**
Author	SHA1	Message	Date
Clemens Schwaighofer	29982f90bc	Admin\Backend change non filled dat part comment the not filled data or data_binary part is a JSON with "type" set to the type that is used with a general message To decode try to read both sides if data = JSON + "type" and "message" set then data is in data_binary else data_binary holds the type on the left side	2024-10-16 16:45:13 +09:00
Clemens Schwaighofer	7cced63c4b	Update the Admin\Backend edit log call with query params and different data compressors All queries uses now Params On load checks for valid write types for edit log write, eg if bzip and lzip compression are avaiable adbEditLog: Also add JSON type encoding for data outside STRING/SERIAL and BINARY/BZIP (bzip compressed) Add ZLIB as altnerative to BZIP Add alert if invalid type was set Auto fallback to JSON if other write types are not available adbLiveQueue: Also convert the live queue query to a params style call	2024-10-16 16:21:51 +09:00
Clemens Schwaighofer	06c2ea5e0d	Admin\Backend: make sure we do not access unset ->action vars	2024-10-16 12:34:48 +09:00
Clemens Schwaighofer	2e9239ec23	Ingore node_modules/ folder	2024-10-16 12:18:51 +09:00
Clemens Schwaighofer	0c89840dba	Admin\Backend move _POST action read to sub function and trigger not auto loading it On default it still auto loads the _POST vars for backwards compatible, but add a load class flag to ignore it "init_action_vars" also add a get vor tha "acl" array adbGetAcl()	2024-10-16 12:15:19 +09:00