| ︙ | | | ︙ | |
808
809
810
811
812
813
814
815
816
817
818
819
820
821
822
823
824
825
826
827
828
829
830
831
832
833
834
835
836
837
838
839
840
841
842
843
844
845
846
847
848
|
/*
** WEBPAGE: errorlog
**
** Show the content of the error log. Only the administrator can view
** this page.
**
** y=0x01 Show only hack attempts
** y=0x02 Show only panics and assertion faults
** y=0x04 Show hung backoffice processes
** y=0x08 Show POST requests from a different origin
** y=0x10 Show SQLITE_AUTH and similar
** y=0x20 Show SMTP error reports
** y=0x40 Show other uncategorized messages
**
** If y is omitted or is zero, a count of the various message types is
** shown.
*/
void errorlog_page(void){
i64 szFile;
FILE *in;
char *zLog;
const char *zType = P("y");
static const int eAllTypes = 0x7f;
long eType = 0;
int bOutput = 0;
int prevWasTime = 0;
int nHack = 0;
int nPanic = 0;
int nOther = 0;
int nHang = 0;
int nXPost = 0;
int nAuth = 0;
int nSmtp = 0;
char z[10000];
char zTime[10000];
login_check_credentials();
if( !g.perm.Admin ){
login_needed(0);
return;
|
|
|
|
|
|
|
>
|
|
>
|
808
809
810
811
812
813
814
815
816
817
818
819
820
821
822
823
824
825
826
827
828
829
830
831
832
833
834
835
836
837
838
839
840
841
842
843
844
845
846
847
848
849
850
|
/*
** WEBPAGE: errorlog
**
** Show the content of the error log. Only the administrator can view
** this page.
**
** y=0x001 Show only hack attempts
** y=0x002 Show only panics and assertion faults
** y=0x004 Show hung backoffice processes
** y=0x008 Show POST requests from a different origin
** y=0x010 Show SQLITE_AUTH and similar
** y=0x020 Show SMTP error reports
** y=0x040 Show TH1 vulnerability reports
** y=0x800 Show other uncategorized messages
**
** If y is omitted or is zero, a count of the various message types is
** shown.
*/
void errorlog_page(void){
i64 szFile;
FILE *in;
char *zLog;
const char *zType = P("y");
static const int eAllTypes = 0x87f;
long eType = 0;
int bOutput = 0;
int prevWasTime = 0;
int nHack = 0;
int nPanic = 0;
int nOther = 0;
int nHang = 0;
int nXPost = 0;
int nAuth = 0;
int nSmtp = 0;
int nVuln = 0;
char z[10000];
char zTime[10000];
login_check_credentials();
if( !g.perm.Admin ){
login_needed(0);
return;
|
| ︙ | | | ︙ | |
915
916
917
918
919
920
921
922
923
924
925
926
927
928
|
if( eType & 0x10 ){
@ <li>SQLITE_AUTH and similar errors
}
if( eType & 0x20 ){
@ <li>SMTP malfunctions
}
if( eType & 0x40 ){
@ <li>Other uncategorized messages
}
@ </ul>
}
@ <hr>
if( eType ){
@ <pre>
|
>
>
>
|
917
918
919
920
921
922
923
924
925
926
927
928
929
930
931
932
933
|
if( eType & 0x10 ){
@ <li>SQLITE_AUTH and similar errors
}
if( eType & 0x20 ){
@ <li>SMTP malfunctions
}
if( eType & 0x40 ){
@ <li>TH1 vulnerabilities
}
if( eType & 0x800 ){
@ <li>Other uncategorized messages
}
@ </ul>
}
@ <hr>
if( eType ){
@ <pre>
|
| ︙ | | | ︙ | |
951
952
953
954
955
956
957
958
959
960
961
962
963
964
965
966
|
}else
if( sqlite3_strglob("SECURITY: authorizer blocks*",z)==0
|| sqlite3_strglob("warning: SQLITE_AUTH*",z)==0
){
bOutput = (eType & 0x10)!=0;
nAuth++;
}else
{
bOutput = (eType & 0x40)!=0;
nOther++;
}
if( bOutput ){
@ %h(zTime)\
}
}
if( strncmp(z, "--------", 8)==0 ){
|
>
>
>
>
|
|
956
957
958
959
960
961
962
963
964
965
966
967
968
969
970
971
972
973
974
975
|
}else
if( sqlite3_strglob("SECURITY: authorizer blocks*",z)==0
|| sqlite3_strglob("warning: SQLITE_AUTH*",z)==0
){
bOutput = (eType & 0x10)!=0;
nAuth++;
}else
if( strncmp(z,"possible", 8)==0 && strstr(z,"tainted")!=0 ){
bOutput = (eType & 0x40)!=0;
nVuln++;
}else
{
bOutput = (eType & 0x800)!=0;
nOther++;
}
if( bOutput ){
@ %h(zTime)\
}
}
if( strncmp(z, "--------", 8)==0 ){
|
| ︙ | | | ︙ | |
976
977
978
979
980
981
982
983
984
985
986
987
988
989
990
991
992
993
994
995
996
|
}
}
fclose(in);
if( eType ){
@ </pre>
}
if( eType==0 ){
int nNonHack = nPanic + nHang + nAuth + nSmtp + nOther;
int nTotal = nNonHack + nHack + nXPost;
@ <p><table border="a" cellspacing="0" cellpadding="5">
if( nPanic>0 ){
@ <tr><td align="right">%d(nPanic)</td>
@ <td><a href="./errorlog?y=2">Panics</a></td>
}
if( nHack>0 ){
@ <tr><td align="right">%d(nHack)</td>
@ <td><a href="./errorlog?y=1">Hack Attempts</a></td>
}
if( nHang>0 ){
@ <tr><td align="right">%d(nHang)</td>
@ <td><a href="./errorlog?y=4">Hung Backoffice</a></td>
|
|
>
>
>
>
|
985
986
987
988
989
990
991
992
993
994
995
996
997
998
999
1000
1001
1002
1003
1004
1005
1006
1007
1008
1009
|
}
}
fclose(in);
if( eType ){
@ </pre>
}
if( eType==0 ){
int nNonHack = nPanic + nHang + nAuth + nSmtp + nVuln + nOther;
int nTotal = nNonHack + nHack + nXPost;
@ <p><table border="a" cellspacing="0" cellpadding="5">
if( nPanic>0 ){
@ <tr><td align="right">%d(nPanic)</td>
@ <td><a href="./errorlog?y=2">Panics</a></td>
}
if( nVuln>0 ){
@ <tr><td align="right">%d(nVuln)</td>
@ <td><a href="./errorlog?y=64">TH1 Vulnerabilities</a></td>
}
if( nHack>0 ){
@ <tr><td align="right">%d(nHack)</td>
@ <td><a href="./errorlog?y=1">Hack Attempts</a></td>
}
if( nHang>0 ){
@ <tr><td align="right">%d(nHang)</td>
@ <td><a href="./errorlog?y=4">Hung Backoffice</a></td>
|
| ︙ | | | ︙ | |
1005
1006
1007
1008
1009
1010
1011
1012
1013
1014
1015
1016
1017
1018
1019
1020
1021
1022
1023
|
}
if( nSmtp>0 ){
@ <tr><td align="right">%d(nSmtp)</td>
@ <td><a href="./errorlog?y=32">SMTP faults</a></td>
}
if( nOther>0 ){
@ <tr><td align="right">%d(nOther)</td>
@ <td><a href="./errorlog?y=64">Other</a></td>
}
@ <tr><td align="right">%d(nTotal)</td>
if( nTotal>0 ){
@ <td><a href="./errorlog?y=255">All Messages</a></td>
}else{
@ <td>All Messages</td>
}
@ </table>
}
style_finish_page();
}
|
|
|
|
1018
1019
1020
1021
1022
1023
1024
1025
1026
1027
1028
1029
1030
1031
1032
1033
1034
1035
1036
|
}
if( nSmtp>0 ){
@ <tr><td align="right">%d(nSmtp)</td>
@ <td><a href="./errorlog?y=32">SMTP faults</a></td>
}
if( nOther>0 ){
@ <tr><td align="right">%d(nOther)</td>
@ <td><a href="./errorlog?y=2048">Other</a></td>
}
@ <tr><td align="right">%d(nTotal)</td>
if( nTotal>0 ){
@ <td><a href="./errorlog?y=4095">All Messages</a></td>
}else{
@ <td>All Messages</td>
}
@ </table>
}
style_finish_page();
}
|