make send-report an option for admin and customer (section: security)
Signed-off-by: Michael Kaufmann (d00p) <d00p@froxlor.org>
This commit is contained in:
Michael Kaufmann (d00p)
@@ -47,6 +47,22 @@ return array(
|
||||
'option_mode' => 'one',
|
||||
'option_options' => array(0 => $lng['serversettings']['systemdefault'], 1 => 'MD5', 2 => 'BLOWFISH', 3 => 'SHA-256', 4 => 'SHA-512'),
|
||||
'save_method' => 'storeSettingField',
|
||||
),
|
||||
'system_allow_error_report_admin' => array(
|
||||
'label' => $lng['serversettings']['allow_error_report_admin'],
|
||||
'settinggroup' => 'system',
|
||||
'varname' => 'allow_error_report_admin',
|
||||
'type' => 'bool',
|
||||
'default' => true, // TODO: will be false in final release
|
||||
'save_method' => 'storeSettingField',
|
||||
),
|
||||
'system_allow_error_report_customer' => array(
|
||||
'label' => $lng['serversettings']['allow_error_report_customer'],
|
||||
'settinggroup' => 'system',
|
||||
'varname' => 'allow_error_report_customer',
|
||||
'type' => 'bool',
|
||||
'default' => false,
|
||||
'save_method' => 'storeSettingField',
|
||||
)
|
||||
)
|
||||
)
|
||||
|
||||
@@ -322,7 +322,9 @@ if ($page == 'overview') {
|
||||
eval("echo \"" . getTemplate("index/change_theme") . "\";");
|
||||
}
|
||||
|
||||
} elseif ($page == 'send_error_report') {
|
||||
} elseif ($page == 'send_error_report'
|
||||
&& $settings['system']['allow_error_report_admin'] == '1'
|
||||
) {
|
||||
|
||||
// only show this if we really have an exception to report
|
||||
if (isset($_GET['errorid'])
|
||||
@@ -381,6 +383,7 @@ if ($page == 'overview') {
|
||||
|
||||
if ($_mailerror) {
|
||||
// error when reporting an error...LOLFUQ
|
||||
standard_error('send_report_error', $mailerr_msg);
|
||||
}
|
||||
|
||||
// finally remove error from fs
|
||||
|
||||
@@ -238,4 +238,83 @@ if ($page == 'overview') {
|
||||
|
||||
eval("echo \"" . getTemplate('index/change_theme') . "\";");
|
||||
}
|
||||
|
||||
} elseif ($page == 'send_error_report'
|
||||
&& $settings['system']['allow_error_report_customer'] == '1'
|
||||
) {
|
||||
|
||||
// only show this if we really have an exception to report
|
||||
if (isset($_GET['errorid'])
|
||||
&& $_GET['errorid'] != ''
|
||||
) {
|
||||
|
||||
$errid = $_GET['errorid'];
|
||||
// read error file
|
||||
$err_dir = makeCorrectDir(FROXLOR_INSTALL_DIR."/logs/");
|
||||
$err_file = makeCorrectFile($err_dir."/".$errid."_sql-error.log");
|
||||
|
||||
if (file_exists($err_file)) {
|
||||
|
||||
$error_content = file_get_contents($err_file);
|
||||
$error = explode("|", $error_content);
|
||||
|
||||
$_error = array(
|
||||
'code' => str_replace("\n", "", substr($error[1], 5)),
|
||||
'message' => str_replace("\n", "", substr($error[2], 4)),
|
||||
'file' => str_replace("\n", "", substr($error[3], 5 + strlen(FROXLOR_INSTALL_DIR))),
|
||||
'line' => str_replace("\n", "", substr($error[4], 5)),
|
||||
'trace' => str_replace(FROXLOR_INSTALL_DIR, "", substr($error[5], 6))
|
||||
);
|
||||
|
||||
// build mail-content
|
||||
$mail_body = "Dear froxlor-team,\n\n";
|
||||
$mail_body .= "the following error has been reported by a user:\n\n";
|
||||
$mail_body .= "-------------------------------------------------------------\n";
|
||||
$mail_body .= $_error['code'].' '.$_error['message']."\n\n";
|
||||
$mail_body .= "File: ".$_error['file'].':'.$_error['line']."\n\n";
|
||||
$mail_body .= "Trace:\n".trim($_error['trace'])."\n\n";
|
||||
$mail_body .= "-------------------------------------------------------------\n\n";
|
||||
$mail_body .= "Froxlor-version: ".$version."\n\n";
|
||||
$mail_body .= "End of report";
|
||||
$mail_html = str_replace("\n", "<br />", $mail_body);
|
||||
|
||||
// send actual report to dev-team
|
||||
if (isset($_POST['send'])
|
||||
&& $_POST['send'] == 'send'
|
||||
) {
|
||||
// send mail and say thanks
|
||||
$_mailerror = false;
|
||||
try {
|
||||
$mail->Subject = '[Froxlor] Error report by user';
|
||||
$mail->AltBody = $mail_body;
|
||||
$mail->MsgHTML($mail_html);
|
||||
$mail->AddAddress('error-reports@froxlor.org', 'Froxlor Developer Team');
|
||||
$mail->Send();
|
||||
} catch(phpmailerException $e) {
|
||||
$mailerr_msg = $e->errorMessage();
|
||||
$_mailerror = true;
|
||||
} catch (Exception $e) {
|
||||
$mailerr_msg = $e->getMessage();
|
||||
$_mailerror = true;
|
||||
}
|
||||
|
||||
if ($_mailerror) {
|
||||
// error when reporting an error...LOLFUQ
|
||||
standard_error('send_report_error', $mailerr_msg);
|
||||
}
|
||||
|
||||
// finally remove error from fs
|
||||
@unlink($err_file);
|
||||
redirectTo($filename, array('s' => $s));
|
||||
}
|
||||
// show a nice summary of the error-report
|
||||
// before actually sending anything
|
||||
eval("echo \"" . getTemplate("index/send_error_report") . "\";");
|
||||
|
||||
} else {
|
||||
redirectTo($filename, array('s' => $s));
|
||||
}
|
||||
} else {
|
||||
redirectTo($filename, array('s' => $s));
|
||||
}
|
||||
}
|
||||
|
||||
@@ -523,6 +523,8 @@ INSERT INTO `panel_settings` (`settinggroup`, `varname`, `value`) VALUES
|
||||
('system', 'passwordcryptfunc', '1'),
|
||||
('system', 'axfrservers', ''),
|
||||
('system', 'customer_ssl_path', '/etc/ssl/froxlor-custom/'),
|
||||
('system', 'allow_error_report_admin', '1'),
|
||||
('system', 'allow_error_report_customer', '0'),
|
||||
('panel', 'decimal_places', '4'),
|
||||
('panel', 'adminmail', 'admin@SERVERNAME'),
|
||||
('panel', 'phpmyadmin_url', ''),
|
||||
@@ -550,7 +552,7 @@ INSERT INTO `panel_settings` (`settinggroup`, `varname`, `value`) VALUES
|
||||
('panel', 'phpconfigs_hidestdsubdomain', '0'),
|
||||
('panel', 'allow_theme_change_admin', '1'),
|
||||
('panel', 'allow_theme_change_customer', '1'),
|
||||
('panel', 'version', '0.9.31-dev4');
|
||||
('panel', 'version', '0.9.31-dev5');
|
||||
|
||||
|
||||
DROP TABLE IF EXISTS `panel_tasks`;
|
||||
|
||||
@@ -2472,3 +2472,30 @@ if (isFroxlorVersion('0.9.31-dev3')) {
|
||||
|
||||
updateToVersion('0.9.31-dev4');
|
||||
}
|
||||
|
||||
if (isFroxlorVersion('0.9.31-dev4')) {
|
||||
|
||||
showUpdateStep("Updating from 0.9.31-dev4 to 0.9.31-dev5", true);
|
||||
lastStepStatus(0);
|
||||
|
||||
$update_error_report_admin = isset($_POST['update_error_report_admin']) ? (int)$_POST['update_error_report_admin'] : '1';
|
||||
$update_error_report_customer = isset($_POST['update_error_report_customer']) ? (int)$_POST['update_error_report_customer'] : '0';
|
||||
|
||||
showUpdateStep("Adding new error-reporting options");
|
||||
$ins_stmt = Database::prepare("
|
||||
INSERT INTO `".TABLE_PANEL_SETTINGS."` SET `settinggroup` = 'system', `varname` = :varname, `value` = :value
|
||||
");
|
||||
$params = array();
|
||||
// admins
|
||||
$params['varname'] = 'allow_error_report_admin';
|
||||
$params['value'] = $update_error_report_admin;
|
||||
Database::pexecute($ins_stmt, $params);
|
||||
// customer
|
||||
$params['varname'] = 'allow_error_report_customer';
|
||||
$params['value'] = $update_error_report_customer;
|
||||
Database::pexecute($ins_stmt, $params);
|
||||
|
||||
lastStepStatus(0);
|
||||
|
||||
updateToVersion('0.9.31-dev5');
|
||||
}
|
||||
|
||||
@@ -591,4 +591,14 @@ function parseAndOutputPreconfig(&$has_preconfig, &$return, $current_version)
|
||||
$question = '';
|
||||
eval("\$return.=\"" . getTemplate("update/preconfigitem") . "\";");
|
||||
}
|
||||
|
||||
if (versionInUpdate($current_version, '0.9.31-dev5')) {
|
||||
$has_preconfig = true;
|
||||
$description = 'You can enbable/disable error-reporting for admins and customers!<br />br />';
|
||||
$question = '<strong>Do you want to enable error-reporting for admins? (default: yes):</strong> ';
|
||||
$question.= makeyesno('update_error_report_admin', '1', '0', '1').'<br />';
|
||||
$question.= '<strong>Do you want to enable error-reporting for customers? (default: no):</strong> ';
|
||||
$question.= makeyesno('update_error_report_customer', '1', '0', '0');
|
||||
eval("\$return.=\"" . getTemplate("update/preconfigitem") . "\";");
|
||||
}
|
||||
}
|
||||
|
||||
@@ -294,7 +294,7 @@ class Database {
|
||||
* @param bool $showerror if set to false, the error will be logged but we go on
|
||||
*/
|
||||
private static function _showerror($error, $showerror = true) {
|
||||
global $theme, $linker;
|
||||
global $userinfo, $theme, $linker;
|
||||
|
||||
/**
|
||||
* log to a file, so we can actually ask people for the error
|
||||
@@ -330,7 +330,17 @@ class Database {
|
||||
// replace values
|
||||
$err_hint = str_replace("<TEXT>", $error->getMessage(), $err_hint);
|
||||
$err_hint = str_replace("<DEBUG>", $error->getTraceAsString(), $err_hint);
|
||||
$err_hint = str_replace("<LINK>", $linker->getLink(array('section' => 'index', 'page' => 'send_error_report', 'errorid' => $errid)), $err_hint);
|
||||
|
||||
$err_report_html = '';
|
||||
if (is_array($userinfo) && (
|
||||
($userinfo['adminsession'] == '1' && $settings['system']['allow_error_report_admin'] == '1')
|
||||
|| ($userinfo['adminsession'] == '0' && $settings['system']['allow_error_report_customer'] == '1'))
|
||||
) {
|
||||
$err_report_html = '<a href="<LINK>" title="Click here to report error">Report error</a>';
|
||||
$err_report_html = str_replace("<LINK>", $linker->getLink(array('section' => 'index', 'page' => 'send_error_report', 'errorid' => $errid)), $err_report_html);
|
||||
}
|
||||
$err_hint = str_replace("<REPORT>", $err_report_html, $err_hint);
|
||||
|
||||
// show
|
||||
die($err_hint);
|
||||
}
|
||||
|
||||
@@ -72,6 +72,6 @@ define('PACKAGE_LOCKED', 1);
|
||||
define('PACKAGE_ENABLED', 2);
|
||||
|
||||
// VERSION INFO
|
||||
$version = '0.9.31-dev4';
|
||||
$version = '0.9.31-dev5';
|
||||
$dbversion = '2';
|
||||
$branding = '';
|
||||
|
||||
@@ -1982,8 +1982,13 @@ $lng['error']['fcgidstillenableddeadlock'] = 'FCGID is currently active.<br />Pl
|
||||
$lng['error']['send_report_title'] = 'Send error report';
|
||||
$lng['error']['send_report_desc'] = 'Thank you for reporting this error and helping us to froxlor improve froxlor.<br />This is the email which will be sent to the froxlor developer team:';
|
||||
$lng['error']['send_report'] = 'Send report';
|
||||
$lng['error']['send_report_error'] = 'Error when sending report: <br />%s';
|
||||
$lng['error']['notallowedtouseaccounts'] = 'Your account does not allow using IMAP/POP3. You cannot add email accounts.';
|
||||
$lng['pwdreminder']['changed'] = 'Your password has been updated successfully. You can now login with your new password.';
|
||||
$lng['pwdreminder']['wrongcode'] = 'Sorry, your activation-code does not exist or has already expired.';
|
||||
$lng['admin']['templates']['LINK'] = 'Replaced with the customers password reset link.';
|
||||
$lng['pwdreminder']['choosenew'] = 'Set new password';
|
||||
$lng['serversettings']['allow_error_report_admin']['title'] = 'Allow administrators/resellers to report database-errors to Froxlor';
|
||||
$lng['serversettings']['allow_error_report_admin']['description'] = 'Please note: Never send any personal (customer-)data to us!';
|
||||
$lng['serversettings']['allow_error_report_customer']['title'] = 'Allow customers to report database-errors to Froxlor';
|
||||
$lng['serversettings']['allow_error_report_customer']['description'] = 'Please note: Never send any personal (customer-)data to us!';
|
||||
|
||||
@@ -1708,8 +1708,13 @@ $lng['error']['fcgidstillenableddeadlock'] = 'FCGID ist derzeit aktiviert.<br />
|
||||
$lng['error']['send_report_title'] = 'Fehler melden';
|
||||
$lng['error']['send_report_desc'] = 'Danke, dass Sie uns diesen Fehler melden und damit helfen Froxlor zu verbessern.<br />Folgender Bericht wird per Mail an das Froxlor Entwickler Team gesendet.';
|
||||
$lng['error']['send_report'] = 'Fehlerbericht senden';
|
||||
$lng['error']['send_report_error'] = 'Fehler beim Senden des Berichts: <br />%s';
|
||||
$lng['error']['notallowedtouseaccounts'] = 'Ihrem Konto ist die Nutzung von IMAP/POP3 nicht erlaubt, daher können keine E-Mail Konten angelegt werden';
|
||||
$lng['pwdreminder']['changed'] = 'Ihr Passwort wurde erfolgreich geändert. Sie können sich nun damit anmelden.';
|
||||
$lng['pwdreminder']['wrongcode'] = 'Der verwendete Aktivierungscode ist entweder nicht gültig oder bereits abgelaufen.';
|
||||
$lng['admin']['templates']['LINK'] = 'Wird mit dem Link zum Zurücksetzen des Passworts ersetzt.';
|
||||
$lng['pwdreminder']['choosenew'] = 'Neues Passwort auswählen';
|
||||
$lng['serversettings']['allow_error_report_admin']['title'] = 'Erlaube Administrator/Reseller das Melden von Datenbankfehlern an Froxlor';
|
||||
$lng['serversettings']['allow_error_report_admin']['description'] = 'Bitte beachten: Senden Sie zu keiner Zeit irgendwelche datenschutzrelevanten/persönliche (Kunden-)Daten an uns!';
|
||||
$lng['serversettings']['allow_error_report_customer']['title'] = 'Erlaube Kunden das Melden von Datenbankfehler an Froxlor';
|
||||
$lng['serversettings']['allow_error_report_customer']['description'] = 'Bitte beachten: Senden Sie zu keiner Zeit irgendwelche datenschutzrelevanten/persönliche (Kunden-)Daten an uns!';
|
||||
|
||||
@@ -36,7 +36,7 @@
|
||||
<a href="#" title="Click here to go back" id="historyback">Go back</a>
|
||||
</div>
|
||||
<div style="float:right;">
|
||||
<a href="<LINK>" title="Click here to report error">Report error</a>
|
||||
<REPORT>
|
||||
</div>
|
||||
<div style="clear:both;"></div>
|
||||
</aside>
|
||||
|
||||
2
templates/Sparkle/misc/dberrornice.tpl
vendored
2
templates/Sparkle/misc/dberrornice.tpl
vendored
@@ -39,7 +39,7 @@
|
||||
<a href="#" title="Click here to go back" id="historyback">Go back</a>
|
||||
</div>
|
||||
<div style="float:right;">
|
||||
<a href="<LINK>" title="Click here to report error">Report error</a>
|
||||
<REPORT>
|
||||
</div>
|
||||
<div style="clear:both;"></div>
|
||||
</aside>
|
||||
|
||||
Reference in New Issue
Block a user