How can I search logs from a graylog server with PHP?
Assume the graylog servers is https://host.td/api/search/universal/absolute
This solution is implemented in PHP:
$url = 'https://host.td/api/search/universal/absolute'
. '?query=' . urlencode('field:value') //query which you would also perform on UI
. '&from=' . urlencode(Carbon::createFromTimestamp(0)) // min timestamp so we get all logs
. '&to=' . urlencode(Carbon::createFromTimestamp(NumberUtils::MAX_32_BIT_INT)) // max timestamp so we get all logs
. '&limit=' . $this->limit //how many results do we want?
. '&fields=' . urlencode('field1,field2,field3') //which fields do we want?
. '&filter=' . urlencode('streams:<stream_id>') //OPTIONAL: only search in this stream
. '&sort=' . urlencode('field:desc') //sort result
. '&decorate=false'; //decorate parameter
$res = (new Client())->get($url, [
// generate a token on graylog UI;
// we use basic auth, username=the token; password: hard coded string 'token'
'auth' => ['<token_value>', 'token'],
'headers' => ['Accept' => 'application/json'] //we want a json result
]);
$json = \GuzzleHttp\json_decode($res->getBody());
If you want to sort by a timestamp you provided, don't call it timestamp since in this case graylog's timestamp is used, not yours. I ended up using a prefix on every field I am storing.
Related
I have a protected folder within Yii and I'm looking to display some of those images within the site. I've tried the following code and it works within the site/index controller in that it returns just the image I wanted.
However when I tried to separate the code it didn't work. Any help is appreciated.
Model
public function getImage() // will take file identifier as #param
{
$imageID = '2562584569'; // will eventually be dynamically assigned
$image = Images::model()->find('tmp_name=:id', array('id' => $imageID));
$dest = Yii::getPathOfAlias('application.uploads');
$file = $dest .'/' . $image->tmp_name . '.' . $image->extension;
if(file_exists($file)){
ob_clean();
header('Content-Type:' . $image->logo_type);
readfile($file);
exit;
}
}
And in the view
CHtml::link('<img src="' . Yii::app()->request->baseUrl .'/images/image" />', array('product/index', 'id'=>$data['product_id'], 'slug'=> $data['product_slug']));
Thanks
Jonnny
"protected" folder are not accessible from the client browser. This prevents people to have access to important files, like your source code.
If you want to store images inside "protected" and want them to be accessible, you need to publish them using CAssetManager.
Usage is something like:
$path = Yii::app()->basePath.'/path-inside-protected';
$yourImageUrl = Yii::app()->assetManager->publish($path);
Yii will then use the file as an asset, coping it to the "assets" folder, sibling to "protected". After that, you can just use the url returned on your HTML.
<img src="<?php echo $yourImageUrl ?>">
I went about it like this
CHtml::link('<img src="' . $this->createUrl('/images/image', array('data'=>$data['data'])) . '" />', array('product/index', 'id'=>$data['product_id'], 'slug'=> $data['product_slug']));
Model
public function actionImage($data)
{
$image = Images::model()->find('tmp_name=:data', array('id' => $data));
$dest = Yii::getPathOfAlias('application.uploads');
$file = $dest .'/' . $image->tmp_name . '.' . $image->extension;
if(file_exists($file)){
ob_clean();
header('Content-Type:' . $image->logo_type);
readfile($file);
exit;
}
}
Thanks for all help
I'm unittesting my Yii application with PHPUnit and Selenium-server.
Code:
class StartSurveyRedirectTest extends WebTestCase
{
public $fixtures=array(
'sessions'=>'SurveySession',
'surveys' => 'Survey',
);
public function testActive() {
$survey = $this->surveys('survey_active');
$user_id = 1;
$imid = 'nl1234-9876';
$this->open('veldwerk/survey/redirect?survey_id=' . $survey->survey_id .
'&user_id=' . $user_id .
'&imid=' . $imid .
'&' . $survey->security_parameter_name . '=' . $survey->getSecurityParameterValue()
);
//assert if redirected
$this->assertNotEquals($this->url(),TEST_BASE_URL .
'veldwerk/survey/redirect?survey_id=' . $survey->survey_id .
'&user_id=' . $user_id .
'&imid=' . $imid .
'&' . $survey->security_parameter_name . '=' . $survey->getSecurityParameterValue()
);
}
}
The result when I start the test:
There was 1 error:
1) StartSurveyRedirectTest::testActive
Method url not defined.
D:\workspace\Pi\framework\test\CWebTestCase.php:63
D:\workspace\Pi\protected\tests\functional\StartSurveyRedirectTest.php:27
D:\workspace\Pi\protected\tests\functional\StartSurveyRedirectTest.php:27
Caused by
BadMethodCallException: Method url not defined.
D:\workspace\Pi\framework\test\CWebTestCase.php:63
D:\workspace\Pi\protected\tests\functional\StartSurveyRedirectTest.php:27
D:\workspace\Pi\protected\tests\functional\StartSurveyRedirectTest.php:27
So what I really want to test is if the user has been redirected. I thought the easiest way was to check the URL but it turns out it doesn't work? While in the selenium docs and PHPUnit docs says it can..
Does the Yii framework does not support this? Or am I doing something wrong?
Instead of using url as a method, try it as a property:
$this->url
I'm at work now and am able to check this out. I think the proper code for PHPUnit with Selenium is:
$driver->getCurrentPageUrl();
So it is a method from the driver instance.
Turns out PHPUnit_Extensions_SeleniumTestCase_Driver is an ancestor class of WebTestCase the Yii class I extend in my test.
PHPUnit_Extensions_SeleniumTestCase_Driver implements the method getLocation() which holds the current browser url. This allows me to use $this->getLocation()
SeleniumTestCase_Driver class reference
The result of my code:
//assert if redirected
$this->assertNotEquals($this->getLocation(),TEST_BASE_URL .
'veldwerk/survey/redirect?survey_id=' . $survey->survey_id .
'&user_id=' . $user_id .
'&imid=' . $imid .
'&' . $survey->security_parameter_name . '=' . $survey->getSecurityParameterValue()
);
Hi I have this small code fragment from a web application built on ZEND framework that is not safe since 'name' is fetched from post request. Is there a standard ZEND way to prevent special symbols in $data? Like $where has the quoteInto.
$name = $this->_request->getParam('name');
// update query
$data = array(
'name' => $name
);
$where = array(
$users->getDbAdapter()->quoteInto('user_id = ?', $userId),
);
$users->update($data, $where);
This is safe from SQL injection. Zend_Db treats the array you pass to update() as an array of named parameters, so these values are escaped automatically.
Tim is correct if a bit terse. :)
The $data array in an update statment in Zend_Db is broken down into bound parameters. You can find the exact code in Zend_Db_Adapter_Abstract.
There are a number of procedures involved but the array ultimately ends up in this statement.
$set[] = $this->quoteIdentifier($col, true) . ' = ' . $val;
where your original array was $col => $val
then the SQL is created:
$sql = "UPDATE "
. $this->quoteIdentifier($table, true)
. ' SET ' . implode(', ', $set)
. (($where) ? " WHERE $where" : '');
It looks reasonably secure against SQL injection.
However you can always employ Zend_Filter_Input with Zend_Validate and Zend_Filter to really sanitize your input values.
I dont get this error, there is a row in database.
$tip = StringHelper::trimmer($_GET['tip']);
$sql = 'SELECT id FROM contact_reasons WHERE alias = "' . $tip . '"';
$model = ContactReasons::model()->findAllBySql( $sql );
die($model->id);
if(!is_null($model)) {
$this->render('kontakt', array(
'model' => $model,
));
} else {
$this->renderText('Tražena stranica ne postoji.');
}
I used debug to see if there is a response, and even used query on database, and it returns a row with ID. I get this error on line with die();
Please note that, findAllBySql returns an array of CActiveRecords, while findBySql returns a single CActiveRecord. You may also use parameter binding for your SQL statements to prevent SQL injection.
see also http://www.yiiframework.com/doc/api/1.1/CActiveRecord
i am trying to upload a local video to Facebook through the Graph API.
Here is an example from Facebook:
http://developers.facebook.com/blog/post/493/
That works nice, and i get an JSON response after submitting the from.
How can I get the respone ID, for use in, e.g. Javascript or directly as an GET-parameter on my server?
I don't want to upload the video on an public accessable server and then redirect the video upload to Facebook by using curl or something like that.
Has anyone an idea or an example of how i can get this to work?
Edit:
Here is the example i used:
<?php
$app_id = "YOUR_APP_ID";
$app_secret = "YOUR_APP_SECRET";
$my_url = "YOUR_POST_LOGIN_URL";
$video_title = "YOUR_VIDEO_TITLE";
$video_desc = "YOUR_VIDEO_DESCRIPTION";
$code = $_REQUEST["code"];
if(empty($code)) {
$dialog_url = "http://www.facebook.com/dialog/oauth?client_id="
. $app_id . "&redirect_uri=" . urlencode($my_url)
. "&scope=publish_stream";
echo("<script>top.location.href='" . $dialog_url . "'</script>");
}
$token_url = "https://graph.facebook.com/oauth/access_token?client_id="
. $app_id . "&redirect_uri=" . urlencode($my_url)
. "&client_secret=" . $app_secret
. "&code=" . $code;
$access_token = file_get_contents($token_url);
$post_url = "https://graph-video.facebook.com/me/videos?"
. "title=" . $video_title. "&description=" . $video_desc
. "&". $access_token;
echo '<form enctype="multipart/form-data" action=" '.$post_url.' "
method="POST">';
echo 'Please choose a file:';
echo '<input name="file" type="file">';
echo '<input type="submit" value="Upload" />';
echo '</form>';
?>
Taken from this page: http://developers.facebook.com/blog/post/493/
This is the whole response i get from the form (JSON response):
{
"id": "xxxxx19208xxxxx"
}
The problem is that the JSON response is inline in the page.
I thought to set a target in the form to an inline iframe but then i will not be able to access the JSON code.