Jump to:

23550 Posts in 19336 Topics by 2890 members

General Questions

SilverStripe Forums » General Questions » Scheduled Tasks and Admin Login

General questions about getting started with SilverStripe that don't fit in any of the categories above.

Moderators: martimiz, Sean, biapar, Willr, Ingo, swaiba, simon_w

Page: 1
Go to End
Author Topic: 3181 Views
  • azt3k
    Avatar
    Community Member
    9 Posts

    Scheduled Tasks and Admin Login Link to this post

    So I need to set up a scheduled task in silverstripe 2.4.5.

    I read through the documentation and extended DailyTask / HourlyTask etc - all fine.

    Called cli-script.php HourlyTask via ssh - worked fine.

    Set up a cron job with the command line as:

    php /path/to/site/sapphire/cli-script.php HourlyTask > /path/to/site/logs/logfile.log

    The command gets run and a log file is created only the contents of the log are this:

    Status: 302 OK
    X-Powered-By: PHP/5.2.5
    Content-Type: text/html; charset="utf-8"
    Location: /Security/login?BackURL=%2FHourlyTask

    Visiting the site at http://my.site.com/HourlyTask prompts for admin login - which is to be expected apparently.

    So I am having some user permissions problem I'm guessing. Looks like root via the cli doesn't need to log in to silverstripe to run the commands, but http and cron, which I guess runs as nobody do...

    So How do I authenticate or bypass authentication.

    I looked through these threads:
    http://silverstripe.org/general-questions/show/6960
    http://silverstripe.org/general-questions/show/13834
    http://silverstripe.org/general-questions/show/13053

    I have created an _ss_environment.php file with the $_FILE_TO_URL_MAPPING set and put this in my base directory - it made no difference

    I have tried using bash / sh / sake instead of php / cli-script.php - still the same problem

    I have tried using su to execute the command as a different user which works via the command line but fails to even produce a log file when done through cron. eg.

    su username -c '/bin/sh /path/to/my/site/sapphire/sake HourlyTask > /path/to/my/site/silverstripe-logs/silverstripe_hourlytask.log'

    Any other ideas??

  • azt3k
    Avatar
    Community Member
    9 Posts

    Re: Scheduled Tasks and Admin Login Link to this post

    Okay an Update to this....

    Tried going through ssh and setting up a crontab on root (i.e. SSH > Login as Root > crontab -e) rather than the user account that has the silverstripe install on it - Still same result.

    Tried "installing" sake and using it the crontab line - same result.

  • azt3k
    Avatar
    Community Member
    9 Posts

    Re: Scheduled Tasks and Admin Login Link to this post

    Okay, so I have gotten it to work, but not via a tidy or simple method, also my implementation of it is a bit messy, but at least it works...

    So I made an http wrapper for the scheduled task using curl called HourlyTask.php - It logs in to silverstripe, saves the cookies and then makes a request to my.site.com/ScheduledTask. I'm sure this could be made tidier by using CURLOPT_COOKIEJAR and CURLOPT_COOKIEFILE - however they were not working properly for some reason so I resorted to manually building a cookie var string. None of it is ideal, but it shouldn't be this complicated to begin with...

    /path/to/webroot/mysite/code/cron/HourlyTask.php

    //Authenticate
    $ch = curl_init();
    curl_setopt($ch,CURLOPT_URL,"http://my.site.com/Security/LoginForm");
    curl_setopt($ch,CURLOPT_POST,TRUE);
    curl_setopt($ch,CURLINFO_HEADER_OUT,TRUE);
    curl_setopt($ch,CURLOPT_RETURNTRANSFER,TRUE);
    curl_setopt($ch,CURLOPT_HEADER,TRUE);
    curl_setopt($ch,CURLOPT_POSTFIELDS,"Email=defaultAdmin&Password=defaultAdminPassword");
    $result1 = curl_exec($ch);
    $headers = preg_replace("/<html.*<\/html>/ims","",$result1);

    //Debug
    //print_r(curl_getinfo($ch));
    //print $headers;

    // Get the cookie vars
    $cookies = array();
    $headers = explode("\n",$headers);
    foreach($headers as $h){
       if(preg_match("/Set-Cookie: (.*)/",$h,$m)){
          $vars = explode(";",$m[1]);
          foreach($vars as $v){
             $pieces = explode("=",trim($v));
             $cookies[trim($pieces[0])] = trim($pieces[1]);
          }
       }
    }

    // Make Cookie String
    $cStr = "";
    foreach($cookies as $k => $v){
       $cStr.= $k."=".$v.";";
    }

    // Request
    curl_setopt($ch,CURLOPT_URL,"http://ss.abcdigital.co.nz/HourlyTask");
    curl_setopt($ch,CURLOPT_COOKIE, $cStr);
    curl_setopt($ch,CURLOPT_HEADER,FALSE);
    $result2 = curl_exec($ch);

    //Debug
    //print_r(curl_getinfo($ch));
    //print preg_replace("/<html.*<\/html>/ims","",$result2);

    //Close Session
    curl_close($ch);

    //Output Result
    print $result2;

    I then set up an entry in crontab

    0 * * * * php /path/to/webroot/mysite/code/cron/HourlyTask.php > /path/to/webroot/silverstripe-logs/silverstripe_hourlytask.log

    and it works...

  • swaiba
    Avatar
    Forum Moderator
    1796 Posts

    Re: Scheduled Tasks and Admin Login Link to this post

    I have several cron jobs - I'm curious what is the advantage of doing this to essentially just run a php script? or a page like dev/build (not in the site tree, but can be run when logged in as admin)? or as a page that requires http auth? or a page that requires a spcific GET/POST vars to run?

    Do you have some control within the CMS to turn on/off? Is it more secure?

  • azt3k
    Avatar
    Community Member
    9 Posts

    Re: Scheduled Tasks and Admin Login Link to this post

    As far as I'm aware the only advantage of using a ScheduledTask over an autonomous php script is that it works within the silverstripe frame work - so you have access to all your DataObjects, Controllers etc. Its theoretically what you should use when setting up a task in silverstripe.

    Also ScheduledTasks have some predefined behaviour i.e. there are a number of child objects like DailyTask and HourlyTask - so when you extend off of them you can for example call DailyTask (http://my.site.com/DailyTask || php cli-script.php DailyTask || bash sake DailyTask) and it runs all of the daily tasks - i.e. every child class of DailyTask

    Strictly speaking you shouldn't have to deal with authentication like this for cron jobs - unless that's part of the actual script. Tasks really shouldn't prompt for authentication when being run from cron - I'm sure I must be missing something obvious, because this seems like a glaring flaw and my solution is a bit of a hack at best.

    More secure? - well I guess its more secure in the sense that it has authentication - but only in the sense that a 3rd party can't run ur tasks through a web browser with out admin access - I'd be happier if the tasks weren't mapped to a url that could be accessed by anyone and when called by sake or cli-script.php bypassed authentication.

    Control? - no control to turn them on / off via the CMS - but there are SS modules that allow you to do that (I haven't tried them and can't comment on how well they work or if the tasks need to be set up as a child class of ScheduledTask)

    You could use my script to access any page that requires authentication through curl, but I only resorted to using that method because I had already written the cron script as an extension of HourlyTask and nothing else was working for me.

  • Jarek
    Avatar
    Community Member
    30 Posts

    Re: Scheduled Tasks and Admin Login Link to this post

    Task authentication can be omitted by small modification of CliController:

       function init() {
          parent::init();
          // Unless called from the command line, all CliControllers need ADMIN privileges
          if(!Director::is_cli() && !Permission::check("ADMIN") && $_SERVER['REMOTE_ADDR'] != $_SERVER['SERVER_ADDR']) {
             return Security::permissionFailure();
          }
       }

    Third condition checks if caller address is not equal to address of page server. Safer condition is $_SERVER['REMOTE_ADDR'] != 'xx.xx.xx.xx(server IP)';

  • BenWu
    Avatar
    Community Member
    90 Posts

    Re: Scheduled Tasks and Admin Login Link to this post

    Works very well. thanks a lot azt3k. I try to use the Lucent plugin to index the website for search daily and tried to find out how to use wget to index the file. Your codes work perfectly for me.

  • BenWu
    Avatar
    Community Member
    90 Posts

    Re: Scheduled Tasks and Admin Login Link to this post

    found this https://github.com/nyeholt/silverstripe-queuedjobs/issues/2

    instead of

    sudo -u webaccount php sapphire/cli-script.php /dev/tasks/ProcessJobQueueTask

    you need to run

    sudo -u webaccount php-cli sapphire/cli-script.php /dev/tasks/ProcessJobQueueTask

    that way, you don't have to hack around and expose your admin's password!

    3181 Views
Page: 1
Go to Top

Want to know more about the company that brought you SilverStripe? Then check out SilverStripe.com

Comments on this website? Please give feedback.