asked on

Problem reading file sections

Hi all.

I'm monitoring an installation on Windows using Advanced Uninstaller PRO. This software produces a log file like the following:

==========================================
Files and folders report
==========================================



Operation Added
Path C:\Program Files\CollabNet
---------------------------------------

Operation Added
Path C:\Program Files\CollabNet\
Name apr_ldap-1.dll
---------------------------------------

Operation Added
Path C:\Program Files\CollabNet\
Name changelog.txt
---------------------------------------

Operation Added
Path C:\Program Files\CollabNet\
Name diff.exe
---------------------------------------

Operation Added
Path C:\Program Files\CollabNet\
Name diff3.exe
---------------------------------------

Operation Added
Path C:\Program Files\CollabNet\
Name diff4.exe
--------------------------------------

etc...

==========================================
Registry report
==========================================



Operation Deleted
Key hkey_users\.DEFAULT\Software\Classes\Local Settings\MuiCache\1A
---------------------------------------

Operation Deleted
Key hkey_users\.DEFAULT\Software\Classes\Local Settings\MuiCache\1A\7F06864B
---------------------------------------

Operation Deleted
Key hkey_users\.DEFAULT\Software\Classes\Local Settings\MuiCache\1A\7F06864B
Value name @%ProgramFiles%\Windows Defender\MsMpRes.dll,-103
Data Windows Defender
---------------------------------------

==========================================
INI files report
==========================================

The program performed no INI file operations

Open in new window

Using Php, from this file I need to get two or three arrays: the first one with all paths with no file name specified (like C:\Program Files\CollabNet), the second one listing all files installed (C:\Program Files\CollabNet\changelog.txt, C:\Program Files\CollabNet\diff.exe and so on) and last the third array holding all registry keys affected ( hkey_users\.DEFAULT\Software\Classes\Local Settings\MuiCache\1A and so on).

So far I have written the following code:

$path = 'C:/xampp/htdocs/test/instLogs/';
$source = 'monitored_report.txt';
$destPaths = 'paths.txt';
$destKeys = 'keys.txt';
$paths = array();
$keys = array();
$f = file_get_contents($path . $source);
$f = str_replace("\r", "", $f);
preg_match_all('/(?<=(Operation Added)|(Operation changed))[^-]*(?=--+)/', $f, $matches);
foreach ($matches[0] as $value) {
  if (stristr($value, "Path")){
    preg_match_all("/(?<=Path\s).*$/m", $value, $p);
    foreach ($p[0] as $v) $p1 = $v;
    $p1 = preg_replace('/\sName\s/', '', $p1);
    if (!empty($p1)) array_push($paths, $p1);
  }elseif (stristr($value, "Key")){
    preg_match_all("/(?<=Key\s).*$/", $value, $p);
    foreach ($p[0] as $v) $p1 = $v;
    if (!empty($p1)) array_push($keys, $p1);
  }
}
$keys2 = array_unique($keys);
file_put_contents($path.$destPaths, print_r($paths, true));
file_put_contents($path.$destKeys, print_r($keys2, true));

Open in new window

This code works but with some problem: for instance I have some registry keys in the paths file and some path in registry keys file. So I thought to divide the file in two section using this:

preg_match("/(?<=Files\sand\sfolders\sreport).*(?=Registry\sreport(\=){42})/sm", $f, $m);

Open in new window

and

preg_match("/(?<=Registry\sreport).*(?=INI\sfiles\sreport(\=){42})/sm", $f, $m);

Open in new window

but these two expressions work in RegexBuddy but within the php script they return empty array.

Can someone give me some help, please?

Thanks to all in advance

Marco

ASKER CERTIFIED SOLUTION

Ray Paseur

membership

This solution is only available to members.

To access this solution, you must be a member of Experts Exchange.

Start Free Trial

Marco Gasi

ASKER

Hi Ray.
Thanks for your assistance. Unfortunately, your snippets works great for keys, but returns empty arrays for names and paths.

I has tried something like what you suggested but it seems that the conditions

if (substr($str,0,4) == 'Path')

and

if (substr($str,0,4) == 'Name')

result to be always false!

So I used stristr function but since the string 'Path' is present even in some key value and the string 'Key' is present in some path I get some wrong line.

Then I tried to use regex. So the proble now is: why (substr($str,0,4) == 'Name') doesn't work?

Marco Gasi

ASKER

The problem is with explode used with the file as it is formatted: it returns an array as following:
only one element which is a long long string and contains old Operation added Path name etc
one element for each registry key.

I checked the file with Notepad++ setting it to show all symbols and I saw that in the 'registry section' (let me call it this way) each line ends with CRLF whereas in the 'path section' where it lists installed files each line ends with CR only so PHP_EOL doesn't work... I go to try a thing

Marco Gasi

ASKER

Well, I got it!

Replacing PHP_EOL with "\r" (explode("\r", $dat);) it returns all data. Only a question: I expected to get correct values for path and names but explode function failed with keys since they are terminated with CRLF, that is "\r\n": why the simple "\r" works even against "\r\n"? If my question is not clear, just tell me and I'll try to make it more clear :)

Ray Paseur

PHP_EOL should be correct on all PHP machines, however when you move a file from Linux to Windows, edit it with Notepad++ or similar, etc., the end-of-line characters can get screwed up, and they wind up being "out of context." And the Windows DIRECTORY_SEPARATOR character unfortunately happens to be the PHP escape character. So there is always some tinkering and data normalization necessary to get to usable strings. That's why I like to use trim() a lot. ;-)

Marco Gasi

ASKER

Oh, and that's why you used

$str = str_replace("\\", DIRECTORY_SEPARATOR, $str);

which I didn't understand.

Thank you so mutch, Ray!

Cheers
Marco

Marco Gasi

ASKER

Thanks again, Ray :)

Ray Paseur

Thanks for the points! Best regards, ~Ray