mirror/php-e107
1
0
Fork 0
mirror of https://github.com/e107inc/e107.git synced 2025-08-02 12:48:26 +02:00
Code Issues Releases Wiki Activity

User-Audit log failure fallback.

Browse Source
This commit is contained in:
Cameron
2016-06-06 13:25:16 -07:00
parent 4f97418b95
commit 01db7fff42
2 changed files with 19 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
e107_handlers/admin_log_class.php
View File

@@ -415,12 +415,23 @@ class e_admin_log
$time_usec = $time_usec * 1000000; $time_usec = $time_usec * 1000000;
if(!is_numeric($event_type))
{
$title = "User Audit Event-Type Failure: ";
$title .= (string) $event_type;
$debug = debug_backtrace(DEBUG_BACKTRACE_IGNORE_ARGS,4);
$debug[0] = e_REQUEST_URI;
$this->e_log_event(4, $debug[1]['file']."|".$debug[1]['function']."@".$debug[1]['line'], "USERAUDIT", $title, $debug, FALSE);
return false;
}
// See whether we should log this // See whether we should log this
$user_logging_opts = e107::getConfig()->get('user_audit_opts'); $user_logging_opts = e107::getConfig()->get('user_audit_opts');
if (!isset($user_logging_opts[$event_type])) // Finished if not set to log this event type if (!isset($user_logging_opts[$event_type])) // Finished if not set to log this event type
{ {
return; return false;
} }
if($this->rldb == null) if($this->rldb == null)
@@ -475,6 +486,7 @@ class e_admin_log
$this->rldb->insert("audit_log", $insertQry); $this->rldb->insert("audit_log", $insertQry);
return true;
// $this->rldb->insert("audit_log", "0, ".intval($time_sec).', '.intval($time_usec).", '{$eventcode}', {$userid}, '{$userstring}', '{$userIP}', '{$title}', '{$detail}' "); // $this->rldb->insert("audit_log", "0, ".intval($time_sec).', '.intval($time_usec).", '{$eventcode}', {$userid}, '{$userstring}', '{$userIP}', '{$title}', '{$detail}' ");
} }

9
e107_handlers/login.php
View File

@@ -336,6 +336,8 @@ class userlogin
protected function lookupUser($username, $forceLogin) protected function lookupUser($username, $forceLogin)
{ {
$pref = e107::getPref(); $pref = e107::getPref();
$log = e107::getLog();
$maxLength = varset($pref['loginname_maxlength'],30); $maxLength = varset($pref['loginname_maxlength'],30);
if(varset($pref['allowEmailLogin'])==1) // Email login only if(varset($pref['allowEmailLogin'])==1) // Email login only
@@ -347,7 +349,7 @@ class userlogin
if (!$forceLogin && (strlen($username) > $maxLength)) // Error - invalid username if (!$forceLogin && (strlen($username) > $maxLength)) // Error - invalid username
{ {
$auditLog = array('reason'=>'username longer than maxlength', 'maxlength'=> $maxLength, 'username'=>$username); $auditLog = array('reason'=>'username longer than maxlength', 'maxlength'=> $maxLength, 'username'=>$username);
e107::getAdminLog()->user_audit(USER_AUDIT_LOGIN, $auditLog, 0, $username); $log->user_audit(USER_AUDIT_LOGIN, $auditLog, 0, $username);
$this->invalidLogin($username,LOGIN_BAD_USERNAME); $this->invalidLogin($username,LOGIN_BAD_USERNAME);
return FALSE; return FALSE;
} }
@@ -357,7 +359,7 @@ class userlogin
if (e107::getDb()->select('user', '*', $query) !== 1) // Handle duplicate emails as well // Invalid user if (e107::getDb()->select('user', '*', $query) !== 1) // Handle duplicate emails as well // Invalid user
{ {
$auditLog = array('reason'=>'query failed to return a result', 'query'=>$query, 'username'=>$username); $auditLog = array('reason'=>'query failed to return a result', 'query'=>$query, 'username'=>$username);
e107::getAdminLog()->user_audit(USER_AUDIT_LOGIN, $auditLog, 0, $username); $log->user_audit(USER_AUDIT_LOGIN, $auditLog, 0, $username);
return $this->invalidLogin($username,LOGIN_BAD_USER); return $this->invalidLogin($username,LOGIN_BAD_USER);
} }
@@ -411,6 +413,7 @@ class userlogin
protected function checkUserPassword($username, $userpass, $response, $forceLogin) protected function checkUserPassword($username, $userpass, $response, $forceLogin)
{ {
$pref = e107::getPref(); $pref = e107::getPref();
$log = e107::getAdminLog();
if($forceLogin === 'provider') return true; if($forceLogin === 'provider') return true;
@@ -463,7 +466,7 @@ class userlogin
); );
e107::getAdminLog()->user_audit(USER_AUDIT_LOGIN, $auditLog, $this->userData['user_id'], $this->userData['user_name']); $log->user_audit(USER_AUDIT_LOGIN, $auditLog, $this->userData['user_id'], $this->userData['user_name']);
if (($pass_result = $this->userMethods->CheckPassword($userpass,($this->lookEmail ? $this->userData['user_loginname'] : $username),$requiredPassword)) === PASSWORD_INVALID) if (($pass_result = $this->userMethods->CheckPassword($userpass,($this->lookEmail ? $this->userData['user_loginname'] : $username),$requiredPassword)) === PASSWORD_INVALID)
{ {