mirror/php-e107
1
0
Fork 0
mirror of https://github.com/e107inc/e107.git synced 2025-08-05 14:17:49 +02:00
Code Issues Releases Wiki Activity

admin log code formatting, small improvement

Browse Source
This commit is contained in:
secretr
2009-09-10 19:08:36 +00:00
parent f3d41194be
commit 4fb453dd46
1 changed files with 283 additions and 267 deletions
Download Patch File Download Diff File Expand all files Collapse all files

256
e107_handlers/admin_log_class.php
View File

@@ -1,46 +1,44 @@
<?php <?php
/* /*
+ ----------------------------------------------------------------------------+ + ----------------------------------------------------------------------------+
| e107 website system | e107 website system
| |
| ?Steve Dunstan 2001-2002 | ?Steve Dunstan 2001-2002
| http://e107.org | http://e107.org
| jalist@e107.org | jalist@e107.org
| |
| Released under the terms and conditions of the | Released under the terms and conditions of the
| GNU General Public License (http://gnu.org). | GNU General Public License (http://gnu.org).
| |
| $Source: /cvs_backup/e107_0.8/e107_handlers/admin_log_class.php,v $ | $Source: /cvs_backup/e107_0.8/e107_handlers/admin_log_class.php,v $
| $Revision: 1.14 $ | $Revision: 1.15 $
| $Date: 2008-12-21 22:17:05 $ | $Date: 2009-09-10 19:08:36 $
| $Author: e107steved $ | $Author: secretr $
To do:
1. Do we need to check for presence of elements of debug_backtrace() to avoid notices?
2. Reflect possible DB structure changes once finalised
3. Ad user audit trail
+----------------------------------------------------------------------------+
*/
To do: if (!defined('e107_INIT'))
1. Do we need to check for presence of elements of debug_backtrace() to avoid notices? {
2. Reflect possible DB structure changes once finalised exit;
3. Ad user audit trail }
+----------------------------------------------------------------------------+
*/
if (!defined('e107_INIT')) { exit; }
/** /**
* Admin logging class. * Admin logging class.
* *
*/ */
class e_admin_log { class e_admin_log
{
/** /**
* Contains default class options, plus any that are overidden by the constructor * Contains default class options, plus any that are overidden by the constructor
* *
* @var array * @var array
*/ */
var $_options = array( var $_options = array('log_level'=>2, 'backtrace'=>false, );
'log_level' => 2,
'backtrace' => false,
);
var $rldb = NULL; // Database used by logging routine var $rldb = NULL; // Database used by logging routine
/** /**
@@ -49,9 +47,9 @@ class e_admin_log {
* @param array $options * @param array $options
* @return e_admin_log * @return e_admin_log
*/ */
function e_admin_log ($options = array()) function __construct($options = array())
{ {
foreach ($options as $key => $val) foreach ($options as $key=>$val)
{ {
$this->_options[$key] = $val; $this->_options[$key] = $val;
} }
@@ -68,32 +66,33 @@ class e_admin_log {
define("LOG_TO_ROLLING", 4); define("LOG_TO_ROLLING", 4);
// User audit logging (intentionally start at 10 - stick to 2 digits) // User audit logging (intentionally start at 10 - stick to 2 digits)
define('USER_AUDIT_ADMIN',10); // User data changed by admin define('USER_AUDIT_ADMIN', 10); // User data changed by admin
define('USER_AUDIT_SIGNUP',11); // User signed up define('USER_AUDIT_SIGNUP', 11); // User signed up
define('USER_AUDIT_EMAILACK',12); // User responded to registration email define('USER_AUDIT_EMAILACK', 12); // User responded to registration email
define('USER_AUDIT_LOGIN',13); // User logged in define('USER_AUDIT_LOGIN', 13); // User logged in
define('USER_AUDIT_LOGOUT',14); // User logged out define('USER_AUDIT_LOGOUT', 14); // User logged out
define('USER_AUDIT_NEW_DN',15); // User changed display name define('USER_AUDIT_NEW_DN', 15); // User changed display name
define('USER_AUDIT_NEW_PW',16); // User changed password define('USER_AUDIT_NEW_PW', 16); // User changed password
define('USER_AUDIT_NEW_EML',17); // User changed email define('USER_AUDIT_NEW_EML', 17); // User changed email
define('USER_AUDIT_PW_RES',18); // Password reset/resent activation email define('USER_AUDIT_PW_RES', 18); // Password reset/resent activation email
define('USER_AUDIT_NEW_SET',19); // User changed other settings define('USER_AUDIT_NEW_SET', 19); // User changed other settings
define('USER_AUDIT_ADD_ADMIN',20); // User added by admin define('USER_AUDIT_ADD_ADMIN', 20); // User added by admin
} }
/** /**
* Log an event to the core table * Alternative admin log entry point - compatible with legacy calls, and a bit simpler to use than the generic entry point.
* ($eventcode has been added - give it a reference to identify the source module, such as 'NEWS_12' or 'ECAL_03')
* We also log everything (unlike 0.7, where admin log and debug stuff were all mixed up together)
* *
* @param string $event_title * @param string $event_title
* @param string $event_detail * @param mixed $event_detail
* @param int $event_type Log level * @param integer $event_type [optional] Log level
* @param unknown $event_code [optional]
* @return e_admin_log
*/ */
// Alternative admin log entry point - compatible with legacy calls, and a bit simpler to use than the generic entry point. function log_event($event_title, $event_detail, $event_type = E_LOG_INFORMATIVE , $event_code = '')
// ($eventcode has been added - give it a reference to identify the source module, such as 'NEWS_12' or 'ECAL_03')
// We also log everything (unlike 0.7, where admin log and debug stuff were all mixed up together)
function log_event($event_title, $event_detail, $event_type = E_LOG_INFORMATIVE, $event_code='')
{ {
global $e107, $tp; global $e107,$tp;
if ($event_code == '') if ($event_code == '')
{ {
if (strlen($event_title) <= 10) if (strlen($event_title) <= 10)
@@ -106,16 +105,33 @@ class e_admin_log {
$event_code = 'ADMIN'; $event_code = 'ADMIN';
} }
} }
if($this->_options['backtrace'] == true) //SecretR - now supports DB array as event_detail (see e.g. db::db_Insert())
if (is_array($event_detail))
{
$tmp = array();
if (isset($event_detail['data']))
{
foreach ($event_detail as $v)
{
$tmp[] = $v;
}
}
$event_detail = implode(', ', $tmp);
unset($tmp);
}
if ($this->_options['backtrace'] == true)
{ {
$event_detail .= "\n\n".debug_backtrace(); $event_detail .= "\n\n".debug_backtrace();
} }
$this->e_log_event($event_type,-1,$event_code,$event_title,$event_detail,FALSE,LOG_TO_ADMIN); $this->e_log_event($event_type, -1, $event_code, $event_title, $event_detail, FALSE, LOG_TO_ADMIN);
return $this;
} }
/* /*
Generic log entry point Generic log entry point
----------------------- -----------------------
Example call: (Deliberately pick separators that shouldn't be in file names) Example call: (Deliberately pick separators that shouldn't be in file names)
e_log_event(E_LOG_NOTICE,__FILE__."|".__FUNCTION__."@".__LINE__,"ECODE","Event Title","explanatory message",FALSE,LOG_TO_ADMIN); e_log_event(E_LOG_NOTICE,__FILE__."|".__FUNCTION__."@".__LINE__,"ECODE","Event Title","explanatory message",FALSE,LOG_TO_ADMIN);
or: or:
@@ -137,36 +153,37 @@ Generic log entry point
LOG_TO_ADMIN - admin log LOG_TO_ADMIN - admin log
LOG_TO_AUDIT - audit log LOG_TO_AUDIT - audit log
LOG_TO_ROLLING - rolling log LOG_TO_ROLLING - rolling log
*/ */
function e_log_event($importance, $source_call, $eventcode = "GEN", $event_title="Untitled", $explain = "", $finished = FALSE, $target_logs = LOG_TO_AUDIT) function e_log_event($importance, $source_call, $eventcode = "GEN", $event_title = "Untitled", $explain = "", $finished = FALSE, $target_logs = LOG_TO_AUDIT )
{ {
global $pref, $e107, $tp; global $pref,$e107,$tp;
list($time_usec, $time_sec) = explode(" ", microtime()); // Log event time immediately to minimise uncertainty list($time_usec, $time_sec) = explode(" ", microtime()); // Log event time immediately to minimise uncertainty
$time_usec = $time_usec * 1000000; $time_usec = $time_usec * 1000000;
if ($this->rldb == NULL) $this->rldb = new db; // Better use our own db - don't know what else is going on if ($this->rldb == NULL)
$this->rldb = new db; // Better use our own db - don't know what else is going on
if (is_bool($target_logs)) if (is_bool($target_logs))
{ // Handle the legacy stuff for now - some old code used a boolean to select admin or rolling logs { // Handle the legacy stuff for now - some old code used a boolean to select admin or rolling logs
$target_logs = $target_logs ? LOG_TO_ADMIN : LOG_TO_ROLLING; $target_logs = $target_logs ? LOG_TO_ADMIN : LOG_TO_ROLLING;
} }
//--------------------------------------- //---------------------------------------
// Calculations common to all logs // Calculations common to all logs
//--------------------------------------- //---------------------------------------
$userid = (USER === TRUE) ? USERID : 0; $userid = (USER === TRUE) ? USERID : 0;
$userstring = ( USER === true ? USERNAME : "LAN_ANONYMOUS"); $userstring = (USER === true ? USERNAME : "LAN_ANONYMOUS");
$userIP = $e107->getip(); $userIP = $e107->getip();
$importance = $tp->toDB($importance,true,false,'no_html'); $importance = $tp->toDB($importance, true, false, 'no_html');
$eventcode = $tp->toDB($eventcode,true,false,'no_html'); $eventcode = $tp->toDB($eventcode, true, false, 'no_html');
if (is_array($explain)) if (is_array($explain))
{ {
$line = ''; $line = '';
$spacer = ''; $spacer = '';
foreach ($explain as $k => $v) foreach ($explain as $k=>$v)
{ {
$line .= $spacer.$k.'=>'.$v; $line .= $spacer.$k.'=>'.$v;
$spacer = '[!br!]'; $spacer = '[!br!]';
@@ -174,29 +191,26 @@ Generic log entry point
$explain = $line; $explain = $line;
unset($line); unset($line);
} }
$explain = mysql_real_escape_string($tp->toDB($explain,true,false,'no_html')); $explain = mysql_real_escape_string($tp->toDB($explain, true, false, 'no_html'));
$event_title = $tp->toDB($event_title,true,false,'no_html'); $event_title = $tp->toDB($event_title, true, false, 'no_html');
//---------------------------------------
//--------------------------------------- // Admin Log
// Admin Log //---------------------------------------
//---------------------------------------
if ($target_logs & LOG_TO_ADMIN) if ($target_logs & LOG_TO_ADMIN)
{ // Admin log - assume all fields valid { // Admin log - assume all fields valid
$qry = " 0, ".intval($time_sec).','.intval($time_usec).", '{$importance}', '{$eventcode}', {$userid}, '{$userIP}', '{$event_title}', '{$explain}' "; $qry = " 0, ".intval($time_sec).','.intval($time_usec).", '{$importance}', '{$eventcode}', {$userid}, '{$userIP}', '{$event_title}', '{$explain}' ";
$this->rldb->db_Insert("admin_log",$qry); $this->rldb->db_Insert("admin_log", $qry);
} }
//---------------------------------------
//--------------------------------------- // Audit Log
// Audit Log //---------------------------------------
//---------------------------------------
// Add in audit log here // Add in audit log here
//---------------------------------------
//--------------------------------------- // Rolling Log
// Rolling Log //---------------------------------------
//---------------------------------------
if (($target_logs & LOG_TO_ROLLING) && varsettrue($pref['roll_log_active'])) if (($target_logs & LOG_TO_ROLLING) && varsettrue($pref['roll_log_active']))
{ // Rolling log { // Rolling log
@@ -214,79 +228,83 @@ Generic log entry point
} }
} }
if (is_array($source_call)) if (is_array($source_call))
{ // Print the debug_backtrace() array { // Print the debug_backtrace() array
while ($i < $back_count) while ($i < $back_count)
{ {
$source_call[$i]['file'] = $e107->fix_windows_paths($source_call[$i]['file']); // Needed for Windoze hosts. $source_call[$i]['file'] = $e107->fix_windows_paths($source_call[$i]['file']); // Needed for Windoze hosts.
$source_call[$i]['file'] = str_replace($e107->file_path,"",$source_call[$i]['file']); // We really just want a e107 root-relative path. Strip out the root bit $source_call[$i]['file'] = str_replace($e107->file_path, "", $source_call[$i]['file']); // We really just want a e107 root-relative path. Strip out the root bit
$tmp = $source_call[$i]['file']."|".$source_call[$i]['class'].$source_call[$i]['type'].$source_call[$i]['function']."@".$source_call[$i]['line']; $tmp = $source_call[$i]['file']."|".$source_call[$i]['class'].$source_call[$i]['type'].$source_call[$i]['function']."@".$source_call[$i]['line'];
foreach ($source_call[$i]['args'] as $k => $v) foreach ($source_call[$i]['args'] as $k=>$v)
{ // Add in the arguments { // Add in the arguments
$explain .= "[!br!]".$k."=".$v; $explain .= "[!br!]".$k."=".$v;
} }
$i++; $i++;
if ($i < $back_count) $explain .= "[!br!]-------------------"; if ($i < $back_count)
if (!isset($tmp1)) $tmp1 = $tmp; // Pick off the immediate caller as the source $explain .= "[!br!]-------------------";
if (!isset($tmp1))
$tmp1 = $tmp; // Pick off the immediate caller as the source
} }
if (isset($tmp1)) $source_call = $tmp1; else $source_call = 'Root level'; if (isset($tmp1)) $source_call = $tmp1;
else $source_call = 'Root level';
} }
else else
{ {
$source_call = $e107->fix_windows_paths($source_call); // Needed for Windoze hosts. $source_call = $e107->fix_windows_paths($source_call); // Needed for Windoze hosts.
$source_call = str_replace($e107->file_path,"",$source_call); // We really just want a e107 root-relative path. Strip out the root bit $source_call = str_replace($e107->file_path, "", $source_call); // We really just want a e107 root-relative path. Strip out the root bit
$source_call = $tp->toDB($source_call,true,false,'no_html'); $source_call = $tp->toDB($source_call, true, false, 'no_html');
} }
// else $source_call is a string // else $source_call is a string
// Save new rolling log record // Save new rolling log record
$this->rldb->db_Insert("dblog","0, ".intval($time_sec).', '.intval($time_usec).", '{$importance}', '{$eventcode}', {$userid}, '{$userstring}', '{$userIP}', '{$source_call}', '{$event_title}', '{$explain}' "); $this->rldb->db_Insert("dblog", "0, ".intval($time_sec).', '.intval($time_usec).", '{$importance}', '{$eventcode}', {$userid}, '{$userstring}', '{$userIP}', '{$source_call}', '{$event_title}', '{$explain}' ");
// Now delete any old stuff // Now delete any old stuff
$this->rldb->db_Delete("dblog", "dblog_datestamp < '".intval(time() - (varset($pref['roll_log_days'],7)*86400))."' "); $this->rldb->db_Delete("dblog", "dblog_datestamp < '".intval(time() - (varset($pref['roll_log_days'], 7) * 86400))."' ");
} }
if ($finished) exit; // Optional abort for all logs if ($finished)
exit; // Optional abort for all logs
} }
//--------------------------------------
//-------------------------------------- // USER AUDIT ENTRY
// USER AUDIT ENTRY //--------------------------------------
//-------------------------------------- // $event_code is a defined constant (see above) which specifies the event
// $event_code is a defined constant (see above) which specifies the event // $event_data is an array of data fields whose keys and values are logged (usually user data, but doesn't have to be - can add messages here)
// $event_data is an array of data fields whose keys and values are logged (usually user data, but doesn't have to be - can add messages here) // $id and $u_name are left blank except for admin edits and user login, where they specify the id and login name of the 'target' user
// $id and $u_name are left blank except for admin edits and user login, where they specify the id and login name of the 'target' user
function user_audit($event_type, $event_data, $id = '', $u_name = '') function user_audit($event_type, $event_data, $id = '', $u_name = '')
{ {
global $e107, $tp, $pref; global $e107,$tp,$pref;
list($time_usec, $time_sec) = explode(" ", microtime()); // Log event time immediately to minimise uncertainty list($time_usec, $time_sec) = explode(" ", microtime()); // Log event time immediately to minimise uncertainty
$time_usec = $time_usec * 1000000; $time_usec = $time_usec * 1000000;
// See whether we should log this // See whether we should log this
$user_logging_opts = array_flip(explode(',',varset($pref['user_audit_opts'],''))); $user_logging_opts = array_flip(explode(',', varset($pref['user_audit_opts'], '')));
if (!isset($user_logging_opts[$event_type])) return; // Finished if not set to log this event type if (!isset($user_logging_opts[$event_type]))
return; // Finished if not set to log this event type
if ($this->rldb == NULL)
$this->rldb = new db; // Better use our own db - don't know what else is going on
if ($this->rldb == NULL) $this->rldb = new db; // Better use our own db - don't know what else is going on if ($id) $userid = $id;
else $userid = (USER === TRUE) ? USERID : 0;
if ($id) $userid = $id; else $userid = (USER === TRUE) ? USERID : 0; if ($u_name) $userstring = $u_name;
if ($u_name) $userstring = $u_name; else $userstring = ( USER === true ? USERNAME : "LAN_ANONYMOUS"); else $userstring = (USER === true ? USERNAME : "LAN_ANONYMOUS");
$userIP = $e107->getip(); $userIP = $e107->getip();
$eventcode = 'USER_'.$event_type; $eventcode = 'USER_'.$event_type;
$title = 'LAN_AUDIT_LOG_0'.$event_type; // This creates a string which will be displayed as a constant $title = 'LAN_AUDIT_LOG_0'.$event_type; // This creates a string which will be displayed as a constant
$spacer = ''; $spacer = '';
$detail = ''; $detail = '';
foreach ($event_data as $k => $v) foreach ($event_data as $k=>$v)
{ {
$detail .= $spacer.$k.'=>'.$v; $detail .= $spacer.$k.'=>'.$v;
$spacer = '<br />'; $spacer = '<br />';
} }
$this->rldb->db_Insert("audit_log","0, ".intval($time_sec).', '.intval($time_usec).", '{$eventcode}', {$userid}, '{$userstring}', '{$userIP}', '{$title}', '{$detail}' "); $this->rldb->db_Insert("audit_log", "0, ".intval($time_sec).', '.intval($time_usec).", '{$eventcode}', {$userid}, '{$userstring}', '{$userIP}', '{$title}', '{$detail}' ");
} }
function get_log_events($count = 15, $offset) function get_log_events($count = 15, $offset)
{ {
global $sql; global $sql;
@@ -294,7 +312,6 @@ Generic log entry point
return "Not implemented yet"; return "Not implemented yet";
} }
/** /**
* Removes all events older than $days, or truncates the table if $days == false * Removes all events older than $days, or truncates the table if $days == false
* *
@@ -303,7 +320,7 @@ Generic log entry point
function purge_log_events($days) function purge_log_events($days)
{ {
global $sql; global $sql;
if($days == false) if ($days == false)
{ // $days is false, so truncate the log table { // $days is false, so truncate the log table
$sql->db_Select_gen("TRUNCATE TABLE #dblog "); $sql->db_Select_gen("TRUNCATE TABLE #dblog ");
} }
@@ -316,9 +333,9 @@ Generic log entry point
} }
} }
//-------------------------------------- //--------------------------------------
// HELPER ROUTINES // HELPER ROUTINES
//-------------------------------------- //--------------------------------------
// Generic routine to log changes to an array. Only elements in $new are checked // Generic routine to log changes to an array. Only elements in $new are checked
// Returns true if changes, false otherwise. // Returns true if changes, false otherwise.
// Only makes log entry if changes detected. // Only makes log entry if changes detected.
@@ -326,7 +343,7 @@ Generic log entry point
function logArrayDiffs(&$new, &$old, $event) function logArrayDiffs(&$new, &$old, $event)
{ {
$changes = array(); $changes = array();
foreach ($new as $k => $v) foreach ($new as $k=>$v)
{ {
if ($v != $old[$k]) if ($v != $old[$k])
{ {
@@ -336,18 +353,17 @@ Generic log entry point
} }
if (count($changes)) if (count($changes))
{ {
$this->log_event($event,implode('[!br!]',$changes),E_LOG_INFORMATIVE,''); $this->log_event($event, implode('[!br!]', $changes), E_LOG_INFORMATIVE, '');
return TRUE; return TRUE;
} }
return FALSE; return FALSE;
} }
// Logs an entry with all the data from an array, one field per line. // Logs an entry with all the data from an array, one field per line.
// If $extra is non-empty, it goes on the first line. // If $extra is non-empty, it goes on the first line.
// Normally data is in the format keyname=>value, one per line. // Normally data is in the format keyname=>value, one per line.
// If the $niceName array exists and has a definition, the 'nice Name' is displayed instead of the key name // If the $niceName array exists and has a definition, the 'nice Name' is displayed instead of the key name
function logArrayAll($event, $target, $extra='', $niceNames = NULL) function logArrayAll($event, $target, $extra = '', $niceNames = NULL)
{ {
$logString = ''; $logString = '';
if ($extra) if ($extra)
@@ -356,7 +372,7 @@ Generic log entry point
} }
$spacer = ''; $spacer = '';
$checkNice = ($niceNames != NULL) && is_array($niceNames); $checkNice = ($niceNames != NULL) && is_array($niceNames);
foreach ($target as $k => $v) foreach ($target as $k=>$v)
{ {
if ($checkNice && isset($niceNames[$k]['niceName'])) if ($checkNice && isset($niceNames[$k]['niceName']))
{ {
@@ -368,7 +384,7 @@ Generic log entry point
} }
$spacer = '[!br!]'; $spacer = '[!br!]';
} }
$this->log_event($event,$logString,E_LOG_INFORMATIVE,''); $this->log_event($event, $logString, E_LOG_INFORMATIVE, '');
} }
} }