From 5e09a594660ed710fc2345623cc16dd36e259405 Mon Sep 17 00:00:00 2001 From: e107steved Date: Sun, 7 Dec 2008 14:22:40 +0000 Subject: [PATCH] Admin logging for admin log, file manager, mailout - that's basically the core done --- e107_admin/admin_log.php | 128 ++++++++++-------- e107_admin/filemanager.php | 124 +++++++++++------ e107_admin/mailout.php | 88 ++++++------ .../English/admin/lan_log_messages.php | 30 +++- 4 files changed, 235 insertions(+), 135 deletions(-) diff --git a/e107_admin/admin_log.php b/e107_admin/admin_log.php index 2b3ae5345..3e69879c9 100644 --- a/e107_admin/admin_log.php +++ b/e107_admin/admin_log.php @@ -11,8 +11,8 @@ | GNU General Public License (http://gnu.org). | | $Source: /cvs_backup/e107_0.8/e107_admin/admin_log.php,v $ -| $Revision: 1.19 $ -| $Date: 2008-11-23 20:26:23 $ +| $Revision: 1.20 $ +| $Date: 2008-12-07 14:22:32 $ | $Author: e107steved $ | | Preferences: @@ -35,6 +35,16 @@ if (!getperms("S")) } // Main language file should automatically be loaded +// Load language files for log messages +include_lan(e_LANGUAGEDIR.e_LANGUAGE.'/admin/lan_log_messages.php'); //... for core functions +if (is_array($pref['logLanguageFile'])) //... and for any plugins which support it +{ + foreach($pref['logLanguageFile'] as $path => $file) + { + $file = str_replace('--LAN--',e_LANGUAGE,$file); + include_lan(e_PLUGIN.$path.'/'.$file); + } +} unset($qs); @@ -45,21 +55,53 @@ define ('AL_DATE_TIME_FORMAT', 'y-m-d H:i:s'); if (isset($_POST['setoptions'])) { - $pref['roll_log_active'] = intval($_POST['roll_log_active']); - $pref['roll_log_days'] = intval($_POST['roll_log_days']); - save_prefs(); - $message = RL_LAN_006 ; // "Options updated."; + unset($temp); + $temp['roll_log_active'] = intval($_POST['roll_log_active']); + $temp['roll_log_days'] = intval($_POST['roll_log_days']); + if ($admin_log->logArrayDiffs($temp, $pref, 'ADLOG_01')) + { + save_prefs(); // Only save if changes + $message = RL_LAN_006 ; // "Options updated."; + } } if (isset($_POST['setcommonoptions'])) { - $pref['sys_log_perpage'] = intval($_POST['sys_log_perpage']); - save_prefs(); - $message = RL_LAN_006 ; // "Options updated."; + unset($temp); + $temp['sys_log_perpage'] = intval($_POST['sys_log_perpage']); + if ($admin_log->logArrayDiffs($temp, $pref, 'ADLOG_01')) + { + save_prefs(); // Only save if changes + $message = RL_LAN_006 ; // "Options updated."; + } } +// User audit prefs +if (isset($_POST['setauditoptions'])) +{ + unset($temp); + $message = RL_LAN_063; + if (in_array((string)USER_AUDIT_LOGIN,$_POST['user_audit_opts'])) + { + $_POST['user_audit_opts'][] = USER_AUDIT_LOGOUT; + } + foreach ($_POST['user_audit_opts'] as $k => $v) + { + if (!is_numeric($v)) + { + unset($_POST['user_audit_opts'][$k]); + } + } + $temp['user_audit_opts'] = implode(',',$_POST['user_audit_opts']); + $temp['user_audit_class'] = intval($_POST['user_audit_class']); + if ($admin_log->logArrayDiffs($temp, $pref, 'ADLOG_04')) + { + save_prefs(); // Only save if changes + } +} + if (e_QUERY) { // Must explode after calling auth.php @@ -68,38 +110,28 @@ if (e_QUERY) $action = varset($qs[0],'adminlog'); -// Load language files for log messages -include_lan(e_LANGUAGEDIR.e_LANGUAGE.'/admin/lan_log_messages.php'); //... for core functions -if (is_array($pref['logLanguageFile'])) //... and for any plugins which support it -{ - foreach($pref['logLanguageFile'] as $path => $file) - { - $file = str_replace('--LAN--',e_LANGUAGE,$file); - include_lan(e_PLUGIN.$path.'/'.$file); - } -} // Delete comments if appropriate if (isset($_POST['deleteitems']) && ($action == 'comments')) { - $c_list = array(); - foreach ($_POST['del_item'] as $di) - { - if (intval($di) > 0) $c_list[] = '`comment_id`='.intval($di); - } - if ($count = $sql->db_Delete('comments',implode(' OR ',$c_list))) - { - $text = str_replace('--NUMBER--', $count,RL_LAN_112); - $admin_log->log_event('COMMENT_01','ID: '.implode(',',$_POST['del_item']),E_LOG_INFORMATIVE,''); - } - else - { - $text = RL_LAN_113; - } + $c_list = array(); + foreach ($_POST['del_item'] as $di) + { + if (intval($di) > 0) $c_list[] = '`comment_id`='.intval($di); + } + if ($count = $sql->db_Delete('comments',implode(' OR ',$c_list))) + { + $text = str_replace('--NUMBER--', $count,RL_LAN_112); + $admin_log->log_event('COMMENT_01','ID: '.implode(',',$_POST['del_item']),E_LOG_INFORMATIVE,''); + } + else + { + $text = RL_LAN_113; + } $ns -> tablerender(LAN_DELETE, "
".$text."
"); - unset($c_list); + unset($c_list); } @@ -151,12 +183,12 @@ if (($action == "backdel") && isset($_POST['backdeltype'])) case 'confdel' : $db_table = 'admin_log'; $db_name = RL_LAN_052; - $db_msg = 'LAN_ADMIN_LOG_002'; + $db_msg = "ADLOG_02"; break; case 'auditdel' : $db_table = 'audit_log'; $db_name = RL_LAN_053; - $db_msg = 'LAN_ADMIN_LOG_003'; + $db_msg = "ADLOG_03"; break; default : exit; // Someone fooling around! @@ -165,18 +197,19 @@ if (($action == "backdel") && isset($_POST['backdeltype'])) if ($del_count = $sql -> db_Delete($db_table,$qry)) { // Add in a log event - $message = $db_name.str_replace(array('--OLD--','--NUM--'),array($old_string,$del_count),RL_LAN_057); - $admin_log->log_event($db_msg,"db_Delete - earlier than {$old_string} (past {$qs[2]} days)
".$message.'
'.$db_table.' '.$qry, 4,'LOG_01'); + $message = $db_name.str_replace(array('--OLD--','--NUM--'),array($old_string,$del_count),RL_LAN_057); + $admin_log->log_event($db_msg,"db_Delete - earlier than {$old_string} (past {$qs[2]} days)[!br!]".$message.'[!br!]'.$db_table.' '.$qry, E_LOG_INFORMATIVE,''); } else { - $message = RL_LAN_054." : ".$sql->mySQLresult; + $message = RL_LAN_054." : ".$sql->mySQLresult; } } + if (isset($_POST['confirmcancelold'])) { - $message = RL_LAN_056; + $message = RL_LAN_056; } $action = "config"; unset($qs[1]); @@ -184,23 +217,10 @@ if (($action == "backdel") && isset($_POST['backdeltype'])) } -// User audit prefs -if (isset($_POST['setauditoptions'])) -{ - $message = RL_LAN_063; - if (in_array((string)USER_AUDIT_LOGIN,$_POST['user_audit_opts'])) - { - $_POST['user_audit_opts'][] = USER_AUDIT_LOGOUT; - } - $pref['user_audit_opts'] = implode(',',$_POST['user_audit_opts']); - $pref['user_audit_class'] = intval($_POST['user_audit_class']); - save_prefs(); -} - if (varsettrue($message)) { - $ns->tablerender("", "
$message
"); + $ns->tablerender("", "
$message
"); } diff --git a/e107_admin/filemanager.php b/e107_admin/filemanager.php index 13e0c2baa..e12f865e6 100644 --- a/e107_admin/filemanager.php +++ b/e107_admin/filemanager.php @@ -11,13 +11,14 @@ | GNU General Public License (http://gnu.org). | | $Source: /cvs_backup/e107_0.8/e107_admin/filemanager.php,v $ -| $Revision: 1.5 $ -| $Date: 2008-10-19 11:35:00 $ +| $Revision: 1.6 $ +| $Date: 2008-12-07 14:22:32 $ | $Author: e107steved $ +----------------------------------------------------------------------------+ */ require_once("../class2.php"); -if (!getperms("6")) { +if (!getperms("6")) +{ header("location:".e_BASE."index.php"); exit; } @@ -42,7 +43,8 @@ $imagedir = e_IMAGE."packs/".$imode."/filemanager/"; $path = str_replace("../", "", e_QUERY); -if (!$path) { +if (!$path) +{ $path = str_replace("../", "", $adchoice[0]); } @@ -58,70 +60,111 @@ if($path == "/") if (isset($_POST['deleteconfirm'])) { - foreach($_POST['deleteconfirm'] as $key=>$delfile) - { - // check for delete. - if (isset($_POST['selectedfile'][$key]) && isset($_POST['deletefiles'])) { - if (!$_POST['ac'] == md5(ADMINPWCHANGE)) { - exit; + $deleteList = array(); + $moveList = array(); + foreach($_POST['deleteconfirm'] as $key=>$delfile) + { + // check for delete. + if (isset($_POST['selectedfile'][$key]) && isset($_POST['deletefiles'])) + { + if (!$_POST['ac'] == md5(ADMINPWCHANGE)) + { + exit; + } + $destination_file = e_BASE.$delfile; + if (@unlink($destination_file)) + { + $message .= FMLAN_26." '".$destination_file."' ".FMLAN_27.".
"; + $deleteList[] = $destination_file; + } + else + { + $message .= FMLAN_28." '".$destination_file."'.
"; + } } - $destination_file = e_BASE.$delfile; - if (@unlink($destination_file)) { - $message .= FMLAN_26." '".$destination_file."' ".FMLAN_27.".
"; - } else { - $message .= FMLAN_28." '".$destination_file."'.
"; - } - } - // check for move to downloads or downloadimages. - if (isset($_POST['selectedfile'][$key]) && (isset($_POST['movetodls'])) ){ - $newfile = str_replace($path,"",$delfile); + // check for move to downloads or downloadimages. + if (isset($_POST['selectedfile'][$key]) && (isset($_POST['movetodls'])) ) + { + $newfile = str_replace($path,"",$delfile); - // Move file to whatever folder. - if (isset($_POST['movetodls'])){ - - $newpath = $_POST['movepath']; - - if (rename(e_BASE.$delfile,$newpath.$newfile)){ - $message .= FMLAN_38." ".$newpath.$newfile."
"; - } else { - $message .= FMLAN_39." ".$newpath.$newfile."
"; - $message .= (!is_writable($newpath)) ? $newpath.LAN_NOTWRITABLE : ""; + // Move file to whatever folder. + if (isset($_POST['movetodls'])) + { + $newpath = $_POST['movepath']; + if (rename(e_BASE.$delfile,$newpath.$newfile)) + { + $message .= FMLAN_38." ".$newpath.$newfile."
"; + $moveList[] = e_BASE.$delfile.'=>'.$newpath.$newfile; + } + else + { + $message .= FMLAN_39." ".$newpath.$newfile."
"; + $message .= (!is_writable($newpath)) ? $newpath.LAN_NOTWRITABLE : ""; + } } } } - } + if (count($deleteList)) + { + $admin_log->log_event('FILEMAN_01',implode('[!br!]',$deleteList),E_LOG_INFORMATIVE,''); + } + if (count($moveList)) + { + $admin_log->log_event('FILEMAN_02',implode('[!br!]',$moveList),E_LOG_INFORMATIVE,''); + } } -if (isset($_POST['upload'])) { - if (!$_POST['ac'] == md5(ADMINPWCHANGE)) { +if (isset($_POST['upload'])) +{ + if (!$_POST['ac'] == md5(ADMINPWCHANGE)) + { exit; } + $uploadList = array(); $pref['upload_storagetype'] = "1"; require_once(e_HANDLER."upload_handler.php"); $files = $_FILES['file_userfile']; - foreach($files['name'] as $key => $name) { - if ($files['size'][$key]) { + foreach($files['name'] as $key => $name) + { + if ($files['size'][$key]) + { $uploaded = file_upload(e_BASE.$_POST['upload_dir'][$key]); + $uploadList[] = $_POST['upload_dir'][$key].$uploaded[0]['name']; } } + if (count($uploadList)) + { + $admin_log->log_event('FILEMAN_03',implode('[!br!]',$uploadList),E_LOG_INFORMATIVE,''); + } } -if (isset($message)) { + + +if (isset($message)) +{ $ns->tablerender("", "
".$message."
"); } -if (strpos(e_QUERY, ".") && !is_dir(realpath(e_BASE.$path))){ + + +if (strpos(e_QUERY, ".") && !is_dir(realpath(e_BASE.$path))) +{ echo "

"; - if (!strpos(e_QUERY, "/")) { + if (!strpos(e_QUERY, "/")) + { $path = ""; - } else { + } + else + { $path = substr($path, 0, strrpos(substr($path, 0, -1), "/"))."/"; } } + + $files = array(); $dirs = array(); $path = explode("?", $path); @@ -129,7 +172,8 @@ $path = $path[0]; $path = explode(".. ", $path); $path = $path[0]; -if ($handle = opendir(e_BASE.$path)) { +if ($handle = opendir(e_BASE.$path)) +{ while (false !== ($file = readdir($handle))) { if ($file != "." && $file != "..") { diff --git a/e107_admin/mailout.php b/e107_admin/mailout.php index a3efc16f4..ba75419e4 100644 --- a/e107_admin/mailout.php +++ b/e107_admin/mailout.php @@ -11,9 +11,9 @@ | GNU General Public License (http://gnu.org). | | $Source: /cvs_backup/e107_0.8/e107_admin/mailout.php,v $ -| $Revision: 1.11 $ -| $Date: 2008-11-14 06:01:06 $ -| $Author: e107coders $ +| $Revision: 1.12 $ +| $Date: 2008-12-07 14:22:32 $ +| $Author: e107steved $ | | Work in progress - supplementary mailer plugin | @@ -154,18 +154,19 @@ if (isset($_POST['testemail']) && getperms("0")) } else { - $mailheader_e107id = USERID; - require_once(e_HANDLER."mail.php"); - $add = ($pref['mailer']) ? " (".strtoupper($pref['mailer']).")" : " (PHP)"; - $sendto = trim($_POST['testaddress']); - if (!sendemail($sendto, LAN_MAILOUT_113." ".SITENAME.$add, LAN_MAILOUT_114,LAN_MAILOUT_125)) - { - $message = ($pref['mailer'] == "smtp") ? LAN_MAILOUT_67 : LAN_MAILOUT_106; - } - else - { - $message = LAN_MAILOUT_81. "(".$sendto.")"; - } + $mailheader_e107id = USERID; + require_once(e_HANDLER."mail.php"); + $add = ($pref['mailer']) ? " (".strtoupper($pref['mailer']).")" : " (PHP)"; + $sendto = trim($_POST['testaddress']); + if (!sendemail($sendto, LAN_MAILOUT_113." ".SITENAME.$add, LAN_MAILOUT_114,LAN_MAILOUT_125)) + { + $message = ($pref['mailer'] == "smtp") ? LAN_MAILOUT_67 : LAN_MAILOUT_106; + } + else + { + $message = LAN_MAILOUT_81. "(".$sendto.")"; + $admin_log->log_event('MAIL_01',$sendto,E_LOG_INFORMATIVE,''); + } } } @@ -357,7 +358,8 @@ Table data: } } - $sql->db_Update('generic',"`gen_intdata`={$c} WHERE `gen_id`={$mail_text_id}"); + $sql->db_Update('generic',"`gen_intdata`={$c} WHERE `gen_id`={$mail_text_id}"); + $admin_log->log_event('MAIL_02','ID: '.$mail_text_id.' '.$c.'[!br!]'.$_POST['email_from_name']." <".$_POST['email_from_email'],E_LOG_INFORMATIVE,''); @@ -465,12 +467,13 @@ Table data: if (isset($_POST['updateprefs']) && getperms("0")) { - $pref['mailer'] = $_POST['mailer']; + unset($temp); + $temp['mailer'] = $_POST['mailer']; // Allow qmail as an option as well - works much as sendmail - if ((strpos($_POST['sendmail'],'sendmail') !== FALSE) || (strpos($_POST['sendmail'],'qmail') !== FALSE)) $pref['sendmail'] = $_POST['sendmail']; - $pref['smtp_server'] = $tp->toDB($_POST['smtp_server']); - $pref['smtp_username'] = $tp->toDB($_POST['smtp_username']); - $pref['smtp_password'] = $tp->toDB($_POST['smtp_password']); + if ((strpos($_POST['sendmail'],'sendmail') !== FALSE) || (strpos($_POST['sendmail'],'qmail') !== FALSE)) $temp['sendmail'] = $_POST['sendmail']; + $temp['smtp_server'] = $tp->toDB($_POST['smtp_server']); + $temp['smtp_username'] = $tp->toDB($_POST['smtp_username']); + $temp['smtp_password'] = $tp->toDB($_POST['smtp_password']); $smtp_opts = array(); switch (trim($_POST['smtp_options'])) @@ -488,25 +491,32 @@ if (isset($_POST['updateprefs']) && getperms("0")) if (varsettrue($_POST['smtp_keepalive'])) $smtp_opts[] = 'keepalive'; if (varsettrue($_POST['smtp_useVERP'])) $smtp_opts[] = 'useVERP'; - $pref['smtp_pop3auth'] = in_array('pop3auth',$smpt_opts); // This will go! - $pref['smtp_keepalive'] = $_POST['smtp_keepalive']; // This will go! + $temp['smtp_pop3auth'] = in_array('pop3auth',$smpt_opts); // This will go! + $temp['smtp_keepalive'] = $_POST['smtp_keepalive']; // This will go! - $pref['smtp_options'] = implode(',',$smtp_opts); + $temp['smtp_options'] = implode(',',$smtp_opts); - $pref['mail_pause'] = $_POST['mail_pause']; - $pref['mail_pausetime'] = $_POST['mail_pausetime']; - $pref['mail_bounce_email'] = $_POST['mail_bounce_email']; - $pref['mail_bounce_pop3'] = $_POST['mail_bounce_pop3']; - $pref['mail_bounce_user'] = $_POST['mail_bounce_user']; - $pref['mail_bounce_pass'] = $_POST['mail_bounce_pass']; - $pref['mail_bounce_type'] = $_POST['mail_bounce_type']; - $pref['mail_bounce_delete'] = $_POST['mail_bounce_delete']; + $temp['mail_pause'] = intval($_POST['mail_pause']); + $temp['mail_pausetime'] = intval($_POST['mail_pausetime']); + $temp['mail_bounce_email'] = $tp->toDB($_POST['mail_bounce_email']); + $temp['mail_bounce_pop3'] = $tp->toDB($_POST['mail_bounce_pop3']); + $temp['mail_bounce_user'] = $tp->toDB($_POST['mail_bounce_user']); + $temp['mail_bounce_pass'] = $tp->toDB($_POST['mail_bounce_pass']); + $temp['mail_bounce_type'] = $tp->toDB($_POST['mail_bounce_type']); + $temp['mail_bounce_delete'] = intval($_POST['mail_bounce_delete']); - $pref['mailout_enabled'] = implode(',',$_POST['mail_mailer_enabled']); - $pref['mail_log_options'] = intval($_POST['mail_log_option']).','.intval($_POST['mail_log_email']); + $temp['mailout_enabled'] = implode(',',$_POST['mail_mailer_enabled']); + $temp['mail_log_options'] = intval($_POST['mail_log_option']).','.intval($_POST['mail_log_email']); - save_prefs(); - $message = LAN_SETSAVED; + if ($admin_log->logArrayDiffs($temp, $pref, 'MAIL_03')) + { + save_prefs(); // Only save if changes + $message = LAN_SETSAVED; + } + else + { + $message = IMALAN_20; + } } @@ -571,7 +581,8 @@ function showMailouts($sub_par,$mail_id) case 'delete' : if ($sql->db_Select('generic','gen_datestamp',"`gen_datestamp`={$mail_id} AND `gen_type`='savemail'")) { - $message = $sql->db_Delete('generic',"`gen_datestamp`={$mail_id} AND (`gen_type`='sendmail' OR `gen_type`='savemail')") ? LAN_DELETED : LAN_DELETED_FAILED; + $message = $sql->db_Delete('generic',"`gen_datestamp`={$mail_id} AND (`gen_type`='sendmail' OR `gen_type`='savemail')") ? LAN_DELETED : LAN_DELETED_FAILED; + $admin_log->log_event('MAIL_04',$mail_id,E_LOG_INFORMATIVE,''); } else { // Should only happen if people fiddle! @@ -682,7 +693,8 @@ function showMailouts($sub_par,$mail_id) case 'orphans' : // Delete any orphaned emails if ($sql->db_Select('generic','gen_datestamp',"`gen_datestamp`={$mail_id} AND `gen_type`='sendmail'")) { - $message = $sql->db_Delete('generic',"`gen_datestamp`={$mail_id} AND `gen_type`='sendmail'") ? LAN_DELETED : LAN_DELETED_FAILED; + $message = $sql->db_Delete('generic',"`gen_datestamp`={$mail_id} AND `gen_type`='sendmail'") ? LAN_DELETED : LAN_DELETED_FAILED; + $admin_log->log_event('MAIL_04',$mail_i5,E_LOG_INFORMATIVE,''); } else { // Should only happen if people fiddle! diff --git a/e107_languages/English/admin/lan_log_messages.php b/e107_languages/English/admin/lan_log_messages.php index c0e3ae645..34c8492ea 100644 --- a/e107_languages/English/admin/lan_log_messages.php +++ b/e107_languages/English/admin/lan_log_messages.php @@ -1,6 +1,6 @@