1
Dave_L
Q&D Admin Log
  • 2006/2/15 0:00

  • Dave_L

  • XOOPS is my life!

  • Posts: 2277

  • Since: 2003/11/7


This is a quick and dirty way of logging admin actions. More specifically, it logs non-trivial database updates.

The intent is that if you encounter an unexpected change to your configuration, then you can use the log to help determine whether it was an accident, a malicious action, or a software bug.

I'm using this hack in 2.2.3a-final, but it's probably compatible with XOOPS 2.0.13.2.

1. Create the directory /uploads/log and make it writable. To protect the log files from access by web browsers, create the file /uploads/log/.htaccess with contents "Deny from all". If you're not using Apache, you'd need a different method for protecting the files.

2. Edit footer.php.

After:

$xoopsLogger->stopTime();
    if (
in_array(2$xoopsConfig['debug_mode']) && $xoopsUser && $xoopsUser->isAdmin($xoopsModule->getVar('mid'))) {
        echo 
$xoopsLogger->getSQLDebug();
    }


Insert:

#*#LOG_DB_UPDATES# - start
    
global $xoopsDB;
    
$protector_access_table $xoopsDB->prefix('protector_access');
    
$online_table           $xoopsDB->prefix('online');
    
$session_table          $xoopsDB->prefix('session');
    
$logfile   XOOPS_ROOT_PATH '/uploads/log/' date('Ymd') . '_sql.log';
    
$timestamp date('Y-m-d H:i:s');
    if (
is_object($xoopsUser)) {
        
$uid   $xoopsUser->getVar('uid');
        
$uname $xoopsUser->getVar('uname');
    } else {
        
$uid   0;
        
$uname '-';
    }
    foreach (
$xoopsLogger->queries as $logger_contexts) {
        foreach (
$logger_contexts as $query) {
            
$q trim($query['sql']);
            
$q_lower strtolower($q);
            if (
strpos($q_lower'select') !== 0
                
and !preg_match("/^(deletes+from|inserts+into|update)s+($protector_access_table|$online_table|$session_table)s+/"$q_lower)
            ) {
                
$q str_replace(array("n""r""t"), ' '$q);
                @
error_log("[$timestamp] [{$_SERVER['REMOTE_ADDR']}] [$uid] [$uname$qn"3$logfile);
            }
        }
    }
#*#LOG_DB_UPDATES# - end


Each line of the log includes the date/time, IP address, user ID, username and database query.

SELECT queries are not logged, nor are some of the more common database updates, such as changes to the online and session table.

A new log file is created each day, to make it easy to purge old log files.

Login

Who's Online

163 user(s) are online (88 user(s) are browsing Support Forums)


Members: 0


Guests: 163


more...

Donat-O-Meter

Stats
Goal: $100.00
Due Date: Nov 30
Gross Amount: $0.00
Net Balance: $0.00
Left to go: $100.00
Make donations with PayPal!

Latest GitHub Commits