This is a quick and dirty way of logging admin actions. More specifically, it logs non-trivial database updates.
The intent is that if you encounter an unexpected change to your configuration, then you can use the log to help determine whether it was an accident, a malicious action, or a software bug.
I'm using this hack in 2.2.3a-final, but it's probably compatible with XOOPS 2.0.13.2.
1. Create the directory /uploads/log and make it writable. To protect the log files from access by web browsers, create the file /uploads/log/.htaccess with contents "Deny from all". If you're not using Apache, you'd need a different method for protecting the files.
2. Edit footer.php.
After:
$xoopsLogger->stopTime();
if (in_array(2, $xoopsConfig['debug_mode']) && $xoopsUser && $xoopsUser->isAdmin($xoopsModule->getVar('mid'))) {
echo $xoopsLogger->getSQLDebug();
}
Insert:
#*#LOG_DB_UPDATES# - start
global $xoopsDB;
$protector_access_table = $xoopsDB->prefix('protector_access');
$online_table = $xoopsDB->prefix('online');
$session_table = $xoopsDB->prefix('session');
$logfile = XOOPS_ROOT_PATH . '/uploads/log/' . date('Ymd') . '_sql.log';
$timestamp = date('Y-m-d H:i:s');
if (is_object($xoopsUser)) {
$uid = $xoopsUser->getVar('uid');
$uname = $xoopsUser->getVar('uname');
} else {
$uid = 0;
$uname = '-';
}
foreach ($xoopsLogger->queries as $logger_contexts) {
foreach ($logger_contexts as $query) {
$q = trim($query['sql']);
$q_lower = strtolower($q);
if (strpos($q_lower, 'select') !== 0
and !preg_match("/^(deletes+from|inserts+into|update)s+($protector_access_table|$online_table|$session_table)s+/", $q_lower)
) {
$q = str_replace(array("n", "r", "t"), ' ', $q);
@error_log("[$timestamp] [{$_SERVER['REMOTE_ADDR']}] [$uid] [$uname] $qn", 3, $logfile);
}
}
}
#*#LOG_DB_UPDATES# - end
Each line of the log includes the date/time, IP address, user ID, username and database query.
SELECT queries are not logged, nor are some of the more common database updates, such as changes to the online and session table.
A new log file is created each day, to make it easy to purge old log files.