adding logging
This commit is contained in:
jakani24
@@ -171,6 +171,7 @@ include "perms_functions.php";
|
||||
echo '<div class="alert alert-success" role="alert">
|
||||
User added successfully!
|
||||
</div>';
|
||||
log_action("USER::ADD::SUCCESS","User ".$_SESSION["username"]." added another user ($username).",$_SESSION["id"]);
|
||||
}
|
||||
}elseif($block==1){
|
||||
echo '<div class="alert alert-danger" role="alert">
|
||||
|
||||
@@ -37,12 +37,15 @@ if ($conn->connect_error) {
|
||||
include "client_settings_functions.php";
|
||||
if(isset($_GET["update"])){
|
||||
safe_settings();
|
||||
log_action("CLIENT_SETTINGS::UPDATE::SUCCESS","User ".$_SESSION["username"]." updated some client settings.",$_SESSION["id"]);
|
||||
}
|
||||
if(isset($_GET["delete"])){
|
||||
delete_item($_GET["db"],$_GET["delete"]);
|
||||
log_action("CLIENT_SETTINGS::DELETE::SUCCESS","User ".$_SESSION["username"]." deleted some client settings.",$_SESSION["id"]);
|
||||
}
|
||||
if(isset($_GET["add"])){
|
||||
add_item($_GET["add"],$_GET["value"],$_GET["field"]);
|
||||
log_action("CLIENT_SETTINGS::ADD::SUCCESS","User ".$_SESSION["username"]." added some client settings.",$_SESSION["id"]);
|
||||
}
|
||||
load_settings();
|
||||
|
||||
|
||||
@@ -99,12 +99,15 @@ async function add_item(db,element_id1,field1,element_id2,field2){ //we have two
|
||||
include "database_settings_functions.php";
|
||||
if(isset($_GET["update"])){
|
||||
safe_settings($_GET["db"]);
|
||||
log_action("DB_SETTINGS::UPDATE::SUCCESS","User ".$_SESSION["username"]." updated the database settings.",$_SESSION["id"]);
|
||||
}
|
||||
if(isset($_GET["delete"])){
|
||||
delete_item($_GET["db"],$_GET["delete"]);
|
||||
log_action("DB_SETTINGS::DELETE::SUCCESS","User ".$_SESSION["username"]." deleted some database settings.",$_SESSION["id"]);
|
||||
}
|
||||
if(isset($_GET["add"])){
|
||||
add_item($_GET["add"],$_GET["value1"],$_GET["field1"],$_GET["value2"],$_GET["field2"]);
|
||||
log_action("DB_SETTINGS::ADD::SUCCESS","User ".$_SESSION["username"]." added some database settings.",$_SESSION["id"]);
|
||||
}
|
||||
?>
|
||||
<div class="container mt-5">
|
||||
|
||||
@@ -94,7 +94,7 @@ $filter_query = "&loglevel=$loglevel&logtext=$logtext&machine_id=$machine_id&tim
|
||||
echo '<div class="alert alert-success" role="alert">
|
||||
Log export finished. <a href="/export/cyberhex_log_export.csv" download>Download export</a>
|
||||
</div>';
|
||||
|
||||
log_action("LOG::ENTRY::EXPORT::SUCCESS","User ".$_SESSION["username"]." exported the log.",$_SESSION["id"]);
|
||||
}
|
||||
|
||||
//now display the normal page
|
||||
|
||||
@@ -192,11 +192,6 @@ include "perms_functions.php";
|
||||
die("Connection failed: " . $conn->connect_error);
|
||||
}
|
||||
|
||||
$conn = new mysqli($DB_SERVERNAME, $DB_USERNAME, $DB_PASSWORD,$DB_DATABASE);
|
||||
if ($conn->connect_error) {
|
||||
$success=0;
|
||||
die("Connection failed: " . $conn->connect_error);
|
||||
}
|
||||
$stmt = $conn->prepare("UPDATE users set email=?, username=?,perms=? WHERE id=?");
|
||||
$stmt->bind_param("sssi", $m_email, $m_username, $m_permissions,$m_userid);
|
||||
|
||||
@@ -210,6 +205,7 @@ include "perms_functions.php";
|
||||
//echo '<div class="alert alert-success" role="alert">
|
||||
// User updated successfully!
|
||||
// </div>';
|
||||
log_action("PROFILE::UPDATE::SUCCESS","User ".$_SESSION["username"]." updated another users profile ($m_username).",$_SESSION["id"]);
|
||||
echo("<script>location.href='user_list.php'; </script>");
|
||||
}elseif($block==1){
|
||||
echo '<div class="alert alert-danger" role="alert">
|
||||
|
||||
@@ -298,16 +298,19 @@ $email = $_SESSION["email"];
|
||||
$stmt->execute();
|
||||
$stmt->close();
|
||||
$conn->close();
|
||||
log_action("PASSWD::CHANGE::SUCCESS","User ".$_SESSION["username"]." changed his password.",$_SESSION["id"]);
|
||||
echo '<br><div class="alert alert-success" role="alert">
|
||||
Information updated successfully!
|
||||
</div>';
|
||||
|
||||
} else {
|
||||
log_action("PASSWD::CHANGE::FAILURE","User ".$_SESSION["username"]." tried to change his password but failed due to wrong password.",$_SESSION["id"]);
|
||||
echo '<div class="alert alert-danger" role="alert">
|
||||
Incorrect password.
|
||||
</div>';
|
||||
}
|
||||
} else {
|
||||
log_action("PASSWD::CHANGE::FAILURE","User ".$_SESSION["username"]." tried to change his password but failed due to wrong password.",$_SESSION["id"]);
|
||||
echo '<div class="alert alert-danger" role="alert">
|
||||
Incorrect password.
|
||||
</div>';
|
||||
|
||||
@@ -128,6 +128,7 @@ if ($_SERVER["REQUEST_METHOD"] == "POST") {
|
||||
</form>
|
||||
<?php
|
||||
if(isset($_GET["update"])){
|
||||
log_action("PROFILE::UPDATE::SUCCESS","User ".$_SESSION["username"]." updated his profile.",$_SESSION["id"]);
|
||||
echo '<br><div class="alert alert-success" role="alert">
|
||||
Information updated successfully!
|
||||
</div>';
|
||||
|
||||
@@ -34,12 +34,15 @@ if ($conn->connect_error) {
|
||||
include "client_settings_functions.php";
|
||||
if(isset($_GET["update"])){
|
||||
safe_settings();
|
||||
log_action("SERVER_SETTINGS::UPDATE::SUCCESS","User ".$_SESSION["username"]." updated some server settings.",$_SESSION["id"]);
|
||||
}
|
||||
if(isset($_GET["delete"])){
|
||||
delete_item($_GET["db"],$_GET["delete"]);
|
||||
log_action("SERVER_SETTINGS::DELETE::SUCCESS","User ".$_SESSION["username"]." deleted some server settings.",$_SESSION["id"]);
|
||||
}
|
||||
if(isset($_GET["add"])){
|
||||
add_item($_GET["add"],$_GET["value"],$_GET["field"]);
|
||||
log_action("SERVER_SETTINGS::ADD::SUCCESS","User ".$_SESSION["username"]." added some server settings.",$_SESSION["id"]);
|
||||
}
|
||||
load_settings();
|
||||
|
||||
|
||||
@@ -129,6 +129,7 @@ $conn->close();
|
||||
//delete entry if requested and if user has rights to do that
|
||||
if(isset($_GET["delete"])){
|
||||
if($perms[3]!=="1"){
|
||||
log_action("LOG::ENTRY::DELETE::FAILURE","User ".$_SESSION["username"]." tried to delete a log entry but not succeeded because of insufficient permissions.",$_SESSION["id"]);
|
||||
echo '<div class="alert alert-danger" role="alert">
|
||||
You are not allowed to delete log entries. (insufficient permissions)
|
||||
</div>';
|
||||
@@ -149,10 +150,12 @@ $conn->close();
|
||||
echo '<div class="alert alert-success" role="alert">
|
||||
Log entry deleted.
|
||||
</div>';
|
||||
log_action("LOG::ENTRY::DELETE::SUCCESS","User ".$_SESSION["username"]." deleted a log entry.",$_SESSION["id"]);
|
||||
}
|
||||
}
|
||||
if(isset($_GET["delete_all"])){
|
||||
if($perms[3]!=="1"){
|
||||
log_action("LOG::ENTRY::DELETE::FAILURE","User ".$_SESSION["username"]." tried to delete the full log but not succeeded because of insufficient permissions.",$_SESSION["id"]);
|
||||
echo '<div class="alert alert-danger" role="alert">
|
||||
You are not allowed to delete log entries. (insufficient permissions)
|
||||
</div>';
|
||||
@@ -171,6 +174,7 @@ $conn->close();
|
||||
echo '<div class="alert alert-success" role="alert">
|
||||
Log deleted.
|
||||
</div>';
|
||||
log_action("LOG::ENTRY::DELETE::SUCCESS","User ".$_SESSION["username"]." deleted the full log.",$_SESSION["id"]);
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
Reference in New Issue
Block a user