Add user adding/removing/editing and security log viewing/clearing.
parent
4b6fcd8f7c
commit
8e24cd7208
@ -0,0 +1,29 @@
|
||||
<?php
|
||||
|
||||
require_once __DIR__ . "/../required.php";
|
||||
|
||||
dieifnotloggedin();
|
||||
|
||||
function insertAuthLog($type, $uid = null, $data = "") {
|
||||
global $database;
|
||||
// find IP address
|
||||
$ip = "";
|
||||
if (isset($_SERVER["HTTP_CF_CONNECTING_IP"])) {
|
||||
$ip = $_SERVER["HTTP_CF_CONNECTING_IP"];
|
||||
} else if (isset($_SERVER["HTTP_CLIENT_IP"])) {
|
||||
$ip = $_SERVER["HTTP_CLIENT_IP"];
|
||||
} else if (isset($_SERVER["HTTP_X_FORWARDED_FOR"])) {
|
||||
$ip = $_SERVER["HTTP_X_FORWARDED_FOR"];
|
||||
} else if (isset($_SERVER["HTTP_X_FORWARDED"])) {
|
||||
$ip = $_SERVER["HTTP_X_FORWARDED"];
|
||||
} else if (isset($_SERVER["HTTP_FORWARDED_FOR"])) {
|
||||
$ip = $_SERVER["HTTP_FORWARDED_FOR"];
|
||||
} else if (isset($_SERVER["HTTP_FORWARDED"])) {
|
||||
$ip = $_SERVER["HTTP_FORWARDED"];
|
||||
} else if (isset($_SERVER["REMOTE_ADDR"])) {
|
||||
$ip = $_SERVER["REMOTE_ADDR"];
|
||||
} else {
|
||||
$ip = "NOT FOUND";
|
||||
}
|
||||
$database->insert("authlog", ['logtime' => date("Y-m-d H:i:s"), 'logtype' => $type, 'uid' => $uid, 'ip' => $ip, 'otherdata' => $data]);
|
||||
}
|
@ -0,0 +1,86 @@
|
||||
<?php
|
||||
|
||||
require __DIR__ . '/../required.php';
|
||||
|
||||
dieifnotloggedin();
|
||||
|
||||
header("Content-Type: application/json");
|
||||
|
||||
$out = [];
|
||||
|
||||
$out['draw'] = intval($VARS['draw']);
|
||||
|
||||
$out['recordsTotal'] = $database->count('authlog');
|
||||
$filter = false;
|
||||
|
||||
// sort
|
||||
$order = null;
|
||||
$sortby = "DESC";
|
||||
if ($VARS['order'][0]['dir'] == 'asc') {
|
||||
$sortby = "ASC";
|
||||
}
|
||||
switch ($VARS['order'][0]['column']) {
|
||||
case 1:
|
||||
$order = ["logtime" => $sortby];
|
||||
break;
|
||||
case 2:
|
||||
$order = ["typename" => $sortby];
|
||||
break;
|
||||
case 3:
|
||||
$order = ["username" => $sortby];
|
||||
break;
|
||||
case 5:
|
||||
$order = ["ip" => $sortby];
|
||||
break;
|
||||
case 6:
|
||||
$order = ["otherdata" => $sortby];
|
||||
break;
|
||||
}
|
||||
|
||||
// search
|
||||
if (!is_empty($VARS['search']['value'])) {
|
||||
$filter = true;
|
||||
$wherenolimit = [
|
||||
"OR" => [
|
||||
"logtime[~]" => $VARS['search']['value'],
|
||||
"typename[~]" => $VARS['search']['value'],
|
||||
"username[~]" => $VARS['search']['value'],
|
||||
"ip[~]" => $VARS['search']['value'],
|
||||
"otherdata[~]" => $VARS['search']['value']
|
||||
]
|
||||
];
|
||||
$where = $wherenolimit;
|
||||
$where["LIMIT"] = [$VARS['start'], $VARS['length']];
|
||||
} else {
|
||||
$where = ["LIMIT" => [$VARS['start'], $VARS['length']]];
|
||||
}
|
||||
if (!is_null($order)) {
|
||||
$where["ORDER"] = $order;
|
||||
}
|
||||
|
||||
|
||||
$log = $database->select('authlog', [
|
||||
"[>]accounts" => ['uid' => 'uid'],
|
||||
"[>]logtypes" => ['logtype' => 'logtype']
|
||||
], [
|
||||
'logtime',
|
||||
'typename',
|
||||
'username',
|
||||
'ip',
|
||||
'otherdata'
|
||||
], $where);
|
||||
|
||||
|
||||
$out['status'] = "OK";
|
||||
if ($filter) {
|
||||
$recordsFiltered = $database->count('authlog', [
|
||||
"[>]accounts" => ['uid' => 'uid'],
|
||||
"[>]logtypes" => ['logtype' => 'logtype']
|
||||
], 'logid', $wherenolimit);
|
||||
} else {
|
||||
$recordsFiltered = $out['recordsTotal'];
|
||||
}
|
||||
$out['recordsFiltered'] = $recordsFiltered;
|
||||
$out['log'] = $log;
|
||||
|
||||
echo json_encode($out);
|
@ -0,0 +1,58 @@
|
||||
<?php
|
||||
require_once __DIR__ . '/../required.php';
|
||||
|
||||
redirectifnotloggedin();
|
||||
?>
|
||||
<div class="btn-group" style="margin-bottom: 10px;">
|
||||
<a href="app.php?page=clearlog" class="btn btn-warning"><i class="fa fa-times"></i> <?php lang("clear log"); ?></a>
|
||||
</div>
|
||||
<table id="logtable" class="table table-bordered table-striped">
|
||||
<thead>
|
||||
<tr>
|
||||
<th data-priority="0"></th>
|
||||
<th data-priority="1"><i class="fa fa-fw fa-calendar"></i> <?php lang('logtime'); ?></th>
|
||||
<th data-priority="1"><i class="fa fa-fw fa-server"></i> <?php lang('logtype'); ?></th>
|
||||
<th data-priority="2"><i class="fa fa-fw fa-id-badge"></i> <?php lang('username'); ?></th>
|
||||
<th data-priority="3"><i class="fa fa-fw fa-globe"></i> <?php lang('ip address'); ?></th>
|
||||
<th data-priority="3"><i class="fa fa-fw fa-info-circle"></i> <?php lang('other data'); ?></th>
|
||||
</tr>
|
||||
</thead>
|
||||
<tbody>
|
||||
|
||||
</tbody>
|
||||
<tfoot>
|
||||
<tr>
|
||||
<th data-priority="0"></th>
|
||||
<th data-priority="1"><i class="fa fa-fw fa-calendar"></i> <?php lang('logtime'); ?></th>
|
||||
<th data-priority="1"><i class="fa fa-fw fa-server"></i> <?php lang('logtype'); ?></th>
|
||||
<th data-priority="2"><i class="fa fa-fw fa-id-badge"></i> <?php lang('username'); ?></th>
|
||||
<th data-priority="3"><i class="fa fa-fw fa-globe"></i> <?php lang('ip address'); ?></th>
|
||||
<th data-priority="3"><i class="fa fa-fw fa-info-circle"></i> <?php lang('other data'); ?></th>
|
||||
</tfoot>
|
||||
</table>
|
||||
<br />
|
||||
<div class="row">
|
||||
<div class="col-xs-12 col-sm-6 col-md-4 col-sm-offset-3 col-md-offset-4">
|
||||
<div class="panel panel-blue">
|
||||
<div class="panel-heading">
|
||||
<h3 class="panel-title">
|
||||
<?php lang('event type reference'); ?>
|
||||
</h3>
|
||||
</div>
|
||||
<div class="panel-body">
|
||||
<div class="list-group">
|
||||
<?php
|
||||
$types = $database->select('logtypes', 'typename');
|
||||
foreach ($types as $type) {
|
||||
?>
|
||||
<div class="list-group-item">
|
||||
<?php echo $type; ?>
|
||||
</div>
|
||||
<?php
|
||||
}
|
||||
?>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
@ -0,0 +1,26 @@
|
||||
<?php
|
||||
require_once __DIR__ . "/../required.php";
|
||||
|
||||
redirectifnotloggedin();
|
||||
?>
|
||||
<div class="row">
|
||||
<div class="col-xs-12 col-sm-6 col-sm-offset-3">
|
||||
<div class="panel panel-danger">
|
||||
<div class="panel-heading">
|
||||
<h3 class="panel-title">
|
||||
<?php lang("clear log") ?>
|
||||
</h3>
|
||||
</div>
|
||||
<div class="panel-body">
|
||||
<div style="text-align: center;">
|
||||
<p><i class="fa fa-exclamation-triangle fa-5x"></i></p>
|
||||
<h4><?php lang("really clear log") ?></h4>
|
||||
</div>
|
||||
</div>
|
||||
<div class="panel-footer">
|
||||
<a href="action.php?action=clearlog&source=authlog" class="btn btn-danger"><i class="fa fa-times"></i> <?php lang('delete'); ?></a>
|
||||
<a href="app.php?page=authlog" class="btn btn-primary pull-right"><i class="fa fa-arrow-left"></i> <?php lang('cancel'); ?></a>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
@ -0,0 +1,60 @@
|
||||
<?php
|
||||
if (!is_empty($VARS['id'])) {
|
||||
if ($database->has('accounts', ['uid' => $VARS['id']])) {
|
||||
$userdata = $database->select('accounts', ['[>]accttypes' => ['accttype' => 'typeid']], [
|
||||
'uid',
|
||||
'username',
|
||||
'realname',
|
||||
'email'
|
||||
], [
|
||||
'uid' => $VARS['id']
|
||||
])[0];
|
||||
} else {
|
||||
// user id is invalid
|
||||
header('Location: app.php?page=users&msg=user_not_exists');
|
||||
die();
|
||||
}
|
||||
} else {
|
||||
// user id is invalid
|
||||
header('Location: app.php?page=users&msg=user_not_exists');
|
||||
die();
|
||||
}
|
||||
?>
|
||||
<div class="row">
|
||||
<div class="col-xs-12 col-sm-6 col-sm-offset-3">
|
||||
<div class="panel panel-danger">
|
||||
<div class="panel-heading">
|
||||
<h3 class="panel-title">
|
||||
<?php lang("delete user") ?>
|
||||
</h3>
|
||||
</div>
|
||||
<div class="panel-body">
|
||||
<div style="text-align: center;">
|
||||
<p><i class="fa fa-exclamation-triangle fa-5x"></i></p>
|
||||
<h4><?php lang("really delete user") ?></h4>
|
||||
</div>
|
||||
<div class="list-group">
|
||||
<div class="list-group-item">
|
||||
<i class="fa fa-fw fa-user"></i> <?php echo $userdata['realname']; ?>
|
||||
</div>
|
||||
<div class="list-group-item">
|
||||
<i class="fa fa-fw fa-id-badge"></i> <?php echo $userdata['username']; ?>
|
||||
</div>
|
||||
<?php
|
||||
if (!is_empty($userdata['email'])) {
|
||||
?>
|
||||
<div class="list-group-item">
|
||||
<i class="fa fa-fw fa-envelope"></i> <?php echo $userdata['email']; ?>
|
||||
</div>
|
||||
<?php
|
||||
}
|
||||
?>
|
||||
</div>
|
||||
</div>
|
||||
<div class="panel-footer">
|
||||
<a href="action.php?action=deleteuser&source=users&id=<?php echo htmlspecialchars($VARS['id']); ?>" class="btn btn-danger"><i class="fa fa-times"></i> <?php lang('delete'); ?></a>
|
||||
<a href="app.php?page=users" class="btn btn-primary pull-right"><i class="fa fa-arrow-left"></i> <?php lang('cancel'); ?></a>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
@ -0,0 +1,45 @@
|
||||
$('#logtable').DataTable({
|
||||
responsive: {
|
||||
details: {
|
||||
display: $.fn.dataTable.Responsive.display.modal({
|
||||
header: function (row) {
|
||||
var data = row.data();
|
||||
return "<i class=\"fa fa-list fa-fw\"></i> " + data[1];
|
||||
}
|
||||
}),
|
||||
renderer: $.fn.dataTable.Responsive.renderer.tableAll({
|
||||
tableClass: 'table'
|
||||
}),
|
||||
type: "column"
|
||||
}
|
||||
},
|
||||
columnDefs: [
|
||||
{
|
||||
targets: 0,
|
||||
className: 'control',
|
||||
orderable: false
|
||||
}
|
||||
],
|
||||
order: [
|
||||
[1, 'desc']
|
||||
],
|
||||
serverSide: true,
|
||||
ajax: {
|
||||
url: "lib/getlogtable.php",
|
||||
dataFilter: function (data) {
|
||||
var json = jQuery.parseJSON(data);
|
||||
json.data = [];
|
||||
json.log.forEach(function (row) {
|
||||
json.data.push([
|
||||
"",
|
||||
row.logtime,
|
||||
row.typename,
|
||||
(row.username == null ? "---" : row.username),
|
||||
row.ip,
|
||||
row.otherdata
|
||||
]);
|
||||
});
|
||||
return JSON.stringify(json);
|
||||
}
|
||||
}
|
||||
});
|
Loading…
Reference in New Issue