aboutsummaryrefslogtreecommitdiff
path: root/engine/lib/system_log.php
diff options
context:
space:
mode:
Diffstat (limited to 'engine/lib/system_log.php')
-rw-r--r--engine/lib/system_log.php197
1 files changed, 103 insertions, 94 deletions
diff --git a/engine/lib/system_log.php b/engine/lib/system_log.php
index 74597ed5d..84302632e 100644
--- a/engine/lib/system_log.php
+++ b/engine/lib/system_log.php
@@ -3,110 +3,72 @@
* Elgg system log.
* Listens to events and writes crud events into the system log database.
*
- * @package Elgg
- * @subpackage Core
- * @author Curverider Ltd
- * @link http://elgg.org/
+ * @package Elgg.Core
+ * @subpackage Logging
*/
/**
- * Interface that provides an interface which must be implemented by all objects wishing to be
- * recorded in the system log (and by extension the river).
- *
- * This interface defines a set of methods that permit the system log functions to hook in and retrieve
- * the necessary information and to identify what events can actually be logged.
+ * Retrieve the system log based on a number of parameters.
*
- * To have events involving your object to be logged simply implement this interface.
+ * @todo too many args, and the first arg is too confusing
*
- * @author Curverider Ltd
+ * @param int|array $by_user The guid(s) of the user(s) who initiated the event.
+ * Use 0 for unowned entries. Anything else falsey means anyone.
+ * @param string $event The event you are searching on.
+ * @param string $class The class of object it effects.
+ * @param string $type The type
+ * @param string $subtype The subtype.
+ * @param int $limit Maximum number of responses to return.
+ * @param int $offset Offset of where to start.
+ * @param bool $count Return count or not
+ * @param int $timebefore Lower time limit
+ * @param int $timeafter Upper time limit
+ * @param int $object_id GUID of an object
+ * @param string $ip_address The IP address.
+ * @return mixed
*/
-interface Loggable {
- /**
- * Return an identification for the object for storage in the system log.
- * This id must be an integer.
- *
- * @return int
- */
- public function getSystemLogID();
-
- /**
- * Return the class name of the object.
- * Added as a function because get_class causes errors for some reason.
- */
- public function getClassName();
-
- /**
- * Return the type of the object - eg. object, group, user, relationship, metadata, annotation etc
- */
- public function getType();
-
- /**
- * Return a subtype. For metadata & annotations this is the 'name' and for relationship this is the relationship type.
- */
- public function getSubtype();
-
- /**
- * For a given ID, return the object associated with it.
- * This is used by the river functionality primarily.
- * This is useful for checking access permissions etc on objects.
- */
- public function getObjectFromID($id);
-
- /**
- * Return the GUID of the owner of this object.
- */
- public function getObjectOwnerGUID();
-}
+function get_system_log($by_user = "", $event = "", $class = "", $type = "", $subtype = "", $limit = 10,
+ $offset = 0, $count = false, $timebefore = 0, $timeafter = 0, $object_id = 0,
+ $ip_address = "") {
-/**
- * Retrieve the system log based on a number of parameters.
- *
- * @param int or array $by_user The guid(s) of the user(s) who initiated the event.
- * @param string $event The event you are searching on.
- * @param string $class The class of object it effects.
- * @param string $type The type
- * @param string $subtype The subtype.
- * @param int $limit Maximum number of responses to return.
- * @param int $offset Offset of where to start.
- * @param bool $count Return count or not
- */
-function get_system_log($by_user = "", $event = "", $class = "", $type = "", $subtype = "", $limit = 10, $offset = 0, $count = false, $timebefore = 0, $timeafter = 0, $object_id = 0) {
global $CONFIG;
$by_user_orig = $by_user;
if (is_array($by_user) && sizeof($by_user) > 0) {
- foreach($by_user as $key => $val) {
+ foreach ($by_user as $key => $val) {
$by_user[$key] = (int) $val;
}
} else {
$by_user = (int)$by_user;
}
+
$event = sanitise_string($event);
$class = sanitise_string($class);
$type = sanitise_string($type);
$subtype = sanitise_string($subtype);
+ $ip_address = sanitise_string($ip_address);
$limit = (int)$limit;
$offset = (int)$offset;
$where = array();
- if ($by_user_orig!=="") {
+ if ($by_user_orig !== "" && $by_user_orig !== false && $by_user_orig !== null) {
if (is_int($by_user)) {
$where[] = "performed_by_guid=$by_user";
} else if (is_array($by_user)) {
- $where [] = "performed_by_guid in (". implode(",",$by_user) .")";
+ $where [] = "performed_by_guid in (" . implode(",", $by_user) . ")";
}
}
if ($event != "") {
$where[] = "event='$event'";
}
- if ($class!=="") {
+ if ($class !== "") {
$where[] = "object_class='$class'";
}
if ($type != "") {
$where[] = "object_type='$type'";
}
- if ($subtype!=="") {
+ if ($subtype !== "") {
$where[] = "object_subtype='$subtype'";
}
@@ -119,6 +81,9 @@ function get_system_log($by_user = "", $event = "", $class = "", $type = "", $su
if ($object_id) {
$where[] = "object_id = " . ((int) $object_id);
}
+ if ($ip_address) {
+ $where[] = "ip_address = '$ip_address'";
+ }
$select = "*";
if ($count) {
@@ -135,7 +100,8 @@ function get_system_log($by_user = "", $event = "", $class = "", $type = "", $su
}
if ($count) {
- if ($numrows = get_data_row($query)) {
+ $numrows = get_data_row($query);
+ if ($numrows) {
return $numrows->count;
}
} else {
@@ -149,6 +115,8 @@ function get_system_log($by_user = "", $event = "", $class = "", $type = "", $su
* Return a specific log entry.
*
* @param int $entry_id The log entry
+ *
+ * @return mixed
*/
function get_log_entry($entry_id) {
global $CONFIG;
@@ -162,15 +130,20 @@ function get_log_entry($entry_id) {
* Return the object referred to by a given log entry
*
* @param int $entry_id The log entry
+ *
+ * @return mixed
*/
function get_object_from_log_entry($entry_id) {
$entry = get_log_entry($entry_id);
if ($entry) {
$class = $entry->object_class;
- $tmp = new $class();
- $object = $tmp->getObjectFromID($entry->object_id);
-
+ // surround with try/catch because object could be disabled
+ try {
+ $object = new $class($entry->object_id);
+ } catch (Exception $e) {
+
+ }
if ($object) {
return $object;
}
@@ -184,16 +157,27 @@ function get_object_from_log_entry($entry_id) {
*
* This is called by the event system and should not be called directly.
*
- * @param $object The object you're talking about.
- * @param $event String The event being logged
+ * @param object $object The object you're talking about.
+ * @param string $event The event being logged
+ * @return void
*/
function system_log($object, $event) {
global $CONFIG;
- static $logcache;
+ static $log_cache;
+ static $cache_size = 0;
if ($object instanceof Loggable) {
- if (!is_array($logcache)) {
- $logcache = array();
+
+ /* @var ElggEntity|ElggExtender $object */
+ if (datalist_get('version') < 2012012000) {
+ // this is a site that doesn't have the ip_address column yet
+ return;
+ }
+
+ // reset cache if it has grown too large
+ if (!is_array($log_cache) || $cache_size > 500) {
+ $log_cache = array();
+ $cache_size = 0;
}
// Has loggable interface, extract the necessary information and store
@@ -203,7 +187,17 @@ function system_log($object, $event) {
$object_subtype = $object->getSubtype();
$event = sanitise_string($event);
$time = time();
- $performed_by = get_loggedin_userid();
+
+ if (!empty($_SERVER['HTTP_X_FORWARDED_FOR'])) {
+ $ip_address = array_pop(explode(',', $_SERVER['HTTP_X_FORWARDED_FOR']));
+ } elseif (!empty($_SERVER['HTTP_X_REAL_IP'])) {
+ $ip_address = array_pop(explode(',', $_SERVER['HTTP_X_REAL_IP']));
+ } else {
+ $ip_address = $_SERVER['REMOTE_ADDR'];
+ }
+ $ip_address = sanitise_string($ip_address);
+
+ $performed_by = elgg_get_logged_in_user_guid();
if (isset($object->access_id)) {
$access_id = $object->access_id;
@@ -223,13 +217,19 @@ function system_log($object, $event) {
}
// Create log if we haven't already created it
- if (!isset($logcache[$time][$object_id][$event])) {
- insert_data("INSERT DELAYED into {$CONFIG->dbprefix}system_log (object_id, object_class, object_type, object_subtype, event, performed_by_guid, owner_guid, access_id, enabled, time_created) VALUES ('$object_id','$object_class','$object_type', '$object_subtype', '$event',$performed_by, $owner_guid, $access_id, '$enabled', '$time')");
-
- $logcache[$time][$object_id][$event] = true;
+ if (!isset($log_cache[$time][$object_id][$event])) {
+ $query = "INSERT DELAYED into {$CONFIG->dbprefix}system_log
+ (object_id, object_class, object_type, object_subtype, event,
+ performed_by_guid, owner_guid, access_id, enabled, time_created, ip_address)
+ VALUES
+ ('$object_id','$object_class','$object_type', '$object_subtype', '$event',
+ $performed_by, $owner_guid, $access_id, '$enabled', '$time', '$ip_address')";
+
+ insert_data($query);
+
+ $log_cache[$time][$object_id][$event] = true;
+ $cache_size += 1;
}
-
- return true;
}
}
@@ -237,6 +237,8 @@ function system_log($object, $event) {
* This function creates an archive copy of the system log.
*
* @param int $offset An offset in seconds from now to archive (useful for log rotation)
+ *
+ * @return bool
*/
function archive_log($offset = 0) {
global $CONFIG;
@@ -247,7 +249,10 @@ function archive_log($offset = 0) {
$ts = $now - $offset;
// create table
- if (!update_data("CREATE TABLE {$CONFIG->dbprefix}system_log_$now as SELECT * from {$CONFIG->dbprefix}system_log WHERE time_created<$ts")) {
+ $query = "CREATE TABLE {$CONFIG->dbprefix}system_log_$now as
+ SELECT * from {$CONFIG->dbprefix}system_log WHERE time_created<$ts";
+
+ if (!update_data($query)) {
return false;
}
@@ -268,10 +273,11 @@ function archive_log($offset = 0) {
/**
* Default system log handler, allows plugins to override, extend or disable logging.
*
- * @param string $event
- * @param string $object_type
- * @param Loggable $object
- * @return unknown
+ * @param string $event Event name
+ * @param string $object_type Object type
+ * @param Loggable $object Object to log
+ *
+ * @return true
*/
function system_log_default_logger($event, $object_type, $object) {
system_log($object['object'], $object['event']);
@@ -283,20 +289,23 @@ function system_log_default_logger($event, $object_type, $object) {
* System log listener.
* This function listens to all events in the system and logs anything appropriate.
*
- * @param String $event
- * @param String $object_type
- * @param Loggable $object
+ * @param String $event Event name
+ * @param String $object_type Type of object
+ * @param Loggable $object Object to log
+ *
+ * @return true
+ * @access private
*/
function system_log_listener($event, $object_type, $object) {
- if (($object_type!='systemlog') && ($event!='log')) {
- trigger_elgg_event('log', 'systemlog', array('object' => $object, 'event' => $event));
+ if (($object_type != 'systemlog') && ($event != 'log')) {
+ elgg_trigger_event('log', 'systemlog', array('object' => $object, 'event' => $event));
}
return true;
}
/** Register event to listen to all events **/
-register_elgg_event_handler('all','all','system_log_listener', 400);
+elgg_register_event_handler('all', 'all', 'system_log_listener', 400);
/** Register a default system log handler */
-register_elgg_event_handler('log','systemlog','system_log_default_logger', 999); \ No newline at end of file
+elgg_register_event_handler('log', 'systemlog', 'system_log_default_logger', 999);
generated by cgit v1.2.3 (git 2.39.1) at 2025-11-13 10:19:31 +0000