-
Verified89c39085
<?php/* This code is part of FusionDirectory (http://www.fusiondirectory.org/) Copyright (C) 2007 Fabian Hickert Copyright (C) 2011-2016 FusionDirectory This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version. This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. You should have received a copy of the GNU General Public License along with this program; if not, write to the Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA.*//*! * \file class_logging.inc * Source code for the class logging *//*! * \brief This is the base class for the FusionDirectory logging functionality. * All logging should lead to this class. * * \author Fabian Hickert <hickert@gonicus.de> * \version 2.6 * \date 11.04.2007 */class logging{ static $validActions = ['modify','create','remove','copy','snapshot','security','error']; /*! * \brief logging method * * \param string $action One of these values (modify|create|remove|copy|snapshot|security|error) * * \param string $objecttype represents the current edited objecttype, like user/user, or the event, like logout * * \param string $object represents the current edited object dn, or the target of the operation * * \param array $changes An array containing names of all touched attributes * * \param string $result A status message, containing errors or success messages */ static function log (string $action, string $objecttype, string $object, array $changes = [], string $result = '') { global $config, $ui; /* Create data object */ $entry = [ 'timestamp' => microtime(TRUE), 'action' => $action, 'objecttype' => $objecttype, 'object' => $object, 'changes' => $changes, 'result' => $result ]; if (isset($ui->dn) && !empty($ui->dn)) { $entry['user'] = $ui->dn; } elseif (isset($_SERVER['REMOTE_ADDR'])) { $entry['user'] = $_SERVER['REMOTE_ADDR']; } else {7172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140
$entry['user'] = 'unknown';
}
/* Check if all given values are valid */
$msgs = static::check($entry);
if (count($msgs)) {
foreach ($msgs as $msg) {
trigger_error('Logging failed, reason was: '.$msg);
$error = new FusionDirectoryError(htmlescape(sprintf(_('Logging failed: %s'), $msg)));
$error->display();
}
} else {
if (is_object($config) && preg_match('/true/i', $config->get_cfg_value('logging', ''))) {
static::log_into_syslog($entry);
if (in_array($action, $config->get_cfg_value('auditActions', []))) {
static::log_into_ldap($entry);
}
}
}
}
/*!
* \brief Debug output method
*
* Print a DEBUG level if specified debug level of the level matches the
* the configured debug level.
*
* \param int $level The log level of the message (one of the DEBUG_* constants)
*
* \param int $line Line of origin (using __LINE__ is common)
*
* \param string $function Function of origin (using __FUNCTION__ is common)
*
* \param string $file File of origin (using __FILE__ is common)
*
* \param mixed $data Operation result. Can be a message or an array, which is printed with print_a.
*
* \param string $info Operation description
*/
static function debug (int $level, int $line, string $function, string $file, $data, string $info = '')
{
global $config;
static $first = TRUE;
if (session::get('DEBUGLEVEL') & $level) {
$output = '';
if ($first) {
$output .= '<div id="debug-handling" class="notice">'.
'<img src="geticon.php?context=status&icon=dialog-information&size=22" alt="Information" style="vertical-align:middle;margin-right:.2em;"/>'.
'There is some debug output '.
'<button onClick="javascript:$$(\'div.debug_div\').each(function (a) { a.toggle(); });">Toggle</button>'.
'</div>';
$first = FALSE;
}
$logline = "DEBUG[$level] ";
if ($function != '') {
$logline .= "($file:$function():$line) - $info: ";
} else {
$logline .= "($file:$line) - $info: ";
}
$output .= '<div class="debug_div">';
$output .= $logline;
if (is_array($data)) {
$output .= print_a($data, TRUE);
$logline .= print_r($data, TRUE);
} else {
$output .= "'$data'";
$logline .= "'$data'";
}
141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210
$output .= "</div>\n";
if (is_object($config) && preg_match('/true/i', $config->get_cfg_value('debugLogging', ''))) {
fusiondirectory_log($logline);
}
if (($_SERVER['REQUEST_METHOD'] == 'POST') && preg_match('/index.php$/', $_SERVER['REQUEST_URI'])) {
return;
}
echo $output;
}
}
/*!
* \brief Check the options
*
* \param Array $entry to be checked
*/
static protected function check ($entry = [])
{
$msgs = [];
if (!isset($entry['action']) || !in_array($entry['action'], static::$validActions)) {
$msgs[] = sprintf(_('Invalid option "%s" specified!'), $entry['action']);
}
if (!isset($entry['objecttype']) || empty($entry['objecttype'])) {
$msgs[] = _('Specified objectType is empty or invalid!');
}
return $msgs;
}
/*
* \brief This function is used to into the systems syslog
*
* \param Array $entry Entry to be loged
*/
static protected function log_into_syslog ($entry)
{
$str = '';
if (empty($entry['object']) && empty($entry['changes'])) {
$str = '('.$entry['action'].') '.$entry['objecttype'].': '.$entry['result'];
} else {
$str = '('.$entry['action'].') '.$entry['object'].' of type '.$entry['objecttype'].' '.implode(',', $entry['changes']).': '.$entry['result'];
}
fusiondirectory_log($str);
}
/*
* \brief This function is used to into the ldap for audit plugin
*
* \param Array $entry Entry to be logged
*/
static protected function log_into_ldap ($entry)
{
global $config;
if ($entry['objecttype'] == 'plugin/auditEvent') {
/* Avoid infinite loop */
return;
}
if (empty($entry['object'])) {
$entry['object'] = 'none';
}
try {
$tabObject = objects::create('auditEvent');
$baseObject = $tabObject->getBaseObject();
$baseObject->fdAuditDateTime = DateTime::createFromFormat('U.u', number_format($entry['timestamp'], 6, '.', ''));
$baseObject->fdAuditAction = $entry['action'];
211212213214215216217218219220221222223224225226227228229230231232233234235236
$baseObject->fdAuditAuthorDN = $entry['user'];
$baseObject->fdAuditObjectType = $entry['objecttype'];
$baseObject->fdAuditObject = $entry['object'];
$baseObject->fdAuditAttributes = $entry['changes'];
$baseObject->fdAuditResult = $entry['result'];
$baseObject->base = $config->current['BASE'];
$errors = $tabObject->save();
if (!empty($errors)) {
msg_dialog::displayChecks($errors);
}
} catch (FusionDirectoryException $e) {
$error = new FusionDirectoryError(
htmlescape(sprintf(
_('Failed to log event (%s - %s): %s'),
$entry['action'],
$entry['objecttype'],
$e->getMessage()
)),
0,
$e
);
$error->display();
}
}
}