From 6253e7730cc2ddc8843d31a231c0c0d05499e507 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?C=C3=B4me=20Chilliet?= <come.chilliet@fusiondirectory.org>
Date: Wed, 6 Nov 2019 12:40:13 +0100
Subject: [PATCH] :ambulance: fix(logging) Remove duplicate IP information

Author IP is now a specific field in audit plugin, no need to duplicate
 the information in other fields.

issue #6046
---
 include/class_session.inc           | 17 ++++-------------
 include/login/class_LoginMethod.inc |  7 ++-----
 2 files changed, 6 insertions(+), 18 deletions(-)

diff --git a/include/class_session.inc b/include/class_session.inc
index 5bca5449b..36f727135 100644
--- a/include/class_session.inc
+++ b/include/class_session.inc
@@ -190,26 +190,17 @@ class session
         logging::log(
           'security',
           'logout',
-          $ui->dn,
+          $ui->uid,
           [],
-          sprintf(
-            '%s (%s) logged out (%s)',
-            $ui->uid,
-            ($_SERVER['REMOTE_ADDR'] ?? 'Unknown IP'),
-            $reason
-          )
+          sprintf('Logged out (%s)', $reason)
         );
       } elseif (!empty($reason)) {
         logging::log(
           'security',
           'session',
-          ($_SERVER['REMOTE_ADDR'] ?? ''),
+          '',
           [],
-          sprintf(
-            'Session for %s destroyed (%s)',
-            ($_SERVER['REMOTE_ADDR'] ?? 'unknown'),
-            $reason
-          )
+          sprintf('Session destroyed (%s)', $reason)
         );
       }
     } catch (Exception $e) {
diff --git a/include/login/class_LoginMethod.inc b/include/login/class_LoginMethod.inc
index 0c05bb64f..ac07f9d3e 100644
--- a/include/login/class_LoginMethod.inc
+++ b/include/login/class_LoginMethod.inc
@@ -100,7 +100,7 @@ class LoginMethod
     } catch (LoginFailureException $e) {
       /* Load plist to be able to log */
       pluglist::load();
-      logging::log('security', 'login failure', static::$username, [], 'Authentication failed for user "'.static::$username.'": '.$e->getMessage());
+      logging::log('security', 'login failure', static::$username, [], 'Authentication failed: '.$e->getMessage());
       /* Show the same message whether the user exists or not to avoid information leak */
       $message = $e->getMessage();
       $smarty->assign('focusfield', 'password');
@@ -151,10 +151,7 @@ class LoginMethod
     global $config, $ui;
 
     /* Not account expired or password forced change go to main page */
-    logging::log(
-      'security', 'login', $ui->dn, [],
-      sprintf('User "%s" logged in successfully (from %s).', static::$username, ($_SERVER['REMOTE_ADDR'] ?? 'Unknown IP'))
-    );
+    logging::log('security', 'login', static::$username, [], 'Logged in successfully');
     session::set('connected', 1);
     session::set('DEBUGLEVEL', $config->get_cfg_value('DEBUGLEVEL'));
     header('Location: main.php');
-- 
GitLab