Skip to content
Permalink
Browse files

issue #552

* many more admin actions are logged into activity table
* use the activity.details as an associative array (serialized in database)
  • Loading branch information...
plegall committed Apr 1, 2019
1 parent 447e7e7 commit 940d1d2e8c3631b1149560fe5cf5c268ed0b5e7e
@@ -277,6 +277,8 @@
array('primary' => array('id'), 'update' => array('author')),
$datas
);
pwg_activity('photo', $collection, 'edit', array('action'=>'author'));
}
// title
@@ -301,6 +303,8 @@
array('primary' => array('id'), 'update' => array('name')),
$datas
);
pwg_activity('photo', $collection, 'edit', array('action'=>'title'));
}
// date_creation
@@ -329,6 +333,8 @@
array('primary' => array('id'), 'update' => array('date_creation')),
$datas
);
pwg_activity('photo', $collection, 'edit', array('action'=>'date_creation'));
}
// privacy_level
@@ -349,6 +355,8 @@
$datas
);
pwg_activity('photo', $collection, 'edit', array('action'=>'privacy_level'));
if (isset($_SESSION['bulk_manager_filter']['level']))
{
if ($_POST['level'] < $_SESSION['bulk_manager_filter']['level'])
@@ -34,6 +34,14 @@
// +-----------------------------------------------------------------------+
check_status(ACCESS_ADMINISTRATOR);
if (!empty($_POST))
{
check_pwg_token();
check_input_parameter('cat_true', $_POST, true, PATTERN_ID);
check_input_parameter('cat_false', $_POST, true, PATTERN_ID);
check_input_parameter('section', $_GET, false, '/^[a-z0-9_-]+$/i');
}
// +-----------------------------------------------------------------------+
// | modification registration |
// +-----------------------------------------------------------------------+
@@ -43,8 +51,6 @@
and isset($_POST['cat_true'])
and count($_POST['cat_true']) > 0)
{
check_pwg_token();
check_input_parameter('cat_true', $_POST, true, PATTERN_ID);
switch ($_GET['section'])
{
case 'comments' :
@@ -78,13 +84,13 @@
break;
}
}
pwg_activity('album', $_POST['cat_true'], 'edit', array('section'=>$_GET['section'], 'action'=>'falsify'));
}
else if (isset($_POST['trueify'])
and isset($_POST['cat_false'])
and count($_POST['cat_false']) > 0)
{
check_pwg_token();
check_input_parameter('cat_false', $_POST, true, PATTERN_ID);
switch ($_GET['section'])
{
case 'comments' :
@@ -115,6 +121,8 @@
break;
}
}
pwg_activity('album', $_POST['cat_false'], 'edit', array('section'=>$_GET['section'], 'action'=>'trueify'));
}
// +-----------------------------------------------------------------------+
@@ -86,6 +86,9 @@
pwg_query($query);
$page['infos'][] = l10n('group "%s" added', $_POST['groupname']);
$inserted_id = pwg_db_insert_id(GROUPS_TABLE);
pwg_activity('group', $inserted_id, 'add');
}
}
@@ -130,6 +133,7 @@
WHERE id = '.$group.'
;';
pwg_query($query);
pwg_activity('group', $group, 'edit', array('action'=>$action));
}
}
}
@@ -177,6 +181,7 @@
pwg_query($query);
trigger_notify('delete_group', $groupids);
pwg_activity('group', $groupids, 'delete');
$page['infos'][] = l10n('group "%s" deleted', $groupname);
}
@@ -215,6 +220,7 @@
WHERE name = \''.pwg_db_real_escape_string($_POST['merge']).'\'
;';
list($groupid) = pwg_db_fetch_row(pwg_query($query));
pwg_activity('group', $groupid, 'add', array('action'=>$action, 'groups'=>implode(',', $groups)));
}
$grp_access = array();
$usr_grp = array();
@@ -301,6 +307,7 @@
;';
list($groupid) = pwg_db_fetch_row(pwg_query($query));
pwg_activity('group', $groupid, 'add', array('action'=>$action, 'group'=>$group));
$query = '
SELECT *
FROM '.GROUP_ACCESS_TABLE.'
@@ -360,7 +367,9 @@
WHERE id = '.$group.'
;';
pwg_query($query);
pwg_activity('group', $group, 'edit', array('action'=>$action));
$page['infos'][] = l10n('group "%s" updated', $groupname);
}
}
@@ -163,7 +163,7 @@ function delete_categories($ids, $photo_deletion_mode='no_delete')
pwg_query($query);
trigger_notify('delete_categories', $ids);
pwg_activity('album', $ids, 'delete', 'photo_deletion_mode='.$photo_deletion_mode);
pwg_activity('album', $ids, 'delete', array('photo_deletion_mode'=>$photo_deletion_mode));
}
/**
@@ -361,6 +361,7 @@ function delete_elements($ids, $physical_deletion=false)
}
trigger_notify('delete_elements', $ids);
pwg_activity('photo', $ids, 'delete');
return count($ids);
}
@@ -416,6 +417,7 @@ function delete_user($user_id)
pwg_query($query);
trigger_notify('delete_user', $user_id);
pwg_activity('user', $user_id, 'delete');
}
/**
@@ -1423,6 +1425,8 @@ function move_categories($category_ids, $new_parent = -1)
'%d album moved', '%d albums moved',
count($categories)
);
pwg_activity('album', $category_ids, 'move', array('parent'=>$new_parent));
}
/**
@@ -1700,6 +1704,7 @@ function delete_tags($tag_ids)
pwg_query($query);
trigger_notify("delete_tags", $tag_ids);
pwg_activity('tag', $tag_ids, 'delete');
update_images_lastmodified($image_ids);
invalidate_user_cache_nb_tags();
@@ -2226,6 +2231,7 @@ function create_tag($tag_name)
);
$inserted_id = pwg_db_insert_id(TAGS_TABLE);
pwg_activity('tag', $inserted_id, 'add');
return array(
'info' => l10n('Tag "%s" was added', stripslashes($tag_name)),
@@ -372,6 +372,7 @@ function add_uploaded_file($source_filepath, $original_filename=null, $categorie
single_insert(IMAGES_TABLE, $insert);
$image_id = pwg_db_insert_id(IMAGES_TABLE);
pwg_activity('photo', $image_id, 'add');
}
if (isset($categories) and count($categories) > 0)
@@ -197,6 +197,7 @@
$represented_albums = $_POST['represent'];
$page['infos'][] = l10n('Photo informations updated');
pwg_activity('photo', $_GET['image_id'], 'edit');
}
// tags
@@ -320,6 +320,9 @@
$category_up[] = $category['id_uppercat'];
}
}
pwg_activity('album', $category_ids, 'add', array('sync'=>true));
$category_up=implode(',',array_unique($category_up));
if ($conf['inheritance_by_default'])
{
@@ -676,6 +679,8 @@
$insert_links
);
pwg_activity('photo', $caddiables, 'add', array('sync'=>true));
// add new photos to caddie
if (isset($_POST['add_to_caddie']) and $_POST['add_to_caddie'] == 1)
{
@@ -107,6 +107,8 @@
),
$updates
);
pwg_activity('tag', explode(',', $_POST['edit_list']), 'edit');
}
// +-----------------------------------------------------------------------+
// | dulicate tags |
@@ -154,14 +156,9 @@
'url_name' => trigger_change('render_tag_url', $tag_name),
)
);
$destination_tag_id = pwg_db_insert_id(TAGS_TABLE);
$query = '
SELECT id
FROM '.TAGS_TABLE.'
WHERE name = \''.$tag_name.'\'
;';
$destination_tag = array_from_query($query, 'id');
$destination_tag_id = $destination_tag[0];
pwg_activity('tag', $destination_tag_id, 'add', array('action'=>'duplicate', 'source_tag'=>$tag_id));
$query = '
SELECT
@@ -511,7 +511,7 @@ function pwg_log($image_id = null, $image_type = null, $format_id = null)
return true;
}
function pwg_activity($object, $object_id, $action, $details=null)
function pwg_activity($object, $object_id, $action, $details=array())
{
global $user;
@@ -521,19 +521,64 @@ function pwg_activity($object, $object_id, $action, $details=null)
$object_ids = array($object_id);
}
if (isset($_REQUEST['method']))
{
$details['method'] = $_REQUEST['method'];
}
else
{
$details['script'] = script_basename();
if ('admin' == $details['script'] and isset($_GET['page']))
{
$details['script'].= '/'.$_GET['page'];
}
}
if ('user' == $object and 'login' == $action)
{
$details['agent'] = isset($_SERVER['HTTP_USER_AGENT']) ? $_SERVER['HTTP_USER_AGENT'] : 'unknown';
}
if ('photo' == $object and 'add' == $action and !isset($details['sync']))
{
$details['added_with'] = 'app';
if (isset($_SERVER['HTTP_REFERER']) and preg_match('/page=photos_add/', $_SERVER['HTTP_REFERER']))
{
$details['added_with'] = 'browser';
}
$details['agent'] = isset($_SERVER['HTTP_USER_AGENT']) ? $_SERVER['HTTP_USER_AGENT'] : 'unknown';
}
if (in_array($object, array('album', 'photo')) and 'delete' == $action and isset($_GET['page']) and 'site_update' == $_GET['page'])
{
$details['sync'] = true;
}
if ('tag' == $object and 'delete' == $action and isset($_POST['destination_tag']))
{
$details['action'] = 'merge';
$details['destination_tag'] = $_POST['destination_tag'];
}
$inserts = array();
$details_insert = pwg_db_real_escape_string(serialize($details));
$ip_address = isset($_SERVER['REMOTE_ADDR']) ? $_SERVER['REMOTE_ADDR'] : null;
foreach ($object_ids as $loop_object_id)
{
single_insert(
ACTIVITY_TABLE,
array(
'object' => $object,
'object_id' => $loop_object_id,
'action' => $action,
'performed_by' => $user['id'],
'details' => pwg_db_real_escape_string($details),
)
$inserts[] = array(
'object' => $object,
'object_id' => $loop_object_id,
'action' => $action,
'performed_by' => $user['id'],
'session_idx' => session_id(),
'ip_address' => $ip_address,
'details' => $details_insert,
);
}
mass_inserts(ACTIVITY_TABLE, array_keys($inserts[0]), $inserts);
}
/**
@@ -282,6 +282,8 @@ function register_user($login, $password, $mail_address, $notify_admin=true, &$e
)
);
pwg_activity('user', $user_id, 'add');
return $user_id;
}
else
@@ -961,6 +963,7 @@ function log_user($user_id, $remember_me)
$user['id'] = $_SESSION['pwg_uid'];
trigger_notify('user_login', $user['id']);
pwg_activity('user', $user['id'], 'login');
}
/**
@@ -1137,6 +1140,7 @@ function logout_user()
global $conf;
trigger_notify('user_logout', @$_SESSION['pwg_uid']);
pwg_activity('user', @$_SESSION['pwg_uid'], 'logout');
$_SESSION = array();
session_unset();
@@ -731,7 +731,7 @@ function ws_categories_setInfo($params, &$service)
);
}
pwg_activity('album', $params['category_id'], 'edit', 'method='.$_REQUEST['method'].' fields='.implode(',', array_keys($update)));
pwg_activity('album', $params['category_id'], 'edit', array('fields' => implode(',', array_keys($update))));
}
/**
@@ -782,7 +782,7 @@ function ws_categories_setRepresentative($params, &$service)
;';
pwg_query($query);
pwg_activity('album', $params['category_id'], 'edit', 'method='.$_REQUEST['method'].' image_id='.$params['image_id']);
pwg_activity('album', $params['category_id'], 'edit', array('image_id'=>$params['image_id']));
}
/**
@@ -829,7 +829,7 @@ function ws_categories_deleteRepresentative($params, &$service)
;';
pwg_query($query);
pwg_activity('album', $params['category_id'], 'edit', 'method='.$_REQUEST['method']);
pwg_activity('album', $params['category_id'], 'edit');
}
/**
@@ -875,7 +875,7 @@ function ws_categories_refreshRepresentative($params, &$service)
set_random_representant(array($params['category_id']));
pwg_activity('album', $params['category_id'], 'edit', 'method='.$_REQUEST['method']);
pwg_activity('album', $params['category_id'], 'edit');
// return url of the new representative
$query = '
Oops, something went wrong.

0 comments on commit 940d1d2

Please sign in to comment.
You can’t perform that action at this time.