webcraftmedia/system
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

sai security improvements, sai log filter sort fix

Browse Source
This commit is contained in:
Ulf Gebhardt 2014-01-28 01:47:37 +01:00
parent 770702ddb4
commit abb11f5277
14 changed files with 153 additions and 15 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
db/connection/ConnectionMYS.php
View File

@ -9,7 +9,7 @@ class ConnectionMYS extends ConnectionAbstr {
public function __construct(DBInfo $dbinfo, $new_link = false, $client_flag = 0){
//$this->dbinfo = $dbinfo;
$this->connection = mysqli_connect($dbinfo->m_host, $dbinfo->m_user, $dbinfo->m_password, $new_link, $client_flag);
$this->connection = @mysqli_connect($dbinfo->m_host, $dbinfo->m_user, $dbinfo->m_password, $new_link, $client_flag);
if(!$this->connection){
throw new \SYSTEM\LOG\ERROR('Could not connect to Database. Check ur Database Settings');}

4
dbd/qq/SYS_SAIMOD_LOG_FILTER.php
View File

@ -10,12 +10,12 @@ class SYS_SAIMOD_LOG_FILTER extends \SYSTEM\DB\QP {
' ON '.\SYSTEM\DBD\system_log::NAME_PG.'.'.\SYSTEM\DBD\system_log::FIELD_USER.
' = '.\SYSTEM\DBD\system_user::NAME_PG.'.'.\SYSTEM\DBD\system_user::FIELD_ID.
' WHERE '.\SYSTEM\DBD\system_log::FIELD_CLASS.' LIKE $1'.
' ORDER BY '.\SYSTEM\DBD\system_log::FIELD_TIME.' DESC LIMIT 100;',
' ORDER BY '.\SYSTEM\DBD\system_log::FIELD_TIME.' DESC, '.\SYSTEM\DBD\system_log::NAME_PG.'.'.\SYSTEM\DBD\system_log::FIELD_ID.' DESC LIMIT 100;',
//mys
'SELECT * FROM '.\SYSTEM\DBD\system_log::NAME_MYS.
' LEFT JOIN '.\SYSTEM\DBD\system_user::NAME_MYS.
' ON '.\SYSTEM\DBD\system_log::NAME_MYS.'.'.\SYSTEM\DBD\system_log::FIELD_USER.
' = '.\SYSTEM\DBD\system_user::NAME_MYS.'.'.\SYSTEM\DBD\system_user::FIELD_ID.
' WHERE '.\SYSTEM\DBD\system_log::FIELD_CLASS.' LIKE ?'.
' ORDER BY '.\SYSTEM\DBD\system_log::FIELD_TIME.' DESC LIMIT 100;'
' ORDER BY '.\SYSTEM\DBD\system_log::FIELD_TIME.' DESC, '.\SYSTEM\DBD\system_log::NAME_MYS.'.'.\SYSTEM\DBD\system_log::FIELD_ID.' DESC LIMIT 100;'
);}}

13
dbd/qq/SYS_SAIMOD_SECURITY_RIGHT_CHECK.php Normal file
View File

@ -0,0 +1,13 @@
<?php
namespace SYSTEM\DBD;
class SYS_SAIMOD_SECURITY_RIGHT_CHECK extends \SYSTEM\DB\QP {
protected static function query(){
return new \SYSTEM\DB\QQuery(get_class(),
//pg
'',
//mys
'SELECT * FROM system_rights'.
' WHERE ID = ?;'
);}}

13
dbd/qq/SYS_SAIMOD_SECURITY_RIGHT_DELETE.php Normal file
View File

@ -0,0 +1,13 @@
<?php
namespace SYSTEM\DBD;
class SYS_SAIMOD_SECURITY_RIGHT_DELETE extends \SYSTEM\DB\QP {
protected static function query(){
return new \SYSTEM\DB\QQuery(get_class(),
//pg
'',
//mys
'DELETE FROM system_rights'.
' WHERE ID = ?;'
);}}

13
dbd/qq/SYS_SAIMOD_SECURITY_RIGHT_INSERT.php Normal file
View File

@ -0,0 +1,13 @@
<?php
namespace SYSTEM\DBD;
class SYS_SAIMOD_SECURITY_RIGHT_INSERT extends \SYSTEM\DB\QP {
protected static function query(){
return new \SYSTEM\DB\QQuery(get_class(),
//pg
'',
//mys
'INSERT IGNORE INTO system_rights (ID, name, description)'.
' VALUES(?, ?, ?);'
);}}

2
log/error_handler/error_handler_dbwriter.php
View File

@ -22,7 +22,7 @@ class error_handler_dbwriter extends \SYSTEM\LOG\error_handler {
($user = \SYSTEM\SECURITY\Security::getUser()) ? $user->id : null,$thrown));
if(\property_exists(get_class($E), 'logged')){
$E->logged = true;} //we just did log
} catch (\Exception $E){} //Error -> Ignore
} catch (\Exception $E){return false;} //Error -> Ignore
return false; //We just log and do not handle the error!
}

55
sai/modules/saimod_sys_security/saimod_sys_security.js
View File

@ -13,7 +13,7 @@ function load_security_tab(action){
$('img#loader').show();
switch(action){
case 'users':
$('#tab_users').load(SAI_ENDPOINT+'sai_mod=.SYSTEM.SAI.saimod_sys_security&action='+action+'&search='+user_search, function(){
$('#tab_users').load(SAI_ENDPOINT+'sai_mod=.SYSTEM.SAI.saimod_sys_security&action='+action+'&search='+encodeURIComponent(user_search), function(){
register_users();
$('img#loader').hide();});
return;
@ -26,6 +26,10 @@ function load_security_tab(action){
$('#tab_groups').load(SAI_ENDPOINT+'sai_mod=.SYSTEM.SAI.saimod_sys_security&action='+action, function(){
$('img#loader').hide();});
return;
case 'stats':
$('#tab_stats').load(SAI_ENDPOINT+'sai_mod=.SYSTEM.SAI.saimod_sys_security&action='+action, function(){
$('img#loader').hide();});
return;
default:
$('img#loader').hide();
}
@ -33,9 +37,54 @@ function load_security_tab(action){
function register_rights(){
$('#new_right').click(function(){
$('#tab_rights').load(SAI_ENDPOINT+'sai_mod=.SYSTEM.SAI.saimod_sys_security&action=newright');
$('#tab_rights').load(SAI_ENDPOINT+'sai_mod=.SYSTEM.SAI.saimod_sys_security&action=newright',function(){
register_newright();
});
});
$('.right_edit').click(function(){
alert('todo');
});
$('.right_delete').click(function(){
$('#tab_rights').load(SAI_ENDPOINT+'sai_mod=.SYSTEM.SAI.saimod_sys_security&action=deleterightconfirm&id='+$(this).attr('right_id'),function(){
register_deleteright();
});
});
}
function register_deleteright(){
$('#deleteright_confirm').click(function(){
$.get( SAI_ENDPOINT+'sai_mod=.SYSTEM.SAI.saimod_sys_security&action=deleteright&id='+$(this).attr('right_id'),
function(data){
if(data==1){
alert('sucess');
} else {
alert('fail');
}
});
});
$('#deleteright_abort').click(function(){
load_security_tab('rights');
});
}
function register_newright(){
$('#addright').click(function(){
$.get( SAI_ENDPOINT+
'sai_mod=.SYSTEM.SAI.saimod_sys_security&action=addright&id='+$('#addright_id').val()+
'&name='+encodeURIComponent($('#addright_name').val())+
'&description='+encodeURIComponent($('#addright_description').val()),function(data){
if(data==1){
alert('sucess');
} else {
alert('fail');
}
});
})
}
function register_users(){
$('#user_go').click(function(){
user_search = $('#user_search').val();
@ -43,6 +92,6 @@ function register_users(){
});
$('#user_search').val(user_search);
$('.user_entry').click(function(){
$('#tab_users').load(SAI_ENDPOINT+'sai_mod=.SYSTEM.SAI.saimod_sys_security&action=user&username='+$(this).attr('username'));
$('#tab_users').load(SAI_ENDPOINT+'sai_mod=.SYSTEM.SAI.saimod_sys_security&action=user&username='+encodeURIComponent($(this).attr('username')));
});
}

21
sai/modules/saimod_sys_security/saimod_sys_security.php
View File

@ -17,12 +17,23 @@ class saimod_sys_security extends \SYSTEM\SAI\SaiModule {
return \SYSTEM\PAGE\replace::replaceFile(\SYSTEM\SERVERPATH(new \SYSTEM\PSAI(),'modules/saimod_sys_security/saimod_sys_security_rights.tpl'),array('rows' => $rows));
}
public static function sai_mod__SYSTEM_SAI_saimod_sys_security_action_addright($id,$name,$description){
//TODO rightcheck
return \SYSTEM\DBD\SYS_SAIMOD_SECURITY_RIGHT_INSERT::QI(array($id,$name,$description));}
public static function sai_mod__SYSTEM_SAI_saimod_sys_security_action_deleterightconfirm($id){
//TODO rightcheck
$vars = \SYSTEM\DBD\SYS_SAIMOD_SECURITY_RIGHT_CHECK::Q1(array($id));
return \SYSTEM\PAGE\replace::replaceFile(\SYSTEM\SERVERPATH(new \SYSTEM\PSAI(),'modules/saimod_sys_security/saimod_sys_security_deleteright.tpl'),$vars);}
public static function sai_mod__SYSTEM_SAI_saimod_sys_security_action_deleteright($id){
//TODO rightcheck
return \SYSTEM\DBD\SYS_SAIMOD_SECURITY_RIGHT_DELETE::QI(array($id));}
private static function user_actions($userid){
$count = \SYSTEM\DBD\SYS_SAIMOD_SECURITY_USER_LOG_COUNT::Q1(array($userid));
$res = \SYSTEM\DBD\SYS_SAIMOD_SECURITY_USER_LOG::QQ(array($userid));
$table='';
while($r = $res->next()){
//print_r($r);
while($r = $res->next()){
$r['class_row'] = \SYSTEM\SAI\saimod_sys_log::tablerow_class($r['class']);
$r['time'] = self::time_elapsed_string(strtotime($r['time']));
$r['message'] = substr($r['message'],0,255);
@ -34,10 +45,14 @@ class saimod_sys_security extends \SYSTEM\SAI\SaiModule {
return \SYSTEM\PAGE\replace::replaceFile(\SYSTEM\SERVERPATH(new \SYSTEM\PSAI(),'modules/saimod_sys_log/saimod_sys_log_table.tpl'), $vars);
}
public static function sai_mod__SYSTEM_SAI_saimod_sys_security_action_stats(){
return \SYSTEM\PAGE\replace::replaceFile(\SYSTEM\SERVERPATH(new \SYSTEM\PSAI(),'modules/saimod_sys_security/saimod_sys_security_stats.tpl'),array());
}
public static function sai_mod__SYSTEM_SAI_saimod_sys_security_action_user($username){
$vars = \SYSTEM\DBD\SYS_SAIMOD_SECURITY_USER::Q1(array($username));
$vars['time_elapsed'] = self::time_elapsed_string($vars['last_active']);
$vars['user_actions'] = self::user_actions($vars['id']);
$vars['user_actions'] = array_key_exists('id', $vars) ? self::user_actions($vars['id']) : '';
return \SYSTEM\PAGE\replace::replaceFile(\SYSTEM\SERVERPATH(new \SYSTEM\PSAI(),'modules/saimod_sys_security/saimod_sys_security_user_view.tpl'),$vars);
}

2
sai/modules/saimod_sys_security/saimod_sys_security.tpl
View File

@ -3,11 +3,13 @@
<li class="active"><a href="#tab_users" action="users">Users</a></li>
<li><a href="#tab_rights" action="rights">Rights</a></li>
<li><a href="#tab_groups" action="groups">Groups</a></li>
<li><a href="#tab_stats" action="stats">Stats</a></li>
<img id="loader" src="${PICPATH}ajax-loader.gif" style="margin-left: 10px; margin-top: 10px; display: none; float: left"/>
</ul>
<div class="tab-content">
<div class="tab-pane active" id="tab_users"></div>
<div class="tab-pane" id="tab_rights"></div>
<div class="tab-pane" id="tab_groups"></div>
<div class="tab-pane" id="tab_stats"></div>
</div>
</div>

17
sai/modules/saimod_sys_security/saimod_sys_security_deleteright.tpl Normal file
View File

@ -0,0 +1,17 @@
<h4>Delete Right</h4>
<table class="table">
<tr>
<td>ID</td>
<td>${ID}</td>
</tr>
<tr>
<td>Name</td>
<td>${name}</td>
</tr>
<tr>
<td>Description</td>
<td>${description}</td>
</tr>
</table>
<input id="deleteright_confirm" class="btn-danger btn" right_id="${ID}" type="submit" value="Delete"/>
<input id="deleteright_abort" class="btn" type="submit" value="Abort"/>

17
sai/modules/saimod_sys_security/saimod_sys_security_newright.tpl
View File

@ -1 +1,16 @@
new right
<h4>New Right</h4>
<table class="table">
<tr>
<td>ID</td>
<td><input id="addright_id" type="number" value="1"/></td>
</tr>
<tr>
<td>Name</td>
<td><input id="addright_name" type="text"/></td>
</tr>
<tr>
<td>Description</td>
<td><input id="addright_description" type="text"/></td>
</tr>
</table>
<input id="addright" class="btn" type="submit" value="Add"/>

6
sai/modules/saimod_sys_security/saimod_sys_security_right.tpl
View File

@ -1,9 +1,9 @@
<tr>
<td>${ID}</td>
<td>${name}</td>
<td>${description}</td>
<td>${description}</td>
<td>
<input type="submit" class="btn-danger" value="delete" delright="${ID}">
<input type="submit" class="btn" value="edit" editright="${ID}">
<input type="submit" class="btn-danger right_delete" value="delete" right_id="${ID}">
<input type="submit" class="btn right_edit" value="edit" right_id="${ID}">
</td>
</tr>

1
sai/modules/saimod_sys_security/saimod_sys_security_stats.tpl Normal file
View File

@ -0,0 +1 @@
No Stats available yet.

2
sai/sai/saigui.php
View File

@ -19,7 +19,7 @@ class saigui extends \SYSTEM\PAGE\Page {
\array_search($classname, $mods) !== false &&
( \call_user_func(array($classname, 'right_public')) ||
\call_user_func(array($classname, 'right_right')))){
return \SYSTEM\API\api::run('\SYSTEM\API\verify', $classname , $pg, 42, false, false);
return \SYSTEM\API\api::run('\SYSTEM\API\verify', $classname , $pg, 42, true, false);
} else {
return '<meta http-equiv="refresh" content="5">You are no longer logged in. Page reload in 5sec...';}
} else {