sai security improvements, sai log filter sort fix
This commit is contained in:
parent
770702ddb4
commit
abb11f5277
@ -9,7 +9,7 @@ class ConnectionMYS extends ConnectionAbstr {
|
|||||||
public function __construct(DBInfo $dbinfo, $new_link = false, $client_flag = 0){
|
public function __construct(DBInfo $dbinfo, $new_link = false, $client_flag = 0){
|
||||||
//$this->dbinfo = $dbinfo;
|
//$this->dbinfo = $dbinfo;
|
||||||
|
|
||||||
$this->connection = mysqli_connect($dbinfo->m_host, $dbinfo->m_user, $dbinfo->m_password, $new_link, $client_flag);
|
$this->connection = @mysqli_connect($dbinfo->m_host, $dbinfo->m_user, $dbinfo->m_password, $new_link, $client_flag);
|
||||||
if(!$this->connection){
|
if(!$this->connection){
|
||||||
throw new \SYSTEM\LOG\ERROR('Could not connect to Database. Check ur Database Settings');}
|
throw new \SYSTEM\LOG\ERROR('Could not connect to Database. Check ur Database Settings');}
|
||||||
|
|
||||||
|
|||||||
@ -10,12 +10,12 @@ class SYS_SAIMOD_LOG_FILTER extends \SYSTEM\DB\QP {
|
|||||||
' ON '.\SYSTEM\DBD\system_log::NAME_PG.'.'.\SYSTEM\DBD\system_log::FIELD_USER.
|
' ON '.\SYSTEM\DBD\system_log::NAME_PG.'.'.\SYSTEM\DBD\system_log::FIELD_USER.
|
||||||
' = '.\SYSTEM\DBD\system_user::NAME_PG.'.'.\SYSTEM\DBD\system_user::FIELD_ID.
|
' = '.\SYSTEM\DBD\system_user::NAME_PG.'.'.\SYSTEM\DBD\system_user::FIELD_ID.
|
||||||
' WHERE '.\SYSTEM\DBD\system_log::FIELD_CLASS.' LIKE $1'.
|
' WHERE '.\SYSTEM\DBD\system_log::FIELD_CLASS.' LIKE $1'.
|
||||||
' ORDER BY '.\SYSTEM\DBD\system_log::FIELD_TIME.' DESC LIMIT 100;',
|
' ORDER BY '.\SYSTEM\DBD\system_log::FIELD_TIME.' DESC, '.\SYSTEM\DBD\system_log::NAME_PG.'.'.\SYSTEM\DBD\system_log::FIELD_ID.' DESC LIMIT 100;',
|
||||||
//mys
|
//mys
|
||||||
'SELECT * FROM '.\SYSTEM\DBD\system_log::NAME_MYS.
|
'SELECT * FROM '.\SYSTEM\DBD\system_log::NAME_MYS.
|
||||||
' LEFT JOIN '.\SYSTEM\DBD\system_user::NAME_MYS.
|
' LEFT JOIN '.\SYSTEM\DBD\system_user::NAME_MYS.
|
||||||
' ON '.\SYSTEM\DBD\system_log::NAME_MYS.'.'.\SYSTEM\DBD\system_log::FIELD_USER.
|
' ON '.\SYSTEM\DBD\system_log::NAME_MYS.'.'.\SYSTEM\DBD\system_log::FIELD_USER.
|
||||||
' = '.\SYSTEM\DBD\system_user::NAME_MYS.'.'.\SYSTEM\DBD\system_user::FIELD_ID.
|
' = '.\SYSTEM\DBD\system_user::NAME_MYS.'.'.\SYSTEM\DBD\system_user::FIELD_ID.
|
||||||
' WHERE '.\SYSTEM\DBD\system_log::FIELD_CLASS.' LIKE ?'.
|
' WHERE '.\SYSTEM\DBD\system_log::FIELD_CLASS.' LIKE ?'.
|
||||||
' ORDER BY '.\SYSTEM\DBD\system_log::FIELD_TIME.' DESC LIMIT 100;'
|
' ORDER BY '.\SYSTEM\DBD\system_log::FIELD_TIME.' DESC, '.\SYSTEM\DBD\system_log::NAME_MYS.'.'.\SYSTEM\DBD\system_log::FIELD_ID.' DESC LIMIT 100;'
|
||||||
);}}
|
);}}
|
||||||
|
|||||||
13
dbd/qq/SYS_SAIMOD_SECURITY_RIGHT_CHECK.php
Normal file
13
dbd/qq/SYS_SAIMOD_SECURITY_RIGHT_CHECK.php
Normal file
@ -0,0 +1,13 @@
|
|||||||
|
<?php
|
||||||
|
namespace SYSTEM\DBD;
|
||||||
|
|
||||||
|
class SYS_SAIMOD_SECURITY_RIGHT_CHECK extends \SYSTEM\DB\QP {
|
||||||
|
protected static function query(){
|
||||||
|
return new \SYSTEM\DB\QQuery(get_class(),
|
||||||
|
//pg
|
||||||
|
'',
|
||||||
|
//mys
|
||||||
|
'SELECT * FROM system_rights'.
|
||||||
|
' WHERE ID = ?;'
|
||||||
|
);}}
|
||||||
|
|
||||||
13
dbd/qq/SYS_SAIMOD_SECURITY_RIGHT_DELETE.php
Normal file
13
dbd/qq/SYS_SAIMOD_SECURITY_RIGHT_DELETE.php
Normal file
@ -0,0 +1,13 @@
|
|||||||
|
<?php
|
||||||
|
namespace SYSTEM\DBD;
|
||||||
|
|
||||||
|
class SYS_SAIMOD_SECURITY_RIGHT_DELETE extends \SYSTEM\DB\QP {
|
||||||
|
protected static function query(){
|
||||||
|
return new \SYSTEM\DB\QQuery(get_class(),
|
||||||
|
//pg
|
||||||
|
'',
|
||||||
|
//mys
|
||||||
|
'DELETE FROM system_rights'.
|
||||||
|
' WHERE ID = ?;'
|
||||||
|
);}}
|
||||||
|
|
||||||
13
dbd/qq/SYS_SAIMOD_SECURITY_RIGHT_INSERT.php
Normal file
13
dbd/qq/SYS_SAIMOD_SECURITY_RIGHT_INSERT.php
Normal file
@ -0,0 +1,13 @@
|
|||||||
|
<?php
|
||||||
|
namespace SYSTEM\DBD;
|
||||||
|
|
||||||
|
class SYS_SAIMOD_SECURITY_RIGHT_INSERT extends \SYSTEM\DB\QP {
|
||||||
|
protected static function query(){
|
||||||
|
return new \SYSTEM\DB\QQuery(get_class(),
|
||||||
|
//pg
|
||||||
|
'',
|
||||||
|
//mys
|
||||||
|
'INSERT IGNORE INTO system_rights (ID, name, description)'.
|
||||||
|
' VALUES(?, ?, ?);'
|
||||||
|
);}}
|
||||||
|
|
||||||
@ -22,7 +22,7 @@ class error_handler_dbwriter extends \SYSTEM\LOG\error_handler {
|
|||||||
($user = \SYSTEM\SECURITY\Security::getUser()) ? $user->id : null,$thrown));
|
($user = \SYSTEM\SECURITY\Security::getUser()) ? $user->id : null,$thrown));
|
||||||
if(\property_exists(get_class($E), 'logged')){
|
if(\property_exists(get_class($E), 'logged')){
|
||||||
$E->logged = true;} //we just did log
|
$E->logged = true;} //we just did log
|
||||||
} catch (\Exception $E){} //Error -> Ignore
|
} catch (\Exception $E){return false;} //Error -> Ignore
|
||||||
|
|
||||||
return false; //We just log and do not handle the error!
|
return false; //We just log and do not handle the error!
|
||||||
}
|
}
|
||||||
|
|||||||
@ -13,7 +13,7 @@ function load_security_tab(action){
|
|||||||
$('img#loader').show();
|
$('img#loader').show();
|
||||||
switch(action){
|
switch(action){
|
||||||
case 'users':
|
case 'users':
|
||||||
$('#tab_users').load(SAI_ENDPOINT+'sai_mod=.SYSTEM.SAI.saimod_sys_security&action='+action+'&search='+user_search, function(){
|
$('#tab_users').load(SAI_ENDPOINT+'sai_mod=.SYSTEM.SAI.saimod_sys_security&action='+action+'&search='+encodeURIComponent(user_search), function(){
|
||||||
register_users();
|
register_users();
|
||||||
$('img#loader').hide();});
|
$('img#loader').hide();});
|
||||||
return;
|
return;
|
||||||
@ -26,6 +26,10 @@ function load_security_tab(action){
|
|||||||
$('#tab_groups').load(SAI_ENDPOINT+'sai_mod=.SYSTEM.SAI.saimod_sys_security&action='+action, function(){
|
$('#tab_groups').load(SAI_ENDPOINT+'sai_mod=.SYSTEM.SAI.saimod_sys_security&action='+action, function(){
|
||||||
$('img#loader').hide();});
|
$('img#loader').hide();});
|
||||||
return;
|
return;
|
||||||
|
case 'stats':
|
||||||
|
$('#tab_stats').load(SAI_ENDPOINT+'sai_mod=.SYSTEM.SAI.saimod_sys_security&action='+action, function(){
|
||||||
|
$('img#loader').hide();});
|
||||||
|
return;
|
||||||
default:
|
default:
|
||||||
$('img#loader').hide();
|
$('img#loader').hide();
|
||||||
}
|
}
|
||||||
@ -33,9 +37,54 @@ function load_security_tab(action){
|
|||||||
|
|
||||||
function register_rights(){
|
function register_rights(){
|
||||||
$('#new_right').click(function(){
|
$('#new_right').click(function(){
|
||||||
$('#tab_rights').load(SAI_ENDPOINT+'sai_mod=.SYSTEM.SAI.saimod_sys_security&action=newright');
|
$('#tab_rights').load(SAI_ENDPOINT+'sai_mod=.SYSTEM.SAI.saimod_sys_security&action=newright',function(){
|
||||||
|
register_newright();
|
||||||
|
});
|
||||||
|
});
|
||||||
|
|
||||||
|
$('.right_edit').click(function(){
|
||||||
|
alert('todo');
|
||||||
|
});
|
||||||
|
|
||||||
|
$('.right_delete').click(function(){
|
||||||
|
$('#tab_rights').load(SAI_ENDPOINT+'sai_mod=.SYSTEM.SAI.saimod_sys_security&action=deleterightconfirm&id='+$(this).attr('right_id'),function(){
|
||||||
|
register_deleteright();
|
||||||
|
});
|
||||||
});
|
});
|
||||||
}
|
}
|
||||||
|
|
||||||
|
function register_deleteright(){
|
||||||
|
$('#deleteright_confirm').click(function(){
|
||||||
|
$.get( SAI_ENDPOINT+'sai_mod=.SYSTEM.SAI.saimod_sys_security&action=deleteright&id='+$(this).attr('right_id'),
|
||||||
|
function(data){
|
||||||
|
if(data==1){
|
||||||
|
alert('sucess');
|
||||||
|
} else {
|
||||||
|
alert('fail');
|
||||||
|
}
|
||||||
|
});
|
||||||
|
});
|
||||||
|
|
||||||
|
$('#deleteright_abort').click(function(){
|
||||||
|
load_security_tab('rights');
|
||||||
|
});
|
||||||
|
}
|
||||||
|
|
||||||
|
function register_newright(){
|
||||||
|
$('#addright').click(function(){
|
||||||
|
$.get( SAI_ENDPOINT+
|
||||||
|
'sai_mod=.SYSTEM.SAI.saimod_sys_security&action=addright&id='+$('#addright_id').val()+
|
||||||
|
'&name='+encodeURIComponent($('#addright_name').val())+
|
||||||
|
'&description='+encodeURIComponent($('#addright_description').val()),function(data){
|
||||||
|
if(data==1){
|
||||||
|
alert('sucess');
|
||||||
|
} else {
|
||||||
|
alert('fail');
|
||||||
|
}
|
||||||
|
});
|
||||||
|
})
|
||||||
|
}
|
||||||
|
|
||||||
function register_users(){
|
function register_users(){
|
||||||
$('#user_go').click(function(){
|
$('#user_go').click(function(){
|
||||||
user_search = $('#user_search').val();
|
user_search = $('#user_search').val();
|
||||||
@ -43,6 +92,6 @@ function register_users(){
|
|||||||
});
|
});
|
||||||
$('#user_search').val(user_search);
|
$('#user_search').val(user_search);
|
||||||
$('.user_entry').click(function(){
|
$('.user_entry').click(function(){
|
||||||
$('#tab_users').load(SAI_ENDPOINT+'sai_mod=.SYSTEM.SAI.saimod_sys_security&action=user&username='+$(this).attr('username'));
|
$('#tab_users').load(SAI_ENDPOINT+'sai_mod=.SYSTEM.SAI.saimod_sys_security&action=user&username='+encodeURIComponent($(this).attr('username')));
|
||||||
});
|
});
|
||||||
}
|
}
|
||||||
@ -17,12 +17,23 @@ class saimod_sys_security extends \SYSTEM\SAI\SaiModule {
|
|||||||
return \SYSTEM\PAGE\replace::replaceFile(\SYSTEM\SERVERPATH(new \SYSTEM\PSAI(),'modules/saimod_sys_security/saimod_sys_security_rights.tpl'),array('rows' => $rows));
|
return \SYSTEM\PAGE\replace::replaceFile(\SYSTEM\SERVERPATH(new \SYSTEM\PSAI(),'modules/saimod_sys_security/saimod_sys_security_rights.tpl'),array('rows' => $rows));
|
||||||
}
|
}
|
||||||
|
|
||||||
|
public static function sai_mod__SYSTEM_SAI_saimod_sys_security_action_addright($id,$name,$description){
|
||||||
|
//TODO rightcheck
|
||||||
|
return \SYSTEM\DBD\SYS_SAIMOD_SECURITY_RIGHT_INSERT::QI(array($id,$name,$description));}
|
||||||
|
public static function sai_mod__SYSTEM_SAI_saimod_sys_security_action_deleterightconfirm($id){
|
||||||
|
//TODO rightcheck
|
||||||
|
$vars = \SYSTEM\DBD\SYS_SAIMOD_SECURITY_RIGHT_CHECK::Q1(array($id));
|
||||||
|
return \SYSTEM\PAGE\replace::replaceFile(\SYSTEM\SERVERPATH(new \SYSTEM\PSAI(),'modules/saimod_sys_security/saimod_sys_security_deleteright.tpl'),$vars);}
|
||||||
|
|
||||||
|
public static function sai_mod__SYSTEM_SAI_saimod_sys_security_action_deleteright($id){
|
||||||
|
//TODO rightcheck
|
||||||
|
return \SYSTEM\DBD\SYS_SAIMOD_SECURITY_RIGHT_DELETE::QI(array($id));}
|
||||||
|
|
||||||
private static function user_actions($userid){
|
private static function user_actions($userid){
|
||||||
$count = \SYSTEM\DBD\SYS_SAIMOD_SECURITY_USER_LOG_COUNT::Q1(array($userid));
|
$count = \SYSTEM\DBD\SYS_SAIMOD_SECURITY_USER_LOG_COUNT::Q1(array($userid));
|
||||||
$res = \SYSTEM\DBD\SYS_SAIMOD_SECURITY_USER_LOG::QQ(array($userid));
|
$res = \SYSTEM\DBD\SYS_SAIMOD_SECURITY_USER_LOG::QQ(array($userid));
|
||||||
$table='';
|
$table='';
|
||||||
while($r = $res->next()){
|
while($r = $res->next()){
|
||||||
//print_r($r);
|
|
||||||
$r['class_row'] = \SYSTEM\SAI\saimod_sys_log::tablerow_class($r['class']);
|
$r['class_row'] = \SYSTEM\SAI\saimod_sys_log::tablerow_class($r['class']);
|
||||||
$r['time'] = self::time_elapsed_string(strtotime($r['time']));
|
$r['time'] = self::time_elapsed_string(strtotime($r['time']));
|
||||||
$r['message'] = substr($r['message'],0,255);
|
$r['message'] = substr($r['message'],0,255);
|
||||||
@ -34,10 +45,14 @@ class saimod_sys_security extends \SYSTEM\SAI\SaiModule {
|
|||||||
return \SYSTEM\PAGE\replace::replaceFile(\SYSTEM\SERVERPATH(new \SYSTEM\PSAI(),'modules/saimod_sys_log/saimod_sys_log_table.tpl'), $vars);
|
return \SYSTEM\PAGE\replace::replaceFile(\SYSTEM\SERVERPATH(new \SYSTEM\PSAI(),'modules/saimod_sys_log/saimod_sys_log_table.tpl'), $vars);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
public static function sai_mod__SYSTEM_SAI_saimod_sys_security_action_stats(){
|
||||||
|
return \SYSTEM\PAGE\replace::replaceFile(\SYSTEM\SERVERPATH(new \SYSTEM\PSAI(),'modules/saimod_sys_security/saimod_sys_security_stats.tpl'),array());
|
||||||
|
}
|
||||||
|
|
||||||
public static function sai_mod__SYSTEM_SAI_saimod_sys_security_action_user($username){
|
public static function sai_mod__SYSTEM_SAI_saimod_sys_security_action_user($username){
|
||||||
$vars = \SYSTEM\DBD\SYS_SAIMOD_SECURITY_USER::Q1(array($username));
|
$vars = \SYSTEM\DBD\SYS_SAIMOD_SECURITY_USER::Q1(array($username));
|
||||||
$vars['time_elapsed'] = self::time_elapsed_string($vars['last_active']);
|
$vars['time_elapsed'] = self::time_elapsed_string($vars['last_active']);
|
||||||
$vars['user_actions'] = self::user_actions($vars['id']);
|
$vars['user_actions'] = array_key_exists('id', $vars) ? self::user_actions($vars['id']) : '';
|
||||||
return \SYSTEM\PAGE\replace::replaceFile(\SYSTEM\SERVERPATH(new \SYSTEM\PSAI(),'modules/saimod_sys_security/saimod_sys_security_user_view.tpl'),$vars);
|
return \SYSTEM\PAGE\replace::replaceFile(\SYSTEM\SERVERPATH(new \SYSTEM\PSAI(),'modules/saimod_sys_security/saimod_sys_security_user_view.tpl'),$vars);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|||||||
@ -3,11 +3,13 @@
|
|||||||
<li class="active"><a href="#tab_users" action="users">Users</a></li>
|
<li class="active"><a href="#tab_users" action="users">Users</a></li>
|
||||||
<li><a href="#tab_rights" action="rights">Rights</a></li>
|
<li><a href="#tab_rights" action="rights">Rights</a></li>
|
||||||
<li><a href="#tab_groups" action="groups">Groups</a></li>
|
<li><a href="#tab_groups" action="groups">Groups</a></li>
|
||||||
|
<li><a href="#tab_stats" action="stats">Stats</a></li>
|
||||||
<img id="loader" src="${PICPATH}ajax-loader.gif" style="margin-left: 10px; margin-top: 10px; display: none; float: left"/>
|
<img id="loader" src="${PICPATH}ajax-loader.gif" style="margin-left: 10px; margin-top: 10px; display: none; float: left"/>
|
||||||
</ul>
|
</ul>
|
||||||
<div class="tab-content">
|
<div class="tab-content">
|
||||||
<div class="tab-pane active" id="tab_users"></div>
|
<div class="tab-pane active" id="tab_users"></div>
|
||||||
<div class="tab-pane" id="tab_rights"></div>
|
<div class="tab-pane" id="tab_rights"></div>
|
||||||
<div class="tab-pane" id="tab_groups"></div>
|
<div class="tab-pane" id="tab_groups"></div>
|
||||||
|
<div class="tab-pane" id="tab_stats"></div>
|
||||||
</div>
|
</div>
|
||||||
</div>
|
</div>
|
||||||
@ -0,0 +1,17 @@
|
|||||||
|
<h4>Delete Right</h4>
|
||||||
|
<table class="table">
|
||||||
|
<tr>
|
||||||
|
<td>ID</td>
|
||||||
|
<td>${ID}</td>
|
||||||
|
</tr>
|
||||||
|
<tr>
|
||||||
|
<td>Name</td>
|
||||||
|
<td>${name}</td>
|
||||||
|
</tr>
|
||||||
|
<tr>
|
||||||
|
<td>Description</td>
|
||||||
|
<td>${description}</td>
|
||||||
|
</tr>
|
||||||
|
</table>
|
||||||
|
<input id="deleteright_confirm" class="btn-danger btn" right_id="${ID}" type="submit" value="Delete"/>
|
||||||
|
<input id="deleteright_abort" class="btn" type="submit" value="Abort"/>
|
||||||
@ -1 +1,16 @@
|
|||||||
new right
|
<h4>New Right</h4>
|
||||||
|
<table class="table">
|
||||||
|
<tr>
|
||||||
|
<td>ID</td>
|
||||||
|
<td><input id="addright_id" type="number" value="1"/></td>
|
||||||
|
</tr>
|
||||||
|
<tr>
|
||||||
|
<td>Name</td>
|
||||||
|
<td><input id="addright_name" type="text"/></td>
|
||||||
|
</tr>
|
||||||
|
<tr>
|
||||||
|
<td>Description</td>
|
||||||
|
<td><input id="addright_description" type="text"/></td>
|
||||||
|
</tr>
|
||||||
|
</table>
|
||||||
|
<input id="addright" class="btn" type="submit" value="Add"/>
|
||||||
@ -1,9 +1,9 @@
|
|||||||
<tr>
|
<tr>
|
||||||
<td>${ID}</td>
|
<td>${ID}</td>
|
||||||
<td>${name}</td>
|
<td>${name}</td>
|
||||||
<td>${description}</td>
|
<td>${description}</td>
|
||||||
<td>
|
<td>
|
||||||
<input type="submit" class="btn-danger" value="delete" delright="${ID}">
|
<input type="submit" class="btn-danger right_delete" value="delete" right_id="${ID}">
|
||||||
<input type="submit" class="btn" value="edit" editright="${ID}">
|
<input type="submit" class="btn right_edit" value="edit" right_id="${ID}">
|
||||||
</td>
|
</td>
|
||||||
</tr>
|
</tr>
|
||||||
@ -0,0 +1 @@
|
|||||||
|
No Stats available yet.
|
||||||
@ -19,7 +19,7 @@ class saigui extends \SYSTEM\PAGE\Page {
|
|||||||
\array_search($classname, $mods) !== false &&
|
\array_search($classname, $mods) !== false &&
|
||||||
( \call_user_func(array($classname, 'right_public')) ||
|
( \call_user_func(array($classname, 'right_public')) ||
|
||||||
\call_user_func(array($classname, 'right_right')))){
|
\call_user_func(array($classname, 'right_right')))){
|
||||||
return \SYSTEM\API\api::run('\SYSTEM\API\verify', $classname , $pg, 42, false, false);
|
return \SYSTEM\API\api::run('\SYSTEM\API\verify', $classname , $pg, 42, true, false);
|
||||||
} else {
|
} else {
|
||||||
return '<meta http-equiv="refresh" content="5">You are no longer logged in. Page reload in 5sec...';}
|
return '<meta http-equiv="refresh" content="5">You are no longer logged in. Page reload in 5sec...';}
|
||||||
} else {
|
} else {
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user