/** * Generates and saves the AuditRequest data. */ private function recordAuditRequest() { // create new Audit $auditRequest = new AuditRequest(); // get info $auditRequest->created = time(); $auditRequest->user_id = Yii::app()->hasComponent('user') ? Yii::app()->user->id : 0; $auditRequest->link = $this->getCurrentLink(); $auditRequest->start_time = YII_BEGIN_TIME; $auditRequest->app = Yii::app()->id; $auditRequest->get = $_GET; $auditRequest->post = $_POST; $auditRequest->files = $_FILES; $auditRequest->session = $this->getShrinkedSession(); $auditRequest->cookie = $_COOKIE; $auditRequest->server = $_SERVER; $auditRequest->config = $this->getYiiConfig(); if (function_exists('getallheaders')) { $auditRequest->request_headers = getallheaders(); } if (function_exists('headers_list')) { $auditRequest->response_headers = headers_list(); } $auditRequest->php_input = $this->getRawPostData(); if (isset($_SERVER['HTTP_X_FORWARDED_FOR'])) { $auditRequest->ip = $_SERVER['HTTP_X_FORWARDED_FOR']; } elseif (isset($_SERVER['REMOTE_ADDR'])) { $auditRequest->ip = $_SERVER['REMOTE_ADDR']; } $auditRequest->referrer = isset($_SERVER['HTTP_REFERER']) ? $_SERVER['HTTP_REFERER'] : null; // remove passwords $auditRequest->get = $this->removeValuesWithPasswordKeys($auditRequest->get, $passwordRemovedFromGet); $auditRequest->post = $this->removeValuesWithPasswordKeys($auditRequest->post, $passwordRemovedFromPost); $auditRequest->server = $this->removeValuesWithPasswordKeys($auditRequest->server); $auditRequest->config = $this->removeValuesWithPasswordKeys($auditRequest->config); if ($auditRequest->request_headers) { $auditRequest->request_headers = $this->removeValuesWithPasswordKeys($auditRequest->request_headers); } if ($auditRequest->response_headers) { $auditRequest->response_headers = $this->removeValuesWithPasswordKeys($auditRequest->response_headers); } if (($passwordRemovedFromGet || $passwordRemovedFromPost) && $auditRequest->server) { $auditRequest->server = '*removed*'; } if ($passwordRemovedFromGet && $auditRequest->link) { $auditRequest->link = '*removed*'; } if ($passwordRemovedFromPost && $auditRequest->php_input) { $auditRequest->php_input = '*removed*'; } // set the closing data incase we are already in an endRequest if ($auditRequest->response_headers) { foreach ($auditRequest->response_headers as $header) { if (strpos(strtolower($header), 'location:') === 0) { $auditRequest->redirect = trim(substr($header, 9)); } } } // pack all $auditRequest->get = AuditHelper::pack($auditRequest->get); $auditRequest->post = AuditHelper::pack($auditRequest->post); $auditRequest->files = AuditHelper::pack($auditRequest->files); $auditRequest->session = AuditHelper::pack($auditRequest->session); $auditRequest->cookie = AuditHelper::pack($auditRequest->cookie); $auditRequest->server = AuditHelper::pack($auditRequest->server); $auditRequest->config = AuditHelper::pack($auditRequest->config); $auditRequest->request_headers = AuditHelper::pack($auditRequest->request_headers); $auditRequest->response_headers = AuditHelper::pack($auditRequest->response_headers); $auditRequest->php_input = AuditHelper::pack($auditRequest->php_input); // save $auditRequest->save(false); // add an event callback to update the audit at the end Yii::app()->onEndRequest = array($this, 'endAuditRequest'); return $auditRequest; }
/** * Generates and saves the AuditRequest data. */ private function recordAuditRequest() { // create new Audit $auditRequest = new AuditRequest(); // get info $auditRequest->created = time(); $auditRequest->user_id = Yii::app()->hasComponent('user') ? Yii::app()->user->id : 0; $auditRequest->link = $this->getCurrentLink(); $auditRequest->start_time = YII_BEGIN_TIME; $auditRequest->get = $_GET; $auditRequest->post = $_POST; $auditRequest->files = $_FILES; $auditRequest->session = $this->getShrinkedSession(); $auditRequest->cookie = $_COOKIE; $auditRequest->server = $_SERVER; $auditRequest->config = $this->getYiiConfig(); $auditRequest->ip = isset($_SERVER['REMOTE_ADDR']) ? $_SERVER['REMOTE_ADDR'] : null; $auditRequest->referrer = isset($_SERVER['HTTP_REFERER']) ? $_SERVER['HTTP_REFERER'] : null; // remove passwords $auditRequest->get = $this->removeValuesWithPasswordKeys($auditRequest->get, $passwordRemovedFromGet); $auditRequest->post = $this->removeValuesWithPasswordKeys($auditRequest->post, $passwordRemovedFromPost); $auditRequest->server = $this->removeValuesWithPasswordKeys($auditRequest->server); $auditRequest->config = $this->removeValuesWithPasswordKeys($auditRequest->config); if ($passwordRemovedFromGet || $passwordRemovedFromPost) { $auditRequest->server = null; } if ($passwordRemovedFromGet) { $auditRequest->link = null; } // pack all $auditRequest->get = AuditHelper::pack($auditRequest->get); $auditRequest->post = AuditHelper::pack($auditRequest->post); $auditRequest->files = AuditHelper::pack($auditRequest->files); $auditRequest->session = AuditHelper::pack($auditRequest->session); $auditRequest->cookie = AuditHelper::pack($auditRequest->cookie); $auditRequest->server = AuditHelper::pack($auditRequest->server); $auditRequest->config = AuditHelper::pack($auditRequest->config); // set the closing data incase we are already in an endRequest $headers = headers_list(); foreach ($headers as $header) { if (strpos(strtolower($header), 'location:') === 0) { $auditRequest->redirect = trim(substr($header, 9)); } } $auditRequest->memory_usage = memory_get_usage(); $auditRequest->memory_peak = memory_get_peak_usage(); $auditRequest->audit_field_count = $auditRequest->auditFieldCount; $auditRequest->end_time = microtime(true); $auditRequest->total_time = $auditRequest->end_time - $auditRequest->start_time; // save $auditRequest->save(false); // add an event callback to update the audit at the end Yii::app()->onEndRequest = array($this, 'endAuditRequest'); return $auditRequest; }