/**
* Logs an IP for an action.
*
* @param integer $userId User causing action
* @param string $contentType Type of content (user, post)
* @param integer $contentId ID of content
* @param string $action Action (insert, login)
* @param string|null $ipAddress IP address or null to pull from request
* @param integer|null $date Timestamp to tag IP with
*
* @return integer ID of inserted IP; 0 if no insert
*/
public function logIp($userId, $contentType, $contentId, $action, $ipAddress = null, $date = null)
{
$ipAddress = XenForo_Helper_Ip::getBinaryIp(null, $ipAddress);
if (!$ipAddress) {
return 0;
}
if ($date === null) {
$date = XenForo_Application::$time;
}
$this->_getDb()->insert('xf_ip', array('user_id' => $userId, 'content_type' => $contentType, 'content_id' => $contentId, 'action' => $action, 'ip' => $ipAddress, 'log_date' => max(0, $date)));
return $this->_getDb()->lastInsertId();
}
public function logAdminRequest(Zend_Controller_Request_Http $request, array $requestData = null, $ipAddress = null)
{
$baseUrl = $request->getBaseUrl();
$requestUri = $request->getRequestUri();
if (substr($requestUri, 0, strlen($baseUrl)) == $baseUrl) {
$routeBase = substr($requestUri, strlen($baseUrl));
$routeBase = preg_replace('/^\\?/', '', $routeBase);
} else {
$routeBase = $requestUri;
}
if ($requestData === null) {
$requestData = $this->_filterAdminLogRequestData($_POST);
}
$ipAddress = XenForo_Helper_Ip::getBinaryIp(null, $ipAddress, '');
$this->_getDb()->insert('xf_admin_log', array('request_date' => XenForo_Application::$time, 'user_id' => XenForo_Visitor::getUserId(), 'ip_address' => $ipAddress, 'request_url' => $routeBase, 'request_data' => json_encode($requestData)));
}
/**
* Logs that the spam handler was triggered, if the result was not allowed.
*
* @param string $contentType
* @param integer $contentId
* @param string|null $result
* @param array|null $details
* @param null|integer $userId
* @param null|string $ipAddress
*
* @return bool|int True if updated, false if no change, int ID if inserted
*/
public function logSpamTrigger($contentType, $contentId, $result = null, array $details = null, $userId = null, $ipAddress = null)
{
if ($result === null) {
$result = $this->getLastCheckResult();
}
switch ($result) {
case self::RESULT_DENIED:
case self::RESULT_MODERATED:
break;
default:
return false;
}
$ipAddress = XenForo_Helper_Ip::getBinaryIp(null, $ipAddress);
if ($userId === null) {
$userId = XenForo_Visitor::getUserId();
}
if (!$contentId) {
$contentId = null;
}
if ($contentType == 'user') {
$userId = $contentId ? $contentId : 0;
}
if ($details === null) {
$details = $this->getLastCheckDetails();
}
$requestPaths = XenForo_Application::get('requestPaths');
$request = array('url' => $requestPaths['fullUri'], 'referrer' => isset($_SERVER['HTTP_REFERER']) ? $_SERVER['HTTP_REFERER'] : '', '_GET' => $_GET, '_POST' => $_POST);
// don't log passwords
foreach ($request['_POST'] as $key => &$value) {
if (strpos($key, 'password') !== false || $key == '_xfToken') {
$value = '********';
}
}
$query = $this->_getDb()->query("\n\t\t\tINSERT INTO xf_spam_trigger_log\n\t\t\t\t(content_type, content_id, log_date, user_id, ip_address, result, details, request_state)\n\t\t\tVALUES\n\t\t\t\t(?, ?, ?, ?, ?, ?, ?, ?)\n\t\t\tON DUPLICATE KEY UPDATE\n\t\t\t\tlog_date = VALUES(log_date),\n\t\t\t\tuser_id = VALUES(user_id),\n\t\t\t\tip_address = VALUES(ip_address),\n\t\t\t\tresult = VALUES(result),\n\t\t\t\tdetails = VALUES(details),\n\t\t\t\trequest_state = VALUES(request_state)\n\t\t", array($contentType, $contentId, XenForo_Application::$time, $userId, $ipAddress, $result, serialize($details), serialize($request)));
return $query->rowCount() == 1 ? $this->_getDb()->lastInsertId() : true;
}
public static function logException($e, $rollbackTransactions = true, $messagePrefix = '')
{
$isValidArg = $e instanceof Exception || $e instanceof Throwable;
if (!$isValidArg) {
throw new Exception("logException requires an Exception or a Throwable");
}
try {
$db = XenForo_Application::getDb();
if ($db->getConnection()) {
if ($rollbackTransactions) {
@XenForo_Db::rollbackAll($db);
}
$dbVersionId = @$db->fetchOne("SELECT option_value FROM xf_option WHERE option_id = 'currentVersionId'");
if ($dbVersionId && $dbVersionId != XenForo_Application::$versionId) {
// do not log errors when an upgrade is pending
return;
}
if (!file_exists(XenForo_Helper_File::getInternalDataPath() . '/install-lock.php')) {
// install hasn't finished yet, don't write
return;
}
$rootDir = XenForo_Application::getInstance()->getRootDir();
$file = $e->getFile();
if (strpos($file, $rootDir) === 0) {
$file = substr($file, strlen($rootDir));
if (strlen($file) && ($file[0] == '/' || $file[0] == '\\')) {
$file = substr($file, 1);
}
}
$requestPaths = XenForo_Application::get('requestPaths');
$request = array('url' => $requestPaths['fullUri'], '_GET' => $_GET, '_POST' => $_POST);
// don't log passwords
foreach ($request['_POST'] as $key => &$value) {
if (strpos($key, 'password') !== false || $key == '_xfToken') {
$value = '********';
}
}
$db->insert('xf_error_log', array('exception_date' => XenForo_Application::$time, 'user_id' => XenForo_Visitor::hasInstance() ? XenForo_Visitor::getUserId() : null, 'ip_address' => XenForo_Helper_Ip::getBinaryIp(), 'exception_type' => get_class($e), 'message' => $messagePrefix . $e->getMessage(), 'filename' => $file, 'line' => $e->getLine(), 'trace_string' => $e->getTraceAsString(), 'request_state' => serialize($request)));
}
} catch (Exception $e) {
}
}
/**
* Updates the session activity of a user.
*
* @param integer $userId
* @param string $ip IP of visiting user
* @param string $controllerName Last controller class that was invoked
* @param string $action Last action that was invoked
* @param string $viewState Either "valid" or "error"
* @param array $inputParams List of special input params, to include to help get more info on current activity
* @param integer|null $viewDate The timestamp of the last page view; defaults to now
* @param string $robotKey
*/
public function updateSessionActivity($userId, $ip, $controllerName, $action, $viewState, array $inputParams, $viewDate = null, $robotKey = '')
{
$userId = intval($userId);
$ipNum = XenForo_Helper_Ip::getBinaryIp(null, $ip, '');
$uniqueKey = $userId ? $userId : $ipNum;
if ($userId) {
$robotKey = '';
}
if (!$viewDate) {
$viewDate = XenForo_Application::$time;
}
$logParams = array();
foreach ($inputParams as $paramKey => $paramValue) {
if (!strlen($paramKey) || $paramKey[0] == '_' || !is_scalar($paramValue)) {
continue;
}
$logParams[] = "{$paramKey}=" . urlencode($paramValue);
}
$paramList = implode('&', $logParams);
$paramList = substr($paramList, 0, 100);
$controllerName = substr($controllerName, 0, 50);
$action = substr($action, 0, 50);
try {
$this->_getDb()->query('
INSERT INTO xf_session_activity
(user_id, unique_key, ip, controller_name, controller_action, view_state, params, view_date, robot_key)
VALUES
(?, ?, ?, ?, ?, ?, ?, ?, ?)
ON DUPLICATE KEY UPDATE
ip = VALUES(ip),
controller_name = VALUES(controller_name),
controller_action = VALUES(controller_action),
view_state = VALUES(view_state),
params = VALUES(params),
view_date = VALUES(view_date),
robot_key = VALUES(robot_key)
', array($userId, $uniqueKey, $ipNum, $controllerName, $action, $viewState, $paramList, $viewDate, $robotKey));
} catch (Zend_Db_Exception $e) {
}
// ignore db errors here, not that important
}
public function clearLoginAttempts($usernameOrEmail, $ipAddress = null)
{
$ipAddress = XenForo_Helper_Ip::getBinaryIp(null, $ipAddress);
$db = $this->_getDb();
$db->delete('xf_login_attempt', 'login = '******' AND ip_address = ' . $db->quote($ipAddress));
}
/**
* Starts the session running.
*
* @param string|null Session ID. If not provided, read from cookie.
* @param string|null IP address in one of various formats, for limiting access. If null, grabbed automatically.
*/
public function start($sessionId = null, $ipAddress = null)
{
if (!headers_sent()) {
header('Expires: Thu, 19 Nov 1981 08:52:00 GMT');
header('Cache-control: private, max-age=0');
}
if ($sessionId === null) {
if (isset($_POST['_xfSessionId']) && is_string($_POST['_xfSessionId'])) {
$sessionId = $_POST['_xfSessionId'];
} else {
$cookie = XenForo_Application::get('config')->cookie->prefix . $this->_config['cookie'];
$sessionId = isset($_COOKIE[$cookie]) ? $_COOKIE[$cookie] : '';
}
$sessionId = is_string($sessionId) ? $sessionId : '';
}
if ($ipAddress == null) {
$ipAddress = XenForo_Helper_Ip::getBinaryIp();
} else {
$ipAddress = XenForo_Helper_Ip::convertIpStringToBinary($ipAddress);
}
$this->_setup($sessionId, $ipAddress);
}
public function logSpamTrigger($contentType, $contentId, $result = null, array $details = null, $userId = null, $ipAddress = null)
{
if ($result === null) {
$result = $this->getLastCheckResult();
}
$hax = FALSE;
if ($result == self::RESULT_ALLOWED) {
$result = self::RESULT_MODERATED;
$hax = TRUE;
}
$return = parent::logSpamTrigger($contentType, $contentId, $result, $details, $userId, $ipAddress);
if ($hax) {
$this->_getDb()->query('UPDATE xf_spam_trigger_log SET result="allowed" WHERE log_date=? AND result=? AND ip_address=?', array(XenForo_Application::$time, self::RESULT_MODERATED, XenForo_Helper_Ip::getBinaryIp(null, $ipAddress)));
}
return $return;
}
