/** * Logs an IP for an action. * * @param integer $userId User causing action * @param string $contentType Type of content (user, post) * @param integer $contentId ID of content * @param string $action Action (insert, login) * @param string|null $ipAddress IP address or null to pull from request * @param integer|null $date Timestamp to tag IP with * * @return integer ID of inserted IP; 0 if no insert */ public function logIp($userId, $contentType, $contentId, $action, $ipAddress = null, $date = null) { $ipAddress = XenForo_Helper_Ip::getBinaryIp(null, $ipAddress); if (!$ipAddress) { return 0; } if ($date === null) { $date = XenForo_Application::$time; } $this->_getDb()->insert('xf_ip', array('user_id' => $userId, 'content_type' => $contentType, 'content_id' => $contentId, 'action' => $action, 'ip' => $ipAddress, 'log_date' => max(0, $date))); return $this->_getDb()->lastInsertId(); }
public function logAdminRequest(Zend_Controller_Request_Http $request, array $requestData = null, $ipAddress = null) { $baseUrl = $request->getBaseUrl(); $requestUri = $request->getRequestUri(); if (substr($requestUri, 0, strlen($baseUrl)) == $baseUrl) { $routeBase = substr($requestUri, strlen($baseUrl)); $routeBase = preg_replace('/^\\?/', '', $routeBase); } else { $routeBase = $requestUri; } if ($requestData === null) { $requestData = $this->_filterAdminLogRequestData($_POST); } $ipAddress = XenForo_Helper_Ip::getBinaryIp(null, $ipAddress, ''); $this->_getDb()->insert('xf_admin_log', array('request_date' => XenForo_Application::$time, 'user_id' => XenForo_Visitor::getUserId(), 'ip_address' => $ipAddress, 'request_url' => $routeBase, 'request_data' => json_encode($requestData))); }
/** * Logs that the spam handler was triggered, if the result was not allowed. * * @param string $contentType * @param integer $contentId * @param string|null $result * @param array|null $details * @param null|integer $userId * @param null|string $ipAddress * * @return bool|int True if updated, false if no change, int ID if inserted */ public function logSpamTrigger($contentType, $contentId, $result = null, array $details = null, $userId = null, $ipAddress = null) { if ($result === null) { $result = $this->getLastCheckResult(); } switch ($result) { case self::RESULT_DENIED: case self::RESULT_MODERATED: break; default: return false; } $ipAddress = XenForo_Helper_Ip::getBinaryIp(null, $ipAddress); if ($userId === null) { $userId = XenForo_Visitor::getUserId(); } if (!$contentId) { $contentId = null; } if ($contentType == 'user') { $userId = $contentId ? $contentId : 0; } if ($details === null) { $details = $this->getLastCheckDetails(); } $requestPaths = XenForo_Application::get('requestPaths'); $request = array('url' => $requestPaths['fullUri'], 'referrer' => isset($_SERVER['HTTP_REFERER']) ? $_SERVER['HTTP_REFERER'] : '', '_GET' => $_GET, '_POST' => $_POST); // don't log passwords foreach ($request['_POST'] as $key => &$value) { if (strpos($key, 'password') !== false || $key == '_xfToken') { $value = '********'; } } $query = $this->_getDb()->query("\n\t\t\tINSERT INTO xf_spam_trigger_log\n\t\t\t\t(content_type, content_id, log_date, user_id, ip_address, result, details, request_state)\n\t\t\tVALUES\n\t\t\t\t(?, ?, ?, ?, ?, ?, ?, ?)\n\t\t\tON DUPLICATE KEY UPDATE\n\t\t\t\tlog_date = VALUES(log_date),\n\t\t\t\tuser_id = VALUES(user_id),\n\t\t\t\tip_address = VALUES(ip_address),\n\t\t\t\tresult = VALUES(result),\n\t\t\t\tdetails = VALUES(details),\n\t\t\t\trequest_state = VALUES(request_state)\n\t\t", array($contentType, $contentId, XenForo_Application::$time, $userId, $ipAddress, $result, serialize($details), serialize($request))); return $query->rowCount() == 1 ? $this->_getDb()->lastInsertId() : true; }
public static function logException($e, $rollbackTransactions = true, $messagePrefix = '') { $isValidArg = $e instanceof Exception || $e instanceof Throwable; if (!$isValidArg) { throw new Exception("logException requires an Exception or a Throwable"); } try { $db = XenForo_Application::getDb(); if ($db->getConnection()) { if ($rollbackTransactions) { @XenForo_Db::rollbackAll($db); } $dbVersionId = @$db->fetchOne("SELECT option_value FROM xf_option WHERE option_id = 'currentVersionId'"); if ($dbVersionId && $dbVersionId != XenForo_Application::$versionId) { // do not log errors when an upgrade is pending return; } if (!file_exists(XenForo_Helper_File::getInternalDataPath() . '/install-lock.php')) { // install hasn't finished yet, don't write return; } $rootDir = XenForo_Application::getInstance()->getRootDir(); $file = $e->getFile(); if (strpos($file, $rootDir) === 0) { $file = substr($file, strlen($rootDir)); if (strlen($file) && ($file[0] == '/' || $file[0] == '\\')) { $file = substr($file, 1); } } $requestPaths = XenForo_Application::get('requestPaths'); $request = array('url' => $requestPaths['fullUri'], '_GET' => $_GET, '_POST' => $_POST); // don't log passwords foreach ($request['_POST'] as $key => &$value) { if (strpos($key, 'password') !== false || $key == '_xfToken') { $value = '********'; } } $db->insert('xf_error_log', array('exception_date' => XenForo_Application::$time, 'user_id' => XenForo_Visitor::hasInstance() ? XenForo_Visitor::getUserId() : null, 'ip_address' => XenForo_Helper_Ip::getBinaryIp(), 'exception_type' => get_class($e), 'message' => $messagePrefix . $e->getMessage(), 'filename' => $file, 'line' => $e->getLine(), 'trace_string' => $e->getTraceAsString(), 'request_state' => serialize($request))); } } catch (Exception $e) { } }
/** * Updates the session activity of a user. * * @param integer $userId * @param string $ip IP of visiting user * @param string $controllerName Last controller class that was invoked * @param string $action Last action that was invoked * @param string $viewState Either "valid" or "error" * @param array $inputParams List of special input params, to include to help get more info on current activity * @param integer|null $viewDate The timestamp of the last page view; defaults to now * @param string $robotKey */ public function updateSessionActivity($userId, $ip, $controllerName, $action, $viewState, array $inputParams, $viewDate = null, $robotKey = '') { $userId = intval($userId); $ipNum = XenForo_Helper_Ip::getBinaryIp(null, $ip, ''); $uniqueKey = $userId ? $userId : $ipNum; if ($userId) { $robotKey = ''; } if (!$viewDate) { $viewDate = XenForo_Application::$time; } $logParams = array(); foreach ($inputParams as $paramKey => $paramValue) { if (!strlen($paramKey) || $paramKey[0] == '_' || !is_scalar($paramValue)) { continue; } $logParams[] = "{$paramKey}=" . urlencode($paramValue); } $paramList = implode('&', $logParams); $paramList = substr($paramList, 0, 100); $controllerName = substr($controllerName, 0, 50); $action = substr($action, 0, 50); try { $this->_getDb()->query(' INSERT INTO xf_session_activity (user_id, unique_key, ip, controller_name, controller_action, view_state, params, view_date, robot_key) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?) ON DUPLICATE KEY UPDATE ip = VALUES(ip), controller_name = VALUES(controller_name), controller_action = VALUES(controller_action), view_state = VALUES(view_state), params = VALUES(params), view_date = VALUES(view_date), robot_key = VALUES(robot_key) ', array($userId, $uniqueKey, $ipNum, $controllerName, $action, $viewState, $paramList, $viewDate, $robotKey)); } catch (Zend_Db_Exception $e) { } // ignore db errors here, not that important }
public function clearLoginAttempts($usernameOrEmail, $ipAddress = null) { $ipAddress = XenForo_Helper_Ip::getBinaryIp(null, $ipAddress); $db = $this->_getDb(); $db->delete('xf_login_attempt', 'login = '******' AND ip_address = ' . $db->quote($ipAddress)); }
/** * Starts the session running. * * @param string|null Session ID. If not provided, read from cookie. * @param string|null IP address in one of various formats, for limiting access. If null, grabbed automatically. */ public function start($sessionId = null, $ipAddress = null) { if (!headers_sent()) { header('Expires: Thu, 19 Nov 1981 08:52:00 GMT'); header('Cache-control: private, max-age=0'); } if ($sessionId === null) { if (isset($_POST['_xfSessionId']) && is_string($_POST['_xfSessionId'])) { $sessionId = $_POST['_xfSessionId']; } else { $cookie = XenForo_Application::get('config')->cookie->prefix . $this->_config['cookie']; $sessionId = isset($_COOKIE[$cookie]) ? $_COOKIE[$cookie] : ''; } $sessionId = is_string($sessionId) ? $sessionId : ''; } if ($ipAddress == null) { $ipAddress = XenForo_Helper_Ip::getBinaryIp(); } else { $ipAddress = XenForo_Helper_Ip::convertIpStringToBinary($ipAddress); } $this->_setup($sessionId, $ipAddress); }
public function logSpamTrigger($contentType, $contentId, $result = null, array $details = null, $userId = null, $ipAddress = null) { if ($result === null) { $result = $this->getLastCheckResult(); } $hax = FALSE; if ($result == self::RESULT_ALLOWED) { $result = self::RESULT_MODERATED; $hax = TRUE; } $return = parent::logSpamTrigger($contentType, $contentId, $result, $details, $userId, $ipAddress); if ($hax) { $this->_getDb()->query('UPDATE xf_spam_trigger_log SET result="allowed" WHERE log_date=? AND result=? AND ip_address=?', array(XenForo_Application::$time, self::RESULT_MODERATED, XenForo_Helper_Ip::getBinaryIp(null, $ipAddress))); } return $return; }