/**
* @param string $severity
* @param string $auditType
* @param string $itemName
* @param string $itemDescription
* @return bool
*/
public function doLog($severity, $auditType, $itemName, $itemDescription)
{
$savedInDB = $savedInFile = $savedInSyslog = false;
if ($this->isDBEngineActive) {
$savedInDB = CEventLog::log($severity, $auditType, "security", $itemName, base64_encode($itemDescription));
}
$message = "";
if ($this->isSyslogEngineActive) {
$message = $this->messageFormatter->format($auditType, $itemName, $itemDescription);
$savedInSyslog = syslog($this->syslogPriority, $message);
}
if ($this->isFileEngineActive) {
if (!$message) {
$message = $this->messageFormatter->format($auditType, $itemName, $itemDescription);
}
$message .= "\n";
$savedInFile = file_put_contents($this->filePath, $message, FILE_APPEND) > 0;
}
return $savedInDB || $savedInSyslog || $savedInFile;
}
/**
* @param string $pSeverity
* @param string $pAuditType
* @param string $pItemName
* @param string $pItemDescription
* @return bool
*/
public function doLog($pSeverity, $pAuditType, $pItemName, $pItemDescription)
{
$savedInDB = $savedInFile = $savedInSyslog = false;
if ($this->isDBEngineActive) {
$savedInDB = CEventLog::log($pSeverity, $pAuditType, "security", $pItemName, $pItemDescription);
}
if ($this->isSyslogEngineActive) {
$message = self::formatMessage($pAuditType, $pItemName, $pItemDescription, $this->isUserInfoNeeded);
$savedInSyslog = syslog($this->syslogPriority, $message);
}
if ($this->isFileEngineActive) {
$message = self::formatMessage($pAuditType, $pItemName, $pItemDescription, $this->isUserInfoNeeded);
$message .= "\n";
$savedInFile = file_put_contents($this->filePath, $message, FILE_APPEND) > 0;
}
return $savedInDB || $savedInSyslog || $savedInFile;
}
public static function setAuthentication(CurrentUser $user, $isPersistent = false)
{
/** @var $context \Freetrix\Main\HttpContext */
$context = \Freetrix\Main\Application::getInstance()->getContext();
$context->setUser($user);
static::copyToSession($user);
/** @var $response \Freetrix\Main\HttpResponse */
$response = $context->getResponse();
if (!$user->isAuthenticated()) {
$cookie = new \Freetrix\Main\Web\Cookie("UIDH", "", time() - 3600);
$response->addCookie($cookie);
return;
}
$connection = \Freetrix\Main\Application::getDbConnection();
$sqlHelper = $connection->getSqlHelper();
$connection->queryExecute("UPDATE b_user SET " . " STORED_HASH = NULL, " . " LAST_LOGIN = "******", " . " TIMESTAMP_X = TIMESTAMP_X, " . " LOGIN_ATTEMPTS = 0, " . " TIME_ZONE_OFFSET = " . \CTimeZone::getOffset() . " " . "WHERE ID = " . $user->getUserId() . " ");
$cookie = new \Freetrix\Main\Web\Cookie("LOGIN", $user->getLogin(), time() + 60 * 60 * 24 * 30 * 60);
$cookie->setSpread(\Freetrix\Main\Config\Option::get("main", "auth_multisite", "N") == "Y" ? \Freetrix\Main\Web\Cookie::SPREAD_SITES : \Freetrix\Main\Web\Cookie::SPREAD_DOMAIN);
$response->addCookie($cookie);
if ($isPersistent || \Freetrix\Main\Config\Option::get("main", "auth_multisite", "N") == "Y") {
$hash = $user->getSessionHash();
/** @var $request \Freetrix\Main\HttpRequest */
$request = $context->getRequest();
if ($isPersistent) {
$cookie = new \Freetrix\Main\Web\Cookie("UIDH", $hash, time() + 60 * 60 * 24 * 30 * 60);
} else {
$cookie = new \Freetrix\Main\Web\Cookie("UIDH", $hash, 0);
}
$cookie->setSecure(\Freetrix\Main\Config\Option::get("main", "use_secure_password_cookies", "N") == "Y" && $request->isHttps());
$response->addCookie($cookie);
$storedId = static::getStoredHashId($user, $hash);
if ($storedId) {
$connection->queryExecute("UPDATE b_user_stored_auth SET " . "\tLAST_AUTH = " . $sqlHelper->getCurrentDateTimeFunction() . ", " . "\t" . ($user->getAuthType() === static::AUTHENTICATED_BY_HASH ? "" : "TEMP_HASH='" . ($isPersistent ? "N" : "Y") . "', ") . " " . "\tIP_ADDR = '" . sprintf("%u", ip2long($request->getRemoteAddress())) . "' " . "WHERE ID = " . intval($storedId));
} else {
$sqlTmp1 = "";
$sqlTmp2 = "";
if ($connection->getType() === "oracle") {
$storedId = $connection->getIdentity("sq_b_user_stored_auth");
$sqlTmp1 = "ID, ";
$sqlTmp2 = intval($storedId) . ", ";
}
$sql = "INSERT INTO b_user_stored_auth (" . $sqlTmp1 . "USER_ID, DATE_REG, LAST_AUTH, TEMP_HASH, " . " IP_ADDR, STORED_HASH) " . "VALUES (" . $sqlTmp2 . intval($user->getUserId()) . ", " . $sqlHelper->getCurrentDateTimeFunction() . ", " . " " . $sqlHelper->getCurrentDateTimeFunction() . ", '" . ($isPersistent ? "N" : "Y") . "', " . " '" . $sqlHelper->forSql(sprintf("%u", ip2long($request->getRemoteAddress()))) . "', " . " '" . $sqlHelper->forSql($hash) . "')";
$connection->queryExecute($sql);
if ($connection->getType() !== "oracle") {
$storedId = $connection->getIdentity();
}
}
$user->setStoredAuthId($storedId);
}
$event = new Main\Event("main", "OnUserLogin", array("USER" => $user));
$event->send();
if (\Freetrix\Main\Config\Option::get("main", "event_log_login_success", "N") === "Y") {
\CEventLog::log("SECURITY", "USER_AUTHORIZE", "main", $user->getUserId());
}
}
