diff --git a/4dev/database/table/edit_log.sql b/4dev/database/table/edit_log.sql index e1de32d3..7d2039a9 100644 --- a/4dev/database/table/edit_log.sql +++ b/4dev/database/table/edit_log.sql @@ -11,34 +11,41 @@ CREATE TABLE edit_log ( euid INT, -- this is a foreign key, but I don't nedd to reference to it FOREIGN KEY (euid) REFERENCES edit_user (edit_user_id) MATCH FULL ON UPDATE CASCADE ON DELETE SET NULL, ecuid VARCHAR, - ecuuid UUID, + ecuuid UUID, -- this is the one we want to use, full UUIDv4 from the edit user table username VARCHAR, password VARCHAR, event_date TIMESTAMP WITHOUT TIME ZONE DEFAULT CURRENT_TIMESTAMP, - ip VARCHAR, + ip VARCHAR, -- just the REMOTE_IP, full set see ip_address + ip_address JSONB, -- REMOTE_IP and all other IPs (X_FORWARD, etc) as JSON block error TEXT, event TEXT, data_binary BYTEA, data TEXT, page VARCHAR, - action VARCHAR, - action_id VARCHAR, - action_sub_id VARCHAR, - action_yes VARCHAR, - action_flag VARCHAR, - action_menu VARCHAR, - action_loaded VARCHAR, - action_value VARCHAR, - action_type VARCHAR, - action_error VARCHAR, + -- various info data sets user_agent VARCHAR, referer VARCHAR, script_name VARCHAR, query_string VARCHAR, + request_scheme VARCHAR, -- http or https server_name VARCHAR, http_host VARCHAR, - http_accept VARCHAR, - http_accept_charset VARCHAR, - http_accept_encoding VARCHAR, - session_id VARCHAR + http_data JSONB, + http_accept VARCHAR, -- in http_data + http_accept_charset VARCHAR, -- in http_data + http_accept_encoding VARCHAR, -- in http_data + -- session ID if set + session_id VARCHAR. + -- any action var, -> same set in action_data as JSON + action_data JSONB, + action VARCHAR, -- in action_data + action_id VARCHAR, -- in action_data + action_sub_id VARCHAR, -- in action_data + action_yes VARCHAR, -- in action_data + action_flag VARCHAR, -- in action_data + action_menu VARCHAR, -- in action_data + action_loaded VARCHAR, -- in action_data + action_value VARCHAR, -- in action_data + action_type VARCHAR, -- in action_data + action_error VARCHAR -- in action_data ) INHERITS (edit_generic) WITHOUT OIDS; diff --git a/4dev/tests/ACL/database/CoreLibsACLLogin_database_create_data.sql b/4dev/tests/ACL/database/CoreLibsACLLogin_database_create_data.sql index 3d4a54b4..9216f692 100644 --- a/4dev/tests/ACL/database/CoreLibsACLLogin_database_create_data.sql +++ b/4dev/tests/ACL/database/CoreLibsACLLogin_database_create_data.sql @@ -579,9 +579,6 @@ CREATE TABLE edit_user ( strict SMALLINT DEFAULT 0, locked SMALLINT DEFAULT 0, protected SMALLINT NOT NULL DEFAULT 0, - -- legacy, debug flags - debug SMALLINT NOT NULL DEFAULT 0, - db_debug SMALLINT NOT NULL DEFAULT 0, -- is admin user admin SMALLINT NOT NULL DEFAULT 0, -- last login log @@ -620,8 +617,6 @@ COMMENT ON COLUMN edit_user.deleted IS 'Login is deleted (master switch), overri COMMENT ON COLUMN edit_user.strict IS 'If too many failed logins user will be locked, default off'; COMMENT ON COLUMN edit_user.locked IS 'Locked from too many wrong password logins'; COMMENT ON COLUMN edit_user.protected IS 'User can only be chnaged by admin user'; -COMMENT ON COLUMN edit_user.debug IS 'Turn debug flag on (legacy)'; -COMMENT ON COLUMN edit_user.db_debug IS 'Turn DB debug flag on (legacy)'; COMMENT ON COLUMN edit_user.admin IS 'If set, this user is SUPER admin'; COMMENT ON COLUMN edit_user.last_login IS 'Last succesfull login tiemstamp'; COMMENT ON COLUMN edit_user.login_error_count IS 'Number of failed logins, reset on successful login'; @@ -1015,7 +1010,7 @@ INSERT INTO edit_page_access (enabled, edit_group_id, edit_page_id, edit_access_ -- edit user -- inserts admin user so basic users can be created DELETE FROM edit_user; -INSERT INTO edit_user (username, password, enabled, debug, db_debug, email, protected, admin, edit_language_id, edit_group_id, edit_scheme_id, edit_access_right_id) VALUES ('admin', 'admin', 1, 1, 1, '', 1, 1, +INSERT INTO edit_user (username, password, enabled, email, protected, admin, edit_language_id, edit_group_id, edit_scheme_id, edit_access_right_id) VALUES ('admin', 'admin', 1, 'test@tequila.jp', 1, 1, (SELECT edit_language_id FROM edit_language WHERE short_name = 'en_US'), (SELECT edit_group_id FROM edit_group WHERE name = 'Admin'), (SELECT edit_scheme_id FROM edit_scheme WHERE name = 'Admin'), diff --git a/4dev/update/20241203_update_edit_tables/edit_tables_cuid_cuuid_update_add.sql b/4dev/update/20241203_update_edit_tables/edit_tables_cuid_cuuid_update_add.sql index f4e36ec3..df2bdbef 100644 --- a/4dev/update/20241203_update_edit_tables/edit_tables_cuid_cuuid_update_add.sql +++ b/4dev/update/20241203_update_edit_tables/edit_tables_cuid_cuuid_update_add.sql @@ -3,6 +3,10 @@ ALTER TABLE edit_generic ADD cuuid UUID DEFAULT gen_random_uuid(); ALTER TABLE edit_log ADD ecuid VARCHAR; ALTER TABLE edit_log ADD ecuuid VARCHAR; ALTER TABLE edit_log ADD action_sub_id VARCHAR; +ALTER TABLE edit_log ADD http_data JSONB; +ALTER TABLE edit_log ADD ip_address JSONB; +ALTER TABLE edit_log ADD action_data JSONB; +ALTER TABLE edit_log ADD request_scheme VARCHAR; -- update set_edit_gneric -- adds the created or updated date tags diff --git a/www/admin/class_test.login.php b/www/admin/class_test.login.php index e5bbc6d4..d153078d 100644 --- a/www/admin/class_test.login.php +++ b/www/admin/class_test.login.php @@ -118,6 +118,12 @@ if (isset($login->loginGetAcl()['unit'])) { print "Something went wrong with the login
"; } +echo "
"; + +// IP check: 'REMOTE_ADDR', 'HTTP_X_FORWARDED_FOR', 'CLIENT_IP' in _SERVER +// Agent check: 'HTTP_USER_AGENT' + + echo "
"; print "SESSION: " . Support::printAr($_SESSION) . "
"; diff --git a/www/admin/class_test.php b/www/admin/class_test.php index 138496ef..616f684a 100644 --- a/www/admin/class_test.php +++ b/www/admin/class_test.php @@ -194,6 +194,9 @@ print "HOST: " . HOST_NAME . " => DB HOST: " . DB_CONFIG_NAME . " => " . Support print "DS is: " . DIRECTORY_SEPARATOR . "
"; print "SERVER HOST: " . $_SERVER['HTTP_HOST'] . "
"; +print "
READ _SERVER ARRAY:
"; +print Support::dumpVar(array_map('htmlentities', $_SERVER)); + print ""; # __END__ diff --git a/www/lib/CoreLibs/ACL/Login.php b/www/lib/CoreLibs/ACL/Login.php index db6fb705..69160ce8 100644 --- a/www/lib/CoreLibs/ACL/Login.php +++ b/www/lib/CoreLibs/ACL/Login.php @@ -1904,7 +1904,7 @@ body { margin: 2% 5%; } .login-data { - margin: 0 5% 5% 5%; + margin: 2% 5% 5% 5%; } .login-data-row { display: flex; @@ -1951,7 +1951,7 @@ button.login-button { margin: 5% 0; } .login-data { - margin: 0 5% 5% 5%; + margin: 5%; } .login-error { margin: 10% 5%; @@ -2160,16 +2160,18 @@ HTML; $q = <<db->dbExecParams( @@ -2186,7 +2188,7 @@ HTML; is_string($this->session->get('LOGIN_EUCUID')) ? $this->session->get('LOGIN_EUCUID') : null, !empty($this->session->get('LOGIN_EUCUUID')) && - Uids::validateUuuidv4($this->session->get('LOGIN_EUCUUID')) ? + Uids::validateUuuidv4($this->session->get('LOGIN_EUCUUID')) ? $this->session->get('LOGIN_EUCUUID') : null, (string)$event, (string)$error, @@ -2195,29 +2197,39 @@ HTML; (string)$this->page_name, // row 2 $_SERVER["REMOTE_ADDR"] ?? null, + [ + 'REMOTE_ADDR' => $_SERVER["REMOTE_ADDR"], + ], $_SERVER['HTTP_USER_AGENT'] ?? null, $_SERVER['HTTP_REFERER'] ?? null, $_SERVER['SCRIPT_FILENAME'] ?? null, $_SERVER['QUERY_STRING'] ?? null, + $_SERVER['REQUEST_SCHEME'] ?? null, $_SERVER['SERVER_NAME'] ?? null, - $_SERVER['HTTP_HOST'] ?? null, // row 3 - $_SERVER['HTTP_ACCEPT'] ?? null, - $_SERVER['HTTP_ACCEPT_CHARSET'] ?? null, - $_SERVER['HTTP_ACCEPT_ENCODING'] ?? null, + $_SERVER['HTTP_HOST'] ?? null, + [ + 'HTTP_ACCEPT' => $_SERVER['HTTP_ACCEPT'] ?? null, + 'HTTP_ACCEPT_CHARSET' => $_SERVER['HTTP_ACCEPT_CHARSET'] ?? null, + 'HTTP_ACCEPT_LANGUAGE' => $_SERVER['HTTP_ACCEPT_LANGUAGE'] ?? null, + 'HTTP_ACCEPT_ENCODING' => $_SERVER['HTTP_ACCEPT_ENCODING'] ?? null, + ], $this->session->getSessionId() !== '' ? $this->session->getSessionId() : null, // row 4 - $action_set['action'] ?? null, - $action_set['action_id'] ?? null, - $action_set['action_sub_id'] ?? null, - $action_set['action_yes'] ?? null, - $action_set['action_flag'] ?? null, - $action_set['action_menu'] ?? null, - $action_set['action_loaded'] ?? null, - $action_set['action_value'] ?? null, - $action_set['action_type'] ?? null, - $action_set['action_error'] ?? null, + // action data as JSONB + [ + 'action' => $action_set['action'] ?? null, + 'action_id' => $action_set['action_id'] ?? null, + 'action_sub_id' => $action_set['action_sub_id'] ?? null, + 'action_yes' => $action_set['action_yes'] ?? null, + 'action_flag' => $action_set['action_flag'] ?? null, + 'action_menu' => $action_set['action_menu'] ?? null, + 'action_loaded' => $action_set['action_loaded'] ?? null, + 'action_value' => $action_set['action_value'] ?? null, + 'action_type' => $action_set['action_type'] ?? null, + 'action_error' => $action_set['action_error'] ?? null, + ] ], 'NULL' );