[Phpcompta-dev] r4662 - phpcompta/trunk/include

phpcompta-dev

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Phpcompta-dev] r4662 - phpcompta/trunk/include

From:	phpcompta-dev
Subject:	[Phpcompta-dev] r4662 - phpcompta/trunk/include
Date:	Wed, 4 Jan 2012 11:55:43 +0100 (CET)

Author: danydb
Date: 2012-01-04 11:55:43 +0100 (Wed, 04 Jan 2012)
New Revision: 4662

Modified:
   phpcompta/trunk/include/class_user.php
Log:
Improve audit :  add folder + call to audit if check failed (can_request, 
can_print, check_dossier)

Modified: phpcompta/trunk/include/class_user.php
===================================================================
--- phpcompta/trunk/include/class_user.php      2012-01-03 16:46:07 UTC (rev 
4661)
+++ phpcompta/trunk/include/class_user.php      2012-01-04 10:55:43 UTC (rev 
4662)
@@ -690,6 +690,7 @@
        {
                if ($this->check_action($p_action) == 0)
                {
+                        $this->audit('FAIL');
                        if ($p_js == 1)
                        {
                                echo "<script>";
@@ -737,6 +738,7 @@
        {
                if ($this->check_print($p_action) == 0)
                {
+                    $this->audit('FAIL');
                        if ($p_js == 1)
                        {
                                echo "<script>";
@@ -855,6 +857,7 @@
                $dossier = ($dossier == '') ? 'X' : $dossier;
                if ($dossier == 'X')
                {
+                    $this->audit('FAIL',"Access folder ");
                        if (!$silent)
                        {
                                alert(_('Dossier non accessible'));
@@ -984,26 +987,28 @@
                }
                return $array;
        }
-       function audit($action='AUDIT',$p_module="")
-       {
-               global $audit;
-                if ($p_module=="")
+       function audit($action='AUDIT', $p_module="")
+        {
+            global $audit;
+            if ($audit)
+            {
+                if ($p_module == "" && isset ($_REQUEST['ac']))
                 {
-                    $p_module=$_REQUEST['ac'];
+                    $p_module = $_REQUEST['ac'];
                 }
-               $cn = new Database();
-               $sql = "insert into audit_connect 
(ac_user,ac_ip,ac_module,ac_url,ac_state) values ($1,$2,$3,$4,$5)";
-               if ($audit)
-               {
-                               $cn->exec_sql($sql,
-                                        array(
-                                            $_SESSION['g_user'],
-                                            $_SERVER["REMOTE_ADDR"],
-                                            $p_module,
-                                            $_SERVER['REQUEST_URI'],
-                                            $action));
-               }
-       }
+                $cn = new Database();
+                if (isset($_REQUEST['gDossier']))
+                    $p_module.= "dossier : " . $_REQUEST['gDossier'];
+                $sql = "insert into audit_connect 
(ac_user,ac_ip,ac_module,ac_url,ac_state) values ($1,$2,$3,$4,$5)";
+
+                $cn->exec_sql($sql, array(
+                    $_SESSION['g_user'],
+                    $_SERVER["REMOTE_ADDR"],
+                    $p_module,
+                    $_SERVER['REQUEST_URI'],
+                    $action));
+            }
+        }   
        function save_profile($p_id)
        {
                $count=$this->db->get_value("select count(*) from profile_user 
where user_name=$1",  array($this->login));

[Prev in Thread]

Current Thread

[Next in Thread]

[Phpcompta-dev] r4662 - phpcompta/trunk/include, phpcompta-dev <=

Prev by Date: [Phpcompta-dev] r220 - trunk/amortis/include/template
Next by Date: [Phpcompta-dev] r4663 - phpcompta/trunk/include
Previous by thread: [Phpcompta-dev] r220 - trunk/amortis/include/template
Next by thread: [Phpcompta-dev] r4663 - phpcompta/trunk/include
Index(es):
- Date
- Thread