mirror of
https://github.com/EGroupware/egroupware.git
synced 2025-01-13 09:28:31 +01:00
* eSync/API: update access-log action for eSync, run maintenance only on logout and other changes to speed up access/update to huge access-logs, thought indexes on session_php, (account_id,ip,li), (account_id,loginid,li) will help alot, but are postponed for next version
This commit is contained in:
parent
d8520d685b
commit
191ed55bf9
@ -646,13 +646,13 @@ class egw_session
|
|||||||
/**
|
/**
|
||||||
* Write or update (for logout) the access_log
|
* Write or update (for logout) the access_log
|
||||||
*
|
*
|
||||||
* @param string|int $sessionid PHP sessionid or 0 for unsuccessful logins
|
* @param string|int $sessionid nummeric or PHP session id or 0 for unsuccessful logins
|
||||||
* @param string $login account_lid (evtl. with domain) or '' for settion the logout-time
|
* @param string $login='' account_lid (evtl. with domain) or '' for setting the logout-time
|
||||||
* @param string $user_ip ip to log
|
* @param string $user_ip='' ip to log
|
||||||
* @param int $account_id numerical account_id
|
* @param int $account_id=0 numerical account_id
|
||||||
* @return int $sessionid primary key of egw_access_log for login, null otherwise
|
* @return int $sessionid primary key of egw_access_log for login, null otherwise
|
||||||
*/
|
*/
|
||||||
private function log_access($sessionid,$login='',$user_ip='',$account_id='')
|
private function log_access($sessionid,$login='',$user_ip='',$account_id=0)
|
||||||
{
|
{
|
||||||
$now = time();
|
$now = time();
|
||||||
|
|
||||||
@ -664,12 +664,18 @@ class egw_session
|
|||||||
'ip' => $user_ip,
|
'ip' => $user_ip,
|
||||||
'li' => $now,
|
'li' => $now,
|
||||||
'account_id'=> $account_id,
|
'account_id'=> $account_id,
|
||||||
|
'session_dla' => $now,
|
||||||
|
'session_action' => $this->update_dla(false), // dont update egw_access_log
|
||||||
),false,__LINE__,__FILE__);
|
),false,__LINE__,__FILE__);
|
||||||
|
|
||||||
$ret = $GLOBALS['egw']->db->get_last_insert_id(self::ACCESS_LOG_TABLE,'sessionid');
|
$ret = $GLOBALS['egw']->db->get_last_insert_id(self::ACCESS_LOG_TABLE,'sessionid');
|
||||||
}
|
}
|
||||||
else
|
else
|
||||||
{
|
{
|
||||||
|
if (!is_numeric($sessionid) && $sessionid == $this->sessionid && $this->sessionid_access_log)
|
||||||
|
{
|
||||||
|
$sessionid = $this->sessionid_access_log;
|
||||||
|
}
|
||||||
$GLOBALS['egw']->db->update(self::ACCESS_LOG_TABLE,array(
|
$GLOBALS['egw']->db->update(self::ACCESS_LOG_TABLE,array(
|
||||||
'lo' => $now
|
'lo' => $now
|
||||||
),is_numeric($sessionid) ? array(
|
),is_numeric($sessionid) ? array(
|
||||||
@ -677,12 +683,14 @@ class egw_session
|
|||||||
) : array(
|
) : array(
|
||||||
'session_php' => $sessionid,
|
'session_php' => $sessionid,
|
||||||
),__LINE__,__FILE__);
|
),__LINE__,__FILE__);
|
||||||
}
|
|
||||||
if ($GLOBALS['egw_info']['server']['max_access_log_age'])
|
|
||||||
{
|
|
||||||
$max_age = $now - $GLOBALS['egw_info']['server']['max_access_log_age'] * 24 * 60 * 60;
|
|
||||||
|
|
||||||
$GLOBALS['egw']->db->delete(self::ACCESS_LOG_TABLE,"li < $max_age",__LINE__,__FILE__);
|
// run maintenance only on logout, to not delay login
|
||||||
|
if ($GLOBALS['egw_info']['server']['max_access_log_age'])
|
||||||
|
{
|
||||||
|
$max_age = $now - $GLOBALS['egw_info']['server']['max_access_log_age'] * 24 * 60 * 60;
|
||||||
|
|
||||||
|
$GLOBALS['egw']->db->delete(self::ACCESS_LOG_TABLE,"li < $max_age",__LINE__,__FILE__);
|
||||||
|
}
|
||||||
}
|
}
|
||||||
//error_log(__METHOD__."('$sessionid', '$login', '$user_ip', $account_id) returning ".array2string($ret));
|
//error_log(__METHOD__."('$sessionid', '$login', '$user_ip', $account_id) returning ".array2string($ret));
|
||||||
return $ret;
|
return $ret;
|
||||||
@ -700,24 +708,43 @@ class egw_session
|
|||||||
$blocked = false;
|
$blocked = false;
|
||||||
$block_time = time() - $GLOBALS['egw_info']['server']['block_time'] * 60;
|
$block_time = time() - $GLOBALS['egw_info']['server']['block_time'] * 60;
|
||||||
|
|
||||||
if (($false_ip = $GLOBALS['egw']->db->select(self::ACCESS_LOG_TABLE,'COUNT(*)',array(
|
$false_id = $false_ip = 0;
|
||||||
'account_id = 0',
|
foreach($GLOBALS['egw']->db->union(array(
|
||||||
'ip' => $ip,
|
array(
|
||||||
"li > $block_time",
|
'table' => self::ACCESS_LOG_TABLE,
|
||||||
),__LINE__,__FILE__)->fetchColumn()) > $GLOBALS['egw_info']['server']['num_unsuccessful_ip'])
|
'cols' => "'false_ip' AS name,COUNT(*) AS num",
|
||||||
|
'where' => array(
|
||||||
|
'account_id' => 0,
|
||||||
|
'ip' => $ip,
|
||||||
|
"li > $block_time",
|
||||||
|
),
|
||||||
|
),
|
||||||
|
array(
|
||||||
|
'table' => self::ACCESS_LOG_TABLE,
|
||||||
|
'cols' => "'false_id' AS name,COUNT(*) AS num",
|
||||||
|
'where' => array(
|
||||||
|
'account_id' => 0,
|
||||||
|
'loginid' => $login,
|
||||||
|
"li > $block_time",
|
||||||
|
),
|
||||||
|
),
|
||||||
|
array(
|
||||||
|
'table' => self::ACCESS_LOG_TABLE,
|
||||||
|
'cols' => "'false_id' AS name,COUNT(*) AS num",
|
||||||
|
'where' => array(
|
||||||
|
'account_id' => 0,
|
||||||
|
'loginid LIKE '.$GLOBALS['egw']->db->quote($login.'@%'),
|
||||||
|
"li > $block_time",
|
||||||
|
)
|
||||||
|
),
|
||||||
|
), __LINE__, __FILE__) as $row)
|
||||||
{
|
{
|
||||||
//echo "<p>login_blocked: ip='$ip' ".$this->db->f(0)." trys (".$GLOBALS['egw_info']['server']['num_unsuccessful_ip']." max.) since ".date('Y/m/d H:i',$block_time)."</p>\n";
|
${$row['name']} += $row['num'];
|
||||||
$blocked = true;
|
|
||||||
}
|
|
||||||
if (($false_id = $GLOBALS['egw']->db->select(self::ACCESS_LOG_TABLE,'COUNT(*)',array(
|
|
||||||
'account_id = 0',
|
|
||||||
'(loginid = '.$GLOBALS['egw']->db->quote($login).' OR loginid LIKE '.$GLOBALS['egw']->db->quote($login.'@%').')',
|
|
||||||
"li > $block_time",
|
|
||||||
),__LINE__,__FILE__)->fetchColumn()) > $GLOBALS['egw_info']['server']['num_unsuccessful_id'])
|
|
||||||
{
|
|
||||||
//echo "<p>login_blocked: login='$login' ".$this->db->f(0)." trys (".$GLOBALS['egw_info']['server']['num_unsuccessful_id']." max.) since ".date('Y/m/d H:i',$block_time)."</p>\n";
|
|
||||||
$blocked = true;
|
|
||||||
}
|
}
|
||||||
|
$blocked = $false_ip > $GLOBALS['egw_info']['server']['num_unsuccessful_ip'] ||
|
||||||
|
$false_id > $GLOBALS['egw_info']['server']['num_unsuccessful_id'];
|
||||||
|
//error_log(__METHOD__."('$login', '$ip') false_ip=$false_ip, false_id=$false_id --> blocked=".array2string($blocked));
|
||||||
|
|
||||||
if ($blocked && $GLOBALS['egw_info']['server']['admin_mails'] &&
|
if ($blocked && $GLOBALS['egw_info']['server']['admin_mails'] &&
|
||||||
$GLOBALS['egw_info']['server']['login_blocked_mail_time'] < time()-5*60) // max. one mail every 5mins
|
$GLOBALS['egw_info']['server']['login_blocked_mail_time'] < time()-5*60) // max. one mail every 5mins
|
||||||
{
|
{
|
||||||
@ -1003,7 +1030,7 @@ class egw_session
|
|||||||
/**
|
/**
|
||||||
* Terminate a session
|
* Terminate a session
|
||||||
*
|
*
|
||||||
* @param string $sessionid the id of the session to be terminated
|
* @param int|string $sessionid nummeric or php session id of session to be terminated
|
||||||
* @param string $kp3
|
* @param string $kp3
|
||||||
* @return boolean true on success, false on error
|
* @return boolean true on success, false on error
|
||||||
*/
|
*/
|
||||||
@ -1365,8 +1392,11 @@ class egw_session
|
|||||||
|
|
||||||
/**
|
/**
|
||||||
* Update session_action and session_dla (session last used time)
|
* Update session_action and session_dla (session last used time)
|
||||||
|
*
|
||||||
|
* @param boolean $update_access_log=true false: dont update egw_access_log table
|
||||||
|
* @return string action as written to egw_access_log.session_action
|
||||||
*/
|
*/
|
||||||
private function update_dla()
|
private function update_dla($update_access_log=true)
|
||||||
{
|
{
|
||||||
// This way XML-RPC users aren't always listed as xmlrpc.php
|
// This way XML-RPC users aren't always listed as xmlrpc.php
|
||||||
if ($this->xmlrpc_method_called)
|
if ($this->xmlrpc_method_called)
|
||||||
@ -1383,14 +1413,18 @@ class egw_session
|
|||||||
// remove EGroupware path, if not installed in webroot
|
// remove EGroupware path, if not installed in webroot
|
||||||
$egw_path = $GLOBALS['egw_info']['server']['webserver_url'];
|
$egw_path = $GLOBALS['egw_info']['server']['webserver_url'];
|
||||||
if ($egw_path[0] != '/') $egw_path = parse_url($egw_path,PHP_URL_PATH);
|
if ($egw_path[0] != '/') $egw_path = parse_url($egw_path,PHP_URL_PATH);
|
||||||
if ($egw_path)
|
if ($action == '/Microsoft-Server-ActiveSync')
|
||||||
|
{
|
||||||
|
$action .= '?Cmd='.$_GET['Cmd'].'&DeviceId='.$_GET['DeviceId'];
|
||||||
|
}
|
||||||
|
elseif ($egw_path)
|
||||||
{
|
{
|
||||||
list(,$action) = explode($egw_path,$action,2);
|
list(,$action) = explode($egw_path,$action,2);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
// update dla in access-log table, if we have an access-log row (non-anonymous session)
|
// update dla in access-log table, if we have an access-log row (non-anonymous session)
|
||||||
if ($this->sessionid_access_log)
|
if ($this->sessionid_access_log && $update_access_log)
|
||||||
{
|
{
|
||||||
$GLOBALS['egw']->db->update(self::ACCESS_LOG_TABLE,array(
|
$GLOBALS['egw']->db->update(self::ACCESS_LOG_TABLE,array(
|
||||||
'session_dla' => time(),
|
'session_dla' => time(),
|
||||||
@ -1404,6 +1438,8 @@ class egw_session
|
|||||||
$_SESSION[self::EGW_SESSION_VAR]['session_dla'] = time();
|
$_SESSION[self::EGW_SESSION_VAR]['session_dla'] = time();
|
||||||
$_SESSION[self::EGW_SESSION_VAR]['session_action'] = $action;
|
$_SESSION[self::EGW_SESSION_VAR]['session_action'] = $action;
|
||||||
if (self::ERROR_LOG_DEBUG) error_log(__METHOD__.'() _SESSION['.self::EGW_SESSION_VAR.']='.array2string($_SESSION[self::EGW_SESSION_VAR]));
|
if (self::ERROR_LOG_DEBUG) error_log(__METHOD__.'() _SESSION['.self::EGW_SESSION_VAR.']='.array2string($_SESSION[self::EGW_SESSION_VAR]));
|
||||||
|
|
||||||
|
return $action;
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
Loading…
Reference in New Issue
Block a user