From ef1d8c57b7d3e6c7fb386716ab8d03041540697c Mon Sep 17 00:00:00 2001 From: Ralf Becker Date: Thu, 18 Aug 2016 13:05:18 +0200 Subject: [PATCH] log menuaction of eT2 requests, instead of eT2 itself, to do so move update of access-log to destructor of Session class --- api/src/Etemplate.php | 3 ++ api/src/Framework/Ajax.php | 3 ++ api/src/Session.php | 81 ++++++++++++++++++++++++-------------- 3 files changed, 58 insertions(+), 29 deletions(-) diff --git a/api/src/Etemplate.php b/api/src/Etemplate.php index 2b611d9ad8..ed3343fede 100644 --- a/api/src/Etemplate.php +++ b/api/src/Etemplate.php @@ -317,6 +317,9 @@ class Etemplate extends Etemplate\Widget\Template throw new Exception\WrongParameter('Can NOT read template '.array2string(self::$request->template)); } + // let session class know, which is the app & method of this request + $GLOBALS['egw']->session->set_action('Etemplate: '.self::$request->method); + // Set current app for validation list($app) = explode('.',self::$request->method); if(!$app) list($app) = explode('::',self::$request->method); diff --git a/api/src/Framework/Ajax.php b/api/src/Framework/Ajax.php index bc9ecdf1da..fb6f1556a6 100755 --- a/api/src/Framework/Ajax.php +++ b/api/src/Framework/Ajax.php @@ -973,6 +973,9 @@ abstract class Ajax extends Api\Framework { throw new Api\Exception\WrongParameter(__METHOD__."('$link') no menuaction set!"); } + // set session action + $GLOBALS['egw']->session->set_action('Ajax: '.$_GET['menuaction']); + list($app,$class,$method) = explode('.',$_GET['menuaction']); if (!isset($GLOBALS['egw_info']['user']['apps'][$app])) diff --git a/api/src/Session.php b/api/src/Session.php index 33f10c6d23..3d266c453b 100644 --- a/api/src/Session.php +++ b/api/src/Session.php @@ -182,6 +182,13 @@ class Session */ var $reason; + /** + * Session action set by update_dla or set_action and stored in __destruct + * + * @var string + */ + protected $action; + /** * Constructor just loads up some defaults from cookies * @@ -260,18 +267,21 @@ class Session function __wakeup() { ini_set('session.gc_maxlifetime', $GLOBALS['egw_info']['server']['sessions_timeout']); + + $this->action = null; } /** - * Destructor - * + * Destructor: update access-log and encrypt session */ function __destruct() { - //if (empty($GLOBALS['egw_info']['user']['passwd']) )//|| empty($this->appsession('password','phpgwapi')) - //{ - // error_log('__destruct'.'~252'.'->'." REQUEST_URI".$_SERVER['REQUEST_URI']); - //} + // write dla update on destruct, allows to modify session action by calling Session::set_action() + if (!isset($GLOBALS['egw_info']['flags']['no_dla_update']) || !$GLOBALS['egw_info']['flags']['no_dla_update']) + { + $this->update_dla(true); + } + self::encrypt($this->kp3); } @@ -1357,45 +1367,58 @@ class Session return $domain; } + /** + * Set action logged in access-log + * + * @param string $action + */ + public function set_action($action) + { + $this->action = $action; + } + /** * Update session_action and session_dla (session last used time) * - * @param boolean $update_access_log =true false: dont update egw_access_log table + * @param boolean $update_access_log =false false: dont update egw_access_log table, but set $this->action * @return string action as written to egw_access_log.session_action */ - private function update_dla($update_access_log=true) + private function update_dla($update_access_log=false) { // This way XML-RPC users aren't always listed as xmlrpc.php - if ($this->xmlrpc_method_called) + if (!$update_access_log) { - $action = $this->xmlrpc_method_called; - } - elseif (isset($_GET['menuaction'])) - { - $action = $_GET['menuaction']; - } - else - { - $action = $_SERVER['PHP_SELF']; - // remove EGroupware path, if not installed in webroot - $egw_path = $GLOBALS['egw_info']['server']['webserver_url']; - if ($egw_path[0] != '/') $egw_path = parse_url($egw_path,PHP_URL_PATH); - if ($action == '/Microsoft-Server-ActiveSync') + if ($this->xmlrpc_method_called) { - $action .= '?Cmd='.$_GET['Cmd'].'&DeviceId='.$_GET['DeviceId']; + $action = $this->xmlrpc_method_called; } - elseif ($egw_path) + elseif (isset($_GET['menuaction'])) { - list(,$action) = explode($egw_path,$action,2); + $action = $_GET['menuaction']; } + else + { + $action = $_SERVER['PHP_SELF']; + // remove EGroupware path, if not installed in webroot + $egw_path = $GLOBALS['egw_info']['server']['webserver_url']; + if ($egw_path[0] != '/') $egw_path = parse_url($egw_path,PHP_URL_PATH); + if ($action == '/Microsoft-Server-ActiveSync') + { + $action .= '?Cmd='.$_GET['Cmd'].'&DeviceId='.$_GET['DeviceId']; + } + elseif ($egw_path) + { + list(,$action) = explode($egw_path,$action,2); + } + } + $this->set_action($action); } - // update dla in access-log table, if we have an access-log row (non-anonymous session) if ($this->sessionid_access_log && $update_access_log) { $GLOBALS['egw']->db->update(self::ACCESS_LOG_TABLE,array( 'session_dla' => time(), - 'session_action' => $action, + 'session_action' => $this->action, 'lo' => null, // just in case it was (automatic) timed out before ),array( 'sessionid' => $this->sessionid_access_log, @@ -1403,10 +1426,10 @@ class Session } $_SESSION[self::EGW_SESSION_VAR]['session_dla'] = time(); - $_SESSION[self::EGW_SESSION_VAR]['session_action'] = $action; + $_SESSION[self::EGW_SESSION_VAR]['session_action'] = $this->action; if (self::ERROR_LOG_DEBUG) error_log(__METHOD__.'() _SESSION['.self::EGW_SESSION_VAR.']='.array2string($_SESSION[self::EGW_SESSION_VAR])); - return $action; + return $this->action; } /**