From 160eb1321e2b78a08bb52a04c94ad0986a561baf Mon Sep 17 00:00:00 2001 From: SJ Date: Fri, 2 Aug 2013 20:59:56 +0200 Subject: [PATCH] added audit wildcard search --- webui/controller/audit/helper.php | 21 +++++++++------------ webui/model/audit/audit.php | 31 ++++++++++++++++++------------- webui/system/misc.php | 3 +++ 3 files changed, 30 insertions(+), 25 deletions(-) diff --git a/webui/controller/audit/helper.php b/webui/controller/audit/helper.php index b34a044f..95c80904 100644 --- a/webui/controller/audit/helper.php +++ b/webui/controller/audit/helper.php @@ -99,23 +99,20 @@ class ControllerAuditHelper extends Controller { while(list($k, $v) = each($b)) { if($v == '') { continue; } - if(preg_match("/(login|loginfailed|logout|view|download|search|restore|journal)$/", $v) && isset($actions[$v])) { $this->a['action'] .= '*' . $actions[$v]; } - if(preg_match("/\@/", $v)) { $this->a['user'] .= '*' . $v; } - if(preg_match("/\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}/", $v)) { $this->a['ipaddr'] .= '*' . $v; } - if(preg_match("/^\d{1,}$/", $v)) { $this->a['ref'] .= '*' . $v; } - if(preg_match("/\d{4}(\-|\.)\d{1,2}(\-|\.)\d{1,2}/", $v) || preg_match("/\d{1,2}\/\d{1,2}\/\d{4}/", $v)) { + if(preg_match("/(login|loginfailed|logout|view|download|search|restore|journal)$/", $v) && isset($actions[$v])) { $this->a['action'] .= "\t" . $actions[$v]; } + if(preg_match("/\@/", $v)) { $this->a['user'] .= "\t" . $v; } + if(preg_match("/\d{1,3}\.\d{1,3}\.(\d{1,3}|\*)\.(\d{1,3}|\*)/", $v)) { $this->a['ipaddr'] .= "\t" . $v; } + if(preg_match("/^\d{1,}$/", $v)) { $this->a['ref'] .= "\t" . $v; } + if(preg_match("/\d{4}(\-|\.)(\d{1,2}|\*)(\-|\.)(\d{1,2}|\*)/", $v) || preg_match("/(\d{1,2}|\*)\/(\d{1,2}|\*)\/\d{4}/", $v)) { $ndate++; $this->a["date$ndate"] = $v; } } - - $this->a['user'] = preg_replace("/^\*/", "", $this->a['user']); - $this->a['ipaddr'] = preg_replace("/^\*/", "", $this->a['ipaddr']); - $this->a['ref'] = preg_replace("/^\*/", "", $this->a['ref']); - $this->a['action'] = preg_replace("/^\*/", "", $this->a['action']); - - //if(isset($data['action'])) { $arr['action'] = $data['action']; } + $this->a['user'] = preg_replace("/^\t/", "", $this->a['user']); + $this->a['ipaddr'] = preg_replace("/^\t/", "", $this->a['ipaddr']); + $this->a['ref'] = preg_replace("/^\t/", "", $this->a['ref']); + $this->a['action'] = preg_replace("/^\t/", "", $this->a['action']); if(isset($data['sort'])) { $this->a['sort'] = $data['sort']; } if(isset($data['order'])) { $this->a['order'] = $data['order']; } diff --git a/webui/model/audit/audit.php b/webui/model/audit/audit.php index 933beffc..a3d3b52a 100644 --- a/webui/model/audit/audit.php +++ b/webui/model/audit/audit.php @@ -24,20 +24,19 @@ class ModelAuditAudit extends Model { $sortorder = "ORDER BY `$sort` $order"; if(isset($data['action']) && $data['action'] != ACTION_ALL) { - $where .= " AND action=?"; - array_push($arr, $data['action']); + $where .= " AND ( " . $this->append_search_criteria("action", $data['action'], $arr) . " )"; } if(isset($data['ipaddr']) && $data['ipaddr']) { - $where .= " AND ipaddr IN (" . $this->append_search_criteria($data['ipaddr'], $arr) . ")"; + $where .= " AND ( " . $this->append_search_criteria("ipaddr", $data['ipaddr'], $arr) . " )"; } if(isset($data['user']) && $data['user']) { - $where .= " AND email IN (" . $this->append_search_criteria($data['user'], $arr) . ")"; + $where .= " AND ( " . $this->append_search_criteria("email", $data['user'], $arr) . " )"; } if(isset($data['ref']) && $data['ref']) { - $where .= " AND meta_id IN (" . $this->append_search_criteria($data['ref'], $arr) . ")"; + $where .= " AND ( " . $this->append_search_criteria("meta_id", $data['ref'], $arr) . " )"; } if(Registry::get('admin_user') == 0) { @@ -67,6 +66,7 @@ class ModelAuditAudit extends Model { $from = $data['page_len'] * $data['page']; + if($where) { $query = $this->db->query("SELECT COUNT(*) AS count FROM " . TABLE_AUDIT . " $where", $arr); $n = $query->row['count']; @@ -126,21 +126,26 @@ class ModelAuditAudit extends Model { } - private function append_search_criteria($s = '', &$arr = array()) { - $q = ""; + private function append_search_criteria($var = '', $s = '', &$arr = array()) { + $str = ""; - $a = explode("*", $s); + $a = explode("\t", $s); for($i=0; $i 0) { $date .= "$field >= $date1 "; }