diff --git a/admin/configuration.php b/admin/configuration.php index c6d733086..a381ef37d 100644 --- a/admin/configuration.php +++ b/admin/configuration.php @@ -285,6 +285,7 @@ WHERE param = \''.$row['param'].'\' } } $page['infos'][] = l10n('Information data registered in database'); + pwg_activity('system', ACTIVITY_SYSTEM_CORE, 'config', array('config_section'=>$page['section'])); } //------------------------------------------------------ $conf reinitialization @@ -299,6 +300,7 @@ if ('sizes' == $page['section'] and isset($_GET['action']) and 'restore_settings clear_derivative_cache(); $page['infos'][] = l10n('Your configuration settings are saved'); + pwg_activity('system', ACTIVITY_SYSTEM_CORE, 'config', array('config_section'=>$page['section'],'config_action'=>$_GET['action'])); } //----------------------------------------------------- template initialization diff --git a/admin/include/configuration_sizes_process.inc.php b/admin/include/configuration_sizes_process.inc.php index 40a2b7125..7820308b4 100644 --- a/admin/include/configuration_sizes_process.inc.php +++ b/admin/include/configuration_sizes_process.inc.php @@ -245,6 +245,7 @@ if (count($errors) == 0) } $page['infos'][] = l10n('Your configuration settings are saved'); + pwg_activity('system', ACTIVITY_SYSTEM_CORE, 'config', array('config_section'=>'sizes')); } else { diff --git a/admin/include/configuration_watermark_process.inc.php b/admin/include/configuration_watermark_process.inc.php index e0a0bb9ff..083ab64e8 100644 --- a/admin/include/configuration_watermark_process.inc.php +++ b/admin/include/configuration_watermark_process.inc.php @@ -196,6 +196,7 @@ if (count($errors) == 0) } $page['infos'][] = l10n('Your configuration settings are saved'); + pwg_activity('system', ACTIVITY_SYSTEM_CORE, 'config', array('config_section'=>'watermark')); } else { diff --git a/admin/include/plugins.class.php b/admin/include/plugins.class.php index 9f2227b75..92a469495 100644 --- a/admin/include/plugins.class.php +++ b/admin/include/plugins.class.php @@ -117,6 +117,8 @@ class plugins $plugin_maintain = self::build_maintain_class($plugin_id); } + $activity_details = array('plugin_id'=>$plugin_id); + $errors = array(); switch ($action) @@ -128,6 +130,7 @@ class plugins } $plugin_maintain->install($this->fs_plugins[$plugin_id]['version'], $errors); + $activity_details['version'] = $this->fs_plugins[$plugin_id]['version']; if (empty($errors)) { @@ -137,16 +140,22 @@ INSERT INTO '. PLUGINS_TABLE .' (id,version) ;'; pwg_query($query); } + else + { + $activity_details['result'] = 'error'; + } break; case 'update': $previous_version = $this->fs_plugins[$plugin_id]['version']; + $activity_details['from_version'] = $previous_version; $errors[0] = $this->extract_plugin_files('upgrade', $options['revision'], $plugin_id); if ($errors[0] === 'ok') { $this->get_fs_plugin($plugin_id); // refresh plugins list $new_version = $this->fs_plugins[$plugin_id]['version']; + $activity_details['to_version'] = $new_version; $plugin_maintain = self::build_maintain_class($plugin_id); $plugin_maintain->update($previous_version, $new_version, $errors); @@ -161,6 +170,11 @@ UPDATE '. PLUGINS_TABLE .' pwg_query($query); } } + else + { + $activity_details['result'] = 'error'; + } + break; @@ -179,6 +193,7 @@ UPDATE '. PLUGINS_TABLE .' if (empty($errors)) { $plugin_maintain->activate($crt_db_plugin['version'], $errors); + $activity_details['version'] = $crt_db_plugin['version']; } if (empty($errors)) @@ -190,11 +205,16 @@ UPDATE '. PLUGINS_TABLE .' ;'; pwg_query($query); } + else + { + $activity_details['result'] = 'error'; + } break; case 'deactivate': if (!isset($crt_db_plugin) or $crt_db_plugin['state'] != 'active') { + $activity_details['result'] = 'error'; break; } @@ -206,13 +226,27 @@ UPDATE '. PLUGINS_TABLE .' pwg_query($query); $plugin_maintain->deactivate(); + + if (isset($crt_db_plugin['version'])) + { + $activity_details['version'] = $crt_db_plugin['version']; + } + break; case 'uninstall': if (!isset($crt_db_plugin)) { + $activity_details['result'] = 'error'; + $activity_details['error'] = 'plugin not installed'; break; } + + if (isset($crt_db_plugin['version'])) + { + $activity_details['version'] = $crt_db_plugin['version']; + } + if ($crt_db_plugin['state'] == 'active') { $this->perform_action('deactivate', $plugin_id); @@ -236,17 +270,29 @@ DELETE FROM '. PLUGINS_TABLE .' case 'delete': if (!empty($crt_db_plugin)) { + if (isset($crt_db_plugin['version'])) + { + $activity_details['db_version'] = $crt_db_plugin['version']; + } + $this->perform_action('uninstall', $plugin_id); } if (!isset($this->fs_plugins[$plugin_id])) { break; } + else + { + $activity_details['fs_version'] = $this->fs_plugins[$plugin_id]['version']; + } + include_once(PHPWG_ROOT_PATH.'admin/include/functions.php'); deltree(PHPWG_PLUGINS_PATH . $plugin_id, PHPWG_PLUGINS_PATH . 'trash'); break; } + pwg_activity('system', ACTIVITY_SYSTEM_PLUGIN, $action, $activity_details); + return $errors; } diff --git a/admin/include/themes.class.php b/admin/include/themes.class.php index e3d421824..47191a9e4 100644 --- a/admin/include/themes.class.php +++ b/admin/include/themes.class.php @@ -96,6 +96,7 @@ class themes $theme_maintain = self::build_maintain_class($theme_id); $errors = array(); + $activity_details = array('theme_id'=>$theme_id); switch ($action) { @@ -144,6 +145,8 @@ INSERT INTO '.THEMES_TABLE.' ;'; pwg_query($query); + $activity_details['version'] = $this->fs_themes[$theme_id]['version']; + if ($this->fs_themes[$theme_id]['mobile']) { conf_update_param('mobile_theme', $theme_id); @@ -236,6 +239,9 @@ DELETE $this->set_default_theme($theme_id); break; } + + pwg_activity('system', ACTIVITY_SYSTEM_THEME, $action, $activity_details); + return $errors; } @@ -577,7 +583,7 @@ SELECT * @param string - remote revision identifier (numeric) * @param string - theme id or extension id */ - function extract_theme_files($action, $revision, $dest) + function extract_theme_files($action, $revision, $dest, &$theme_id=null) { global $logger; @@ -614,13 +620,13 @@ SELECT $root = dirname($main_filepath); // main.inc.php path in archive if ($action == 'upgrade') { - $extract_path = PHPWG_THEMES_PATH . $dest; + $theme_id = $dest; } else { - $extract_path = PHPWG_THEMES_PATH . ($root == '.' ? 'extension_' . $dest : basename($root)); + $theme_id = ($root == '.' ? 'extension_' . $dest : basename($root)); } - + $extract_path = PHPWG_THEMES_PATH . $theme_id; $logger->debug(__FUNCTION__.', $extract_path = '.$extract_path); if ( diff --git a/admin/include/updates.class.php b/admin/include/updates.class.php index 8d24f6987..56ca8d0bf 100644 --- a/admin/include/updates.class.php +++ b/admin/include/updates.class.php @@ -460,6 +460,8 @@ class updates if ($check_current_version and !version_compare($upgrade_to, PHPWG_VERSION, '>')) { + // TODO why redirect to a plugin page? maybe a remaining code from when + // the update system was provided as a plugin? redirect(get_root_url().'admin.php?page=plugin-'.basename(dirname(__FILE__))); } @@ -552,6 +554,8 @@ class updates deltree(PHPWG_ROOT_PATH.$conf['data_location'].'update'); invalidate_user_cache(true); + pwg_activity('system', ACTIVITY_SYSTEM_CORE, 'update', array('from_version'=>PHPWG_VERSION, 'to_version'=>$upgrade_to)); + if ($step == 2) { // only delete compiled templates on minor update. Doing this on diff --git a/admin/maintenance_actions.php b/admin/maintenance_actions.php index fa53c9ac8..8d6db5674 100644 --- a/admin/maintenance_actions.php +++ b/admin/maintenance_actions.php @@ -13,6 +13,7 @@ fs_quick_check(); // +-----------------------------------------------------------------------+ $action = isset($_GET['action']) ? $_GET['action'] : ''; +$register_activity = true; switch ($action) { @@ -24,6 +25,7 @@ switch ($action) case 'lock_gallery' : { conf_update_param('gallery_locked', 'true'); + pwg_activity('system', ACTIVITY_SYSTEM_CORE, 'maintenance', array('maintenance_action'=>$action)); redirect(get_root_url().'admin.php?page=maintenance'); break; } @@ -31,6 +33,7 @@ switch ($action) { conf_update_param('gallery_locked', 'false'); $_SESSION['page_infos'] = array(l10n('Gallery unlocked')); + pwg_activity('system', ACTIVITY_SYSTEM_CORE, 'maintenance', array('maintenance_action'=>$action)); redirect(get_root_url().'admin.php?page=maintenance'); break; } @@ -243,10 +246,15 @@ DELETE default : { + $register_activity = false; break; } } +if ($register_activity) +{ + pwg_activity('system', ACTIVITY_SYSTEM_CORE, 'maintenance', array('maintenance_action'=>$action)); +} // +-----------------------------------------------------------------------+ // | template init | diff --git a/admin/plugins_new.php b/admin/plugins_new.php index 40f788e7c..2c28eb98f 100644 --- a/admin/plugins_new.php +++ b/admin/plugins_new.php @@ -50,6 +50,19 @@ if (isset($_GET['installstatus'])) $page['infos'][] = l10n('Plugin has been successfully copied'); $page['infos'][] = '' . l10n('Activate it now') . ''; + + if (isset($plugins->fs_plugins[$_GET['plugin_id']])) + { + pwg_activity( + 'system', + ACTIVITY_SYSTEM_PLUGIN, + 'install', + array( + 'plugin_id' => $_GET['plugin_id'], + 'version' => $plugins->fs_plugins[$_GET['plugin_id']]['version'], + ) + ); + } break; case 'temp_path_error': diff --git a/admin/themes_new.php b/admin/themes_new.php index b3b011371..12dfc148c 100644 --- a/admin/themes_new.php +++ b/admin/themes_new.php @@ -44,10 +44,11 @@ if (isset($_GET['revision']) and isset($_GET['extension'])) $install_status = $themes->extract_theme_files( 'install', $_GET['revision'], - $_GET['extension'] + $_GET['extension'], + $theme_id ); - redirect($base_url.'&installstatus='.$install_status); + redirect($base_url.'&installstatus='.$install_status.'&theme_id='.$theme_id); } } @@ -61,6 +62,19 @@ if (isset($_GET['installstatus'])) { case 'ok': $page['infos'][] = l10n('Theme has been successfully installed'); + + if (isset($themes->fs_themes[$_GET['theme_id']])) + { + pwg_activity( + 'system', + ACTIVITY_SYSTEM_THEME, + 'install', + array( + 'theme_id' => $_GET['theme_id'], + 'version' => $themes->fs_themes[$_GET['theme_id']]['version'], + ) + ); + } break; case 'temp_path_error': diff --git a/admin/user_activity.php b/admin/user_activity.php index ef55a8aa7..d85a17592 100644 --- a/admin/user_activity.php +++ b/admin/user_activity.php @@ -101,7 +101,9 @@ SELECT performed_by, COUNT(*) as counter FROM '.ACTIVITY_TABLE.' - group by performed_by;'; + WHERE object != \'system\' + GROUP BY performed_by +;'; $nb_lines_for_user = query2array($query, 'performed_by', 'counter'); diff --git a/include/constants.php b/include/constants.php index 630c119b7..90329ef6d 100644 --- a/include/constants.php +++ b/include/constants.php @@ -30,6 +30,11 @@ define('ACCESS_ADMINISTRATOR', 3); define('ACCESS_WEBMASTER', 4); define('ACCESS_CLOSED', 5); +// System activities +define('ACTIVITY_SYSTEM_CORE', 1); +define('ACTIVITY_SYSTEM_PLUGIN', 2); +define('ACTIVITY_SYSTEM_THEME', 3); + // Sanity checks define('PATTERN_ID', '/^\d+$/'); diff --git a/include/functions.inc.php b/include/functions.inc.php index 1cb39b901..289fb003a 100644 --- a/include/functions.inc.php +++ b/include/functions.inc.php @@ -536,6 +536,13 @@ function pwg_activity($object, $object_id, $action, $details=array()) return; } + if (isset($_REQUEST['method']) and 'pwg.plugins.performAction' == $_REQUEST['method'] and $_REQUEST['action'] != $action) + { + // for example, if you "restore" a plugin, the internal sequence will perform deactivate/uninstall/install/activate. + // We only want to keep the last call to pwg_activity with the "restore" action. + return; + } + $object_ids = $object_id; if (!is_array($object_id)) { @@ -556,6 +563,13 @@ function pwg_activity($object, $object_id, $action, $details=array()) } } + if ('autoupdate' == $action) + { + // autoupdate on a plugin can happen anywhere, the "script/method" is not meaningfull + unset($details['method']); + unset($details['script']); + } + $user_agent = null; if ('user' == $object and 'login' == $action and isset($_SERVER['HTTP_USER_AGENT'])) { @@ -588,7 +602,7 @@ function pwg_activity($object, $object_id, $action, $details=array()) foreach ($object_ids as $loop_object_id) { - $performed_by = $user['id']; + $performed_by = $user['id'] ?? 0; // on a plugin autoupdate, $user is not yet loaded if ('logout' == $action) { diff --git a/include/functions_plugins.inc.php b/include/functions_plugins.inc.php index 468659605..b5862496b 100644 --- a/include/functions_plugins.inc.php +++ b/include/functions_plugins.inc.php @@ -385,6 +385,9 @@ function autoupdate_plugin(&$plugin) safe_version_compare($plugin['version'], $fs_version, '<') ) ) { + $old_version = $plugin['version']; + $new_version = $fs_version; + $plugin['version'] = $fs_version; $maintain_file = PHPWG_PLUGINS_PATH.$plugin['id'].'/maintain.class.php'; @@ -407,8 +410,9 @@ function autoupdate_plugin(&$plugin) $plugin_maintain->update($plugin['version'], $fs_version, $page['errors']); } - // update database (only on production) - if ($plugin['version'] != 'auto') + // update database (only on production). We want to avoid registering an "auto" to "auto" update, + // which happens for each "version=auto" plugin on each page load. + if ($new_version != $old_version) { $query = ' UPDATE '. PLUGINS_TABLE .' @@ -416,6 +420,8 @@ UPDATE '. PLUGINS_TABLE .' WHERE id = "'. $plugin['id'] .'" ;'; pwg_query($query); + + pwg_activity('system', ACTIVITY_SYSTEM_PLUGIN, 'autoupdate', array('plugin_id'=>$plugin['id'], 'from_version'=>$old_version, 'to_version'=>$new_version)); } } } diff --git a/include/ws_functions/pwg.extensions.php b/include/ws_functions/pwg.extensions.php index cb34295f7..c983d8bd6 100644 --- a/include/ws_functions/pwg.extensions.php +++ b/include/ws_functions/pwg.extensions.php @@ -190,6 +190,20 @@ function ws_extensions_update($params, $service) { $upgrade_status = $extension->extract_theme_files('upgrade', $revision, $extension_id); $extension_name = $extension->fs_themes[$extension_id]['name']; + + $activity_details = array('theme_id'=>$extension_id, 'from_version'=>$extension->fs_themes[$extension_id]['version']); + + if ('ok' == $upgrade_status) + { + $extension->get_fs_themes(); // refresh list + $activity_details['to_version'] = $extension->fs_themes[$extension_id]['version']; + } + else + { + $activity_details['result'] = 'error'; + } + + pwg_activity('system', ACTIVITY_SYSTEM_THEME, 'update', $activity_details); } else if ($type == 'languages') { diff --git a/include/ws_functions/pwg.php b/include/ws_functions/pwg.php index 1153cd724..86457c84b 100644 --- a/include/ws_functions/pwg.php +++ b/include/ws_functions/pwg.php @@ -446,23 +446,24 @@ SELECT occured_on, details, user_agent - FROM '.ACTIVITY_TABLE; + FROM '.ACTIVITY_TABLE.' + WHERE object != \'system\''; if (isset($param['uid'])) { $query.= ' - WHERE performed_by = '.$param['uid']; + AND performed_by = '.$param['uid']; } elseif ('none' == $conf['activity_display_connections']) { $query.= ' - WHERE action NOT IN (\'login\', \'logout\')'; + AND action NOT IN (\'login\', \'logout\')'; } elseif ('admins_only' == $conf['activity_display_connections']) { include_once(PHPWG_ROOT_PATH.'admin/include/functions.php'); $query.= ' - WHERE NOT (action IN (\'login\', \'logout\') AND object_id NOT IN ('.implode(',', get_admins()).'))'; + AND NOT (action IN (\'login\', \'logout\') AND object_id NOT IN ('.implode(',', get_admins()).'))'; } $query.= '