AS1024/itflow
1
0
Fork 0
mirror of https://github.com/itflow-org/itflow synced 2026-03-16 02:34:50 +00:00
Code Issues Packages Projects Releases Wiki Activity

Portal login logs

Browse Source 
- Mention contact ID in audit log if password is incorrect
- Mention in audit logs if invalid email/auth method
This commit is contained in:
Marcus Hill
2024-10-06 16:38:48 +01:00
parent c948ccff5c
commit 377c5952d7
1 changed files with 2 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
portal/login.php
View File

@@ -68,13 +68,13 @@ if ($_SERVER['REQUEST_METHOD'] == 'POST' && isset($_POST['login'])) {
mysqli_query($mysqli, "INSERT INTO logs SET log_type = 'Client Login', log_action = 'Success', log_description = 'Client contact $row[contact_email] successfully logged in locally', log_ip = '$ip', log_user_agent = '$user_agent', log_client_id = $row[contact_client_id]"); mysqli_query($mysqli, "INSERT INTO logs SET log_type = 'Client Login', log_action = 'Success', log_description = 'Client contact $row[contact_email] successfully logged in locally', log_ip = '$ip', log_user_agent = '$user_agent', log_client_id = $row[contact_client_id]");
} else { } else {
mysqli_query($mysqli, "INSERT INTO logs SET log_type = 'Client Login', log_action = 'Failed', log_description = 'Failed client portal login attempt using $email', log_ip = '$ip', log_user_agent = '$user_agent'"); mysqli_query($mysqli, "INSERT INTO logs SET log_type = 'Client Login', log_action = 'Failed', log_description = 'Failed client portal login attempt using $email (incorrect password for contact ID $row[contact_id])', log_ip = '$ip', log_user_agent = '$user_agent'");
header("HTTP/1.1 401 Unauthorized"); header("HTTP/1.1 401 Unauthorized");
$_SESSION['login_message'] = 'Incorrect username or password.'; $_SESSION['login_message'] = 'Incorrect username or password.';
} }
} else { } else {
mysqli_query($mysqli, "INSERT INTO logs SET log_type = 'Client Login', log_action = 'Failed', log_description = 'Failed client portal login attempt using $email', log_ip = '$ip', log_user_agent = '$user_agent'"); mysqli_query($mysqli, "INSERT INTO logs SET log_type = 'Client Login', log_action = 'Failed', log_description = 'Failed client portal login attempt using $email (invalid email/not allowed local auth)', log_ip = '$ip', log_user_agent = '$user_agent'");
header("HTTP/1.1 401 Unauthorized"); header("HTTP/1.1 401 Unauthorized");
$_SESSION['login_message'] = 'Incorrect username or password.'; $_SESSION['login_message'] = 'Incorrect username or password.';
} }