AS1024
/
itflow
mirror of https://github.com/itflow-org/itflow
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Replaced old logging with new logging function in credential post along with tidy, wording updates

This commit is contained in:
johnnyq 2024-11-09 15:07:55 -05:00
parent 60a0ebeeb6
commit ae06ddb068
4 changed files with 60 additions and 53 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
client_login_add_modal.php
View File

@ -9,6 +9,7 @@
</div>
<form action="post.php" method="post" autocomplete="off">
<input type="hidden" name="client_id" value="<?php echo $client_id; ?>">
<input type="hidden" name="important" value="0">
<div class="modal-body bg-white">
<ul class="nav nav-pills nav-justified mb-3">

1
client_login_edit_modal.php
View File

@ -10,6 +10,7 @@
<form action="post.php" method="post" autocomplete="off">
<input type="hidden" name="login_id" value="<?php echo $login_id; ?>">
<input type="hidden" name="client_id" value="<?php echo $client_id; ?>">
<input type="hidden" name="important" value="0">
<div class="modal-body bg-white">
<ul class="nav nav-pills nav-justified mb-3">

2
post/user/contact.php
View File

@ -32,7 +32,7 @@ if (isset($_POST['add_contact'])) {
$contact_id = mysqli_insert_id($mysqli);
// Add Tags
if (isset($_POST['tags'])) {
if ($_POST['tags']) {
foreach($_POST['tags'] as $tag) {
$tag = intval($tag);
mysqli_query($mysqli, "INSERT INTO contact_tags SET contact_id = $contact_id, tag_id = $tag");

109
post/user/credential.php
View File

@ -23,9 +23,9 @@ if (isset($_POST['add_login'])) {
}
// Logging
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Credential', log_action = 'Create', log_description = '$session_name created login $name', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_client_id = $client_id, log_user_id = $session_user_id, log_entity_id = $login_id");
logAction("Credential", "Create", "$session_name created credential $name", $client_id, $login_id);
$_SESSION['alert_message'] = "Login <strong>$name</strong> created";
$_SESSION['alert_message'] = "Credential <strong>$name</strong> created";
header("Location: " . $_SERVER["HTTP_REFERER"]);
@ -55,15 +55,17 @@ if (isset($_POST['edit_login'])) {
mysqli_query($mysqli, "DELETE FROM login_tags WHERE login_id = $login_id");
// Add new tags
foreach($_POST['tags'] as $tag) {
$tag = intval($tag);
mysqli_query($mysqli, "INSERT INTO login_tags SET login_id = $login_id, tag_id = $tag");
if(isset($_POST['tags'])) {
foreach($_POST['tags'] as $tag) {
$tag = intval($tag);
mysqli_query($mysqli, "INSERT INTO login_tags SET login_id = $login_id, tag_id = $tag");
}
}
// Logging
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Credential', log_action = 'Modify', log_description = '$session_name modified login $name', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_client_id = $client_id, log_user_id = $session_user_id, log_entity_id = $login_id");
logAction("Credential", "Edit", "$session_name edited credential $name", $client_id, $login_id);
$_SESSION['alert_message'] = "Login <strong>$name</strong> updated";
$_SESSION['alert_message'] = "Login <strong>$name</strong> edited";
header("Location: " . $_SERVER["HTTP_REFERER"]);
@ -84,7 +86,8 @@ if(isset($_GET['archive_login'])){
mysqli_query($mysqli,"UPDATE logins SET login_archived_at = NOW() WHERE login_id = $login_id");
//logging
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Credential', log_action = 'Archive', log_description = '$session_name archived login $login_name', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_client_id = $client_id, log_user_id = $session_user_id, log_entity_id = $login_id");
logAction("Credential", "Archive", "$session_name archived credential $login_name", $client_id, $login_id);
$_SESSION['alert_type'] = "error";
$_SESSION['alert_message'] = "Credential <strong>$login_name</strong> archived";
@ -108,7 +111,7 @@ if(isset($_GET['unarchive_login'])){
mysqli_query($mysqli,"UPDATE logins SET login_archived_at = NULL WHERE login_id = $login_id");
//Logging
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Login', log_action = 'Unarchive', log_description = '$session_name restored credential $login_name', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_client_id = $client_id, log_user_id = $session_user_id, log_entity_id = $login_id");
logAction("Credential", "Unarchive", "$session_name unarchived credential $login_name", $client_id, $login_id);
$_SESSION['alert_message'] = "Credential <strong>$login_name</strong> restored";
@ -137,9 +140,9 @@ if (isset($_GET['delete_login'])) {
// Logging
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Credential', log_action = 'Delete', log_description = '$session_name deleted login $login_name', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_client_id = $client_id, log_user_id = $session_user_id, log_entity_id = $login_id");
logAction("Credential", "Delete", "$session_name deleted credential $login_name", $client_id);
$_SESSION['alert_message'] = "Login <strong>$login_name</strong> deleted";
$_SESSION['alert_message'] = "Credential <strong>$login_name</strong> deleted";
header("Location: " . $_SERVER["HTTP_REFERER"]);
@ -149,11 +152,12 @@ if (isset($_POST['bulk_assign_login_tags'])) {
enforceUserPermission('module_credential', 2);
// Get Selected Credential Count
$count = count($_POST['login_ids']);
// Assign tags to Selected Credentials
if (!empty($_POST['login_ids'])) {
if ($_POST['login_ids']) {
// Get Selected Credential Count
$count = count($_POST['login_ids']);
foreach($_POST['login_ids'] as $login_id) {
$login_id = intval($login_id);
@ -169,21 +173,26 @@ if (isset($_POST['bulk_assign_login_tags'])) {
}
// Add new tags
foreach($_POST['bulk_tags'] as $tag) {
$tag = intval($tag);
if(isset($_POST['bulk_tags'])) {
foreach($_POST['bulk_tags'] as $tag) {
$tag = intval($tag);
$sql = mysqli_query($mysqli,"SELECT * FROM login_tags WHERE login_id = $login_id AND tag_id = $tag");
if (mysqli_num_rows($sql) == 0) {
mysqli_query($mysqli, "INSERT INTO login_tags SET login_id = $login_id, tag_id = $tag");
$sql = mysqli_query($mysqli,"SELECT * FROM login_tags WHERE login_id = $login_id AND tag_id = $tag");
if (mysqli_num_rows($sql) == 0) {
mysqli_query($mysqli, "INSERT INTO login_tags SET login_id = $login_id, tag_id = $tag");
}
}
}
//Logging
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Credential', log_action = 'Modify', log_description = '$session_name added tags to $login_name', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_client_id = $client_id, log_user_id = $session_user_id, log_entity_id = $login_id");
// Logging
logAction("Credential", "Edit", "$session_name added tags to $login_name", $client_id, $login_id);
} // End Assign Location Loop
$_SESSION['alert_message'] = "Assigned tags for <strong>$count</strong> credentials";
$_SESSION['alert_message'] = "Assigned tags for <strong>$count</strong> credentials";
} // End Assign Loop
// Logging
logAction("Credential", "Bulk Edit", "$session_name added tags to $count credentials", $client_id);
}
header("Location: " . $_SERVER["HTTP_REFERER"]);
@ -195,10 +204,10 @@ if (isset($_POST['bulk_archive_logins'])) {
enforceUserPermission('module_credential', 2);
validateCSRFToken($_POST['csrf_token']);
$count = 0; // Default 0
$login_ids = $_POST['login_ids']; // Get array of IDs to be deleted
if ($_POST['login_ids']) {
if (!empty($login_ids)) {
// Get Selected Credential Count
$count = count($_POST['login_ids']);
// Cycle through array and archive each record
foreach ($login_ids as $login_id) {
@ -214,15 +223,14 @@ if (isset($_POST['bulk_archive_logins'])) {
mysqli_query($mysqli,"UPDATE logins SET login_archived_at = NOW() WHERE login_id = $login_id");
// Individual Contact logging
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Credential', log_action = 'Archive', log_description = '$session_name archived login $login_name', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_client_id = $client_id, log_user_id = $session_user_id, log_entity_id = $login_id");
$count++;
logAction("Credential", "Archive", "$session_name archived credential $login_name", $client_id, $login_id);
}
// Bulk Logging
mysqli_query($mysqli, "INSERT INTO logs SET log_type = 'Credential', log_action = 'Archive', log_description = '$session_name archived $count logins', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_client_id = $client_id, log_user_id = $session_user_id");
logAction("Credential", "Bulk Archive", "$session_name archived $count credentials", $client_id);
$_SESSION['alert_type'] = "error";
$_SESSION['alert_message'] = "Archived $count credential(s)";
$_SESSION['alert_message'] = "Archived <strong>$count</strong> credential(s)";
}
@ -235,10 +243,10 @@ if (isset($_POST['bulk_unarchive_logins'])) {
validateCSRFToken($_POST['csrf_token']);
$count = 0; // Default 0
$login_ids = $_POST['login_ids']; // Get array of IDs
if ($_POST['login_ids']) {
if (!empty($login_ids)) {
// Get Selected Credential Count
$count = count($_POST['login_ids']);
// Cycle through array and unarchive
foreach ($login_ids as $login_id) {
@ -254,16 +262,14 @@ if (isset($_POST['bulk_unarchive_logins'])) {
mysqli_query($mysqli,"UPDATE logins SET login_archived_at = NULL WHERE login_id = $login_id");
// Individual logging
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Credential', log_action = 'Unarchive', log_description = '$session_name Unarchived login $logins_name', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_client_id = $client_id, log_user_id = $session_user_id, log_entity_id = $login_id");
logAction("Credential", "Unarchive", "$session_name unarchived credential $login_name", $client_id, $login_id);
$count++;
}
// Bulk Logging
mysqli_query($mysqli, "INSERT INTO logs SET log_type = 'Credential', log_action = 'Unarchive', log_description = '$session_name Unarchived $count logins', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_client_id = $client_id, log_user_id = $session_user_id");
logAction("Credential", "Bulk Unarchive", "$session_name unarchived $count credential(s)", $client_id);
$_SESSION['alert_message'] = "Unarchived $count credential(s)";
$_SESSION['alert_message'] = "Unarchived <strong>$count</strong> credential(s)";
}
@ -276,10 +282,10 @@ if (isset($_POST['bulk_delete_logins'])) {
validateCSRFToken($_POST['csrf_token']);
$count = 0; // Default 0
$login_ids = $_POST['login_ids']; // Get array of IDs to be deleted
if ($_POST['login_ids']) {
if (!empty($login_ids)) {
// Get Selected Credential Count
$count = count($_POST['login_ids']);
// Cycle through array and delete each record
foreach ($login_ids as $login_id) {
@ -292,7 +298,6 @@ if (isset($_POST['bulk_delete_logins'])) {
$login_name = sanitizeInput($row['login_name']);
$client_id = intval($row['login_client_id']);
mysqli_query($mysqli, "DELETE FROM logins WHERE login_id = $login_id AND login_client_id = $client_id");
// Remove Relations
@ -301,15 +306,15 @@ if (isset($_POST['bulk_delete_logins'])) {
mysqli_query($mysqli,"DELETE FROM software_logins WHERE login_id = $login_id");
mysqli_query($mysqli,"DELETE FROM vendor_logins WHERE login_id = $login_id");
mysqli_query($mysqli, "INSERT INTO logs SET log_type = 'Credential', log_action = 'Delete', log_description = '$session_name deleted login $login_name', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_client_id = $client_id, log_user_id = $session_user_id, log_entity_id = $login_id");
// Logging
logAction("Credential", "Delete", "$session_name deleted credential $login_name", $client_id);
$count++;
}
// Logging
mysqli_query($mysqli, "INSERT INTO logs SET log_type = 'Credential', log_action = 'Delete', log_description = '$session_name bulk deleted $count logins', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_client_id = $client_id, log_user_id = $session_user_id");
// Bulk Logging
logAction("Credential", "Bulk Delete", "$session_name deleted $count credential(s)", $client_id);
$_SESSION['alert_message'] = "Deleted $count credential(s)";
$_SESSION['alert_message'] = "Deleted <strong>$count</strong> credential(s)";
}
@ -361,7 +366,7 @@ if (isset($_POST['export_client_logins_csv'])) {
}
// Logging
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Credential', log_action = 'Export', log_description = '$session_name exported $num_rows login(s) to a CSV file', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_client_id = $client_id, log_user_id = $session_user_id");
logAction("Credential", "Export", "$session_name exported $num_rows credential(s) to a CSV file", $client_id);
exit;
@ -435,10 +440,10 @@ if (isset($_POST["import_client_logins_csv"])) {
}
fclose($file);
//Logging
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Credential', log_action = 'Import', log_description = '$session_name imported $row_count login(s) via csv file. $duplicate_count duplicate(s) detected and not imported', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_client_id = $client_id, log_user_id = $session_user_id");
// Logging
logAction("Credential", "Import", "$session_name imported $row_count credential(s) via CSV file. $duplicate_count duplicate(s) found and not imported", $client_id);
$_SESSION['alert_message'] = "$row_count Login(s) imported, $duplicate_count duplicate(s) detected and not imported";
$_SESSION['alert_message'] = "$row_count credential(s) imported, $duplicate_count duplicate(s) detected and not imported";
header("Location: " . $_SERVER["HTTP_REFERER"]);
}
//Check for any errors, if there are notify user and redirect