Started adding IP and User agent to audit logs, log when a user logs out, Merged logout into post.php

2026-02-28 02:44:53 +00:00 · 2021-12-09 16:12:57 -05:00
parent a5a8fbc319
commit f02e94d585
8 changed files with 38 additions and 18 deletions
--- a/login.php
+++ b/login.php
@@ -43,7 +43,7 @@ if(isset($_POST['login'])){

    if(empty($token)){
      $_SESSION['logged'] = TRUE;
-      mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Login', log_action = 'Success', log_description = '$ip - $os - $browser - $device', log_created_at = NOW(), log_user_id = $user_id");
+      mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Login', log_action = 'Success', log_description = '$user_name successfully logged in', log_ip = '$ip', log_user_agent = '$os - $browser - $device', log_created_at = NOW(), log_user_id = $user_id");
         
      header("Location: dashboard.php");
    }else{
@@ -60,12 +60,11 @@ if(isset($_POST['login'])){

      if(TokenAuth6238::verify($token,$current_code)){
        $_SESSION['logged'] = TRUE;
-        mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Login 2FA', log_action = 'Success', log_description = '$ip - $os - $browser - $device', log_created_at = NOW(), log_user_id = $user_id");
+        mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Login 2FA', log_action = 'Success', log_description = '$user_name successfully logged in using 2FA', log_ip = '$ip', log_user_agent = '$os - $browser - $device', log_created_at = NOW(), log_user_id = $user_id");
        //header("Location: $config_start_page");
-        echo "<script>alert(Fail); </script>";
        header("Location: dashboard.php");
      }else{
-        mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Login', log_action = '2FA Failed', log_description = '$ip - $os - $browser - $device', log_created_at = NOW(), log_user_id = $user_id");
+        mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Login', log_action = '2FA Failed', log_description = '$user_name failed 2FA', log_ip = '$ip', log_user_agent = '$os - $browser - $device', log_created_at = NOW(), log_user_id = $user_id");

        $response = "
          <div class='alert alert-primary'>
@@ -77,7 +76,7 @@ if(isset($_POST['login'])){
    }
  
  }else{
-    mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Login', log_action = 'Failed', log_description = '$username - $ip - $os - $browser - $device', log_created_at = NOW()");
+    mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Login', log_action = 'Failed', log_description = '$user_name failed to log in', log_ip = '$ip', log_user_agent = '$os - $browser - $device', log_created_at = NOW()");

    $response = "
      <div class='alert alert-danger'>