mirror of
https://github.com/moodle/moodle.git
synced 2025-08-04 16:36:37 +02:00
Merge branch 'MDL-57887-nginx-username-logging' of https://github.com/brendanheywood/moodle
This commit is contained in:
Dan Poltawski
commit
8b9196d7d2
2 changed files with 54 additions and 28 deletions
|
|
@ -385,7 +385,15 @@ $CFG->admin = 'admin';
|
||||||
// LogFormat "%h %l %{MOODLEUSER}n %t \"%r\" %s %b \"%{Referer}i\" \"%{User-Agent}i\"" moodleformat
|
// LogFormat "%h %l %{MOODLEUSER}n %t \"%r\" %s %b \"%{Referer}i\" \"%{User-Agent}i\"" moodleformat
|
||||||
// And in the part specific to your Moodle install / virtualhost:
|
// And in the part specific to your Moodle install / virtualhost:
|
||||||
// CustomLog "/your/path/to/log" moodleformat
|
// CustomLog "/your/path/to/log" moodleformat
|
||||||
// CAUTION: Use of this option will expose usernames in the Apache log,
|
//
|
||||||
|
// Alternatively for other webservers such as nginx, you can instead have the username sent via a http header
|
||||||
|
// 'X-MOODLEUSER' which can be saved in the logfile and then stripped out before being sent to the browser:
|
||||||
|
// $CFG->headerloguser = 0; // Turn this feature off. Default value.
|
||||||
|
// $CFG->headerloguser = 1; // Log user id.
|
||||||
|
// $CFG->headerloguser = 2; // Log full name in cleaned format. ie, Darth Vader will be displayed as darth_vader.
|
||||||
|
// $CFG->headerloguser = 3; // Log username.
|
||||||
|
//
|
||||||
|
// CAUTION: Use of this option will expose usernames in the Apache / nginx log,
|
||||||
// If you are going to publish your log, or the output of your web stats analyzer
|
// If you are going to publish your log, or the output of your web stats analyzer
|
||||||
// this will weaken the security of your website.
|
// this will weaken the security of your website.
|
||||||
//
|
//
|
||||||
|
|
|
||||||
|
|
@ -915,36 +915,54 @@ if (!empty($CFG->debugvalidators) and !empty($CFG->guestloginbutton)) {
|
||||||
|
|
||||||
// Apache log integration. In apache conf file one can use ${MOODULEUSER}n in
|
// Apache log integration. In apache conf file one can use ${MOODULEUSER}n in
|
||||||
// LogFormat to get the current logged in username in moodle.
|
// LogFormat to get the current logged in username in moodle.
|
||||||
if ($USER && function_exists('apache_note')
|
// Alternatvely for other web servers a header X-MOODLEUSER can be set which
|
||||||
&& !empty($CFG->apacheloguser) && isset($USER->username)) {
|
// can be using in the logfile and stripped out if needed.
|
||||||
$apachelog_userid = $USER->id;
|
if ($USER && isset($USER->username)) {
|
||||||
$apachelog_username = clean_filename($USER->username);
|
$logmethod = '';
|
||||||
$apachelog_name = '';
|
$logvalue = 0;
|
||||||
|
if (!empty($CFG->apacheloguser) && function_exists('apache_note')) {
|
||||||
|
$logmethod = 'apache';
|
||||||
|
$logvalue = $CFG->apacheloguser;
|
||||||
|
}
|
||||||
|
if (!empty($CFG->headerloguser)) {
|
||||||
|
$logmethod = 'header';
|
||||||
|
$logvalue = $CFG->headerloguser;
|
||||||
|
}
|
||||||
|
if (!empty($logmethod)) {
|
||||||
|
$loguserid = $USER->id;
|
||||||
|
$logusername = clean_filename($USER->username);
|
||||||
|
$logname = '';
|
||||||
if (isset($USER->firstname)) {
|
if (isset($USER->firstname)) {
|
||||||
// We can assume both will be set
|
// We can assume both will be set
|
||||||
// - even if to empty.
|
// - even if to empty.
|
||||||
$apachelog_name = clean_filename($USER->firstname . " " .
|
$logname = clean_filename($USER->firstname . " " . $USER->lastname);
|
||||||
$USER->lastname);
|
|
||||||
}
|
}
|
||||||
if (\core\session\manager::is_loggedinas()) {
|
if (\core\session\manager::is_loggedinas()) {
|
||||||
$realuser = \core\session\manager::get_realuser();
|
$realuser = \core\session\manager::get_realuser();
|
||||||
$apachelog_username = clean_filename($realuser->username." as ".$apachelog_username);
|
$logusername = clean_filename($realuser->username." as ".$logusername);
|
||||||
$apachelog_name = clean_filename($realuser->firstname." ".$realuser->lastname ." as ".$apachelog_name);
|
$logname = clean_filename($realuser->firstname." ".$realuser->lastname ." as ".$logname);
|
||||||
$apachelog_userid = clean_filename($realuser->id." as ".$apachelog_userid);
|
$loguserid = clean_filename($realuser->id." as ".$loguserid);
|
||||||
}
|
}
|
||||||
switch ($CFG->apacheloguser) {
|
switch ($logvalue) {
|
||||||
case 3:
|
case 3:
|
||||||
$logname = $apachelog_username;
|
$logname = $logusername;
|
||||||
break;
|
break;
|
||||||
case 2:
|
case 2:
|
||||||
$logname = $apachelog_name;
|
$logname = $logname;
|
||||||
break;
|
break;
|
||||||
case 1:
|
case 1:
|
||||||
default:
|
default:
|
||||||
$logname = $apachelog_userid;
|
$logname = $loguserid;
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
|
if ($logmethod == 'apache') {
|
||||||
apache_note('MOODLEUSER', $logname);
|
apache_note('MOODLEUSER', $logname);
|
||||||
|
}
|
||||||
|
|
||||||
|
if ($logmethod == 'header') {
|
||||||
|
header("X-MOODLEUSER: $logname");
|
||||||
|
}
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
// Ensure the urlrewriteclass is setup correctly (to avoid crippling site).
|
// Ensure the urlrewriteclass is setup correctly (to avoid crippling site).
|
||||||
|
|
|
||||||
Loading…
Add table
Add a link
Reference in a new issue