Author: jfthomps
Date: Fri Oct 31 13:05:18 2014
New Revision: 1635761

URL: http://svn.apache.org/r1635761
Log:
VCL-713 - Add ability to turn off certain types of logging in the database

utils.php:
-modified doQuery: do not log queries to querylog table if QUERYLOGGING is 
defined and is set to 0 
-modified xmlRPChandler: do not log XMLRPC calls to xmlrpcLog table if 
XMLRPCLOGGING is defined and is set to 0 

conf-default.php:
-added QUERYLOGGING: boolean to control logging of queries to querylog table
-added XMLRPCLOGGING: boolean to control logging of XMLRPC calls to xmlrpcLog 
table

Modified:
    vcl/trunk/web/.ht-inc/conf-default.php
    vcl/trunk/web/.ht-inc/utils.php

Modified: vcl/trunk/web/.ht-inc/conf-default.php
URL: 
http://svn.apache.org/viewvc/vcl/trunk/web/.ht-inc/conf-default.php?rev=1635761&r1=1635760&r2=1635761&view=diff
==============================================================================
--- vcl/trunk/web/.ht-inc/conf-default.php (original)
+++ vcl/trunk/web/.ht-inc/conf-default.php Fri Oct 31 13:05:18 2014
@@ -114,6 +114,12 @@ $xmlrpcBlockAPIUsers = array(3, # 3 = vc
 # 0 = disables; 1 = enabled
 define("NOAUTH_HOMENAV", 0);
 
+# boolean value of 0 or 1 to control logging of non SELECT database queries 
for auditing or debugging purposes; queries are logged to the querylog table
+define("QUERYLOGGING", 1);
+
+# boolean value of 0 or 1 to control logging of XMLRPC calls for auditing or 
debugging purposes; queries are logged to the xmlrpcLog table
+define("XMLRPCLOGGING", 1);
+
 # documentation links to display on login page and page
 #   where authentication method is selected when NOAUTH_HOMENAV is set to 1
 $NOAUTH_HOMENAV = array (

Modified: vcl/trunk/web/.ht-inc/utils.php
URL: 
http://svn.apache.org/viewvc/vcl/trunk/web/.ht-inc/utils.php?rev=1635761&r1=1635760&r2=1635761&view=diff
==============================================================================
--- vcl/trunk/web/.ht-inc/utils.php (original)
+++ vcl/trunk/web/.ht-inc/utils.php Fri Oct 31 13:05:18 2014
@@ -1114,7 +1114,8 @@ function dbDisconnect() {
 function doQuery($query, $errcode=101, $db="vcl", $nolog=0) {
        global $mysql_link_vcl, $mysql_link_acct, $user, $mode, 
$ENABLE_ITECSAUTH;
        if($db == "vcl") {
-               if((! $nolog) && preg_match('/^(UPDATE|INSERT|DELETE)/', 
$query) &&
+               if((! defined('QUERYLOGGING') || QUERYLOGGING != 0) &&
+                  (! $nolog) && preg_match('/^(UPDATE|INSERT|DELETE)/', 
$query) &&
                   strpos($query, 'UPDATE continuations SET expiretime = ') === 
FALSE) {
                        $logquery = str_replace("'", "\'", $query);
                        $logquery = str_replace('"', '\"', $logquery);
@@ -11916,22 +11917,24 @@ function xmlRPChandler($function, $args,
        else
                $keyid = $user['id'];
        if(function_exists($function)) {
-               $saveargs = mysql_real_escape_string(serialize($args));
-               $query = "INSERT INTO xmlrpcLog "
-                      .        "(xmlrpcKeyid, " 
-                      .        "timestamp, "
-                      .        "IPaddress, "
-                      .        "method, "
-                      .        "apiversion, "
-                      .        "comments) "
-                      . "VALUES " 
-                      .        "($keyid, "
-                      .        "NOW(), "
-                      .        "'$remoteIP', "
-                      .        "'$function', "
-                      .        "$apiversion, "
-                      .        "'$saveargs')";
-               doQuery($query, 101);
+               if(! defined('XMLRPCLOGGING') || XMLRPCLOGGING != 0) {
+                       $saveargs = mysql_real_escape_string(serialize($args));
+                       $query = "INSERT INTO xmlrpcLog "
+                              .        "(xmlrpcKeyid, " 
+                              .        "timestamp, "
+                              .        "IPaddress, "
+                              .        "method, "
+                              .        "apiversion, "
+                              .        "comments) "
+                              . "VALUES " 
+                              .        "($keyid, "
+                              .        "NOW(), "
+                              .        "'$remoteIP', "
+                              .        "'$function', "
+                              .        "$apiversion, "
+                              .        "'$saveargs')";
+                       doQuery($query, 101);
+               }
        }
        else {
                printXMLRPCerror(2);


Reply via email to