Author: jfthomps
Date: Fri Oct 31 13:05:18 2014
New Revision: 1635761
URL: http://svn.apache.org/r1635761
Log:
VCL-713 - Add ability to turn off certain types of logging in the database
utils.php:
-modified doQuery: do not log queries to querylog table if QUERYLOGGING is
defined and is set to 0
-modified xmlRPChandler: do not log XMLRPC calls to xmlrpcLog table if
XMLRPCLOGGING is defined and is set to 0
conf-default.php:
-added QUERYLOGGING: boolean to control logging of queries to querylog table
-added XMLRPCLOGGING: boolean to control logging of XMLRPC calls to xmlrpcLog
table
Modified:
vcl/trunk/web/.ht-inc/conf-default.php
vcl/trunk/web/.ht-inc/utils.php
Modified: vcl/trunk/web/.ht-inc/conf-default.php
URL:
http://svn.apache.org/viewvc/vcl/trunk/web/.ht-inc/conf-default.php?rev=1635761&r1=1635760&r2=1635761&view=diff
==============================================================================
--- vcl/trunk/web/.ht-inc/conf-default.php (original)
+++ vcl/trunk/web/.ht-inc/conf-default.php Fri Oct 31 13:05:18 2014
@@ -114,6 +114,12 @@ $xmlrpcBlockAPIUsers = array(3, # 3 = vc
# 0 = disables; 1 = enabled
define("NOAUTH_HOMENAV", 0);
+# boolean value of 0 or 1 to control logging of non SELECT database queries
for auditing or debugging purposes; queries are logged to the querylog table
+define("QUERYLOGGING", 1);
+
+# boolean value of 0 or 1 to control logging of XMLRPC calls for auditing or
debugging purposes; queries are logged to the xmlrpcLog table
+define("XMLRPCLOGGING", 1);
+
# documentation links to display on login page and page
# where authentication method is selected when NOAUTH_HOMENAV is set to 1
$NOAUTH_HOMENAV = array (
Modified: vcl/trunk/web/.ht-inc/utils.php
URL:
http://svn.apache.org/viewvc/vcl/trunk/web/.ht-inc/utils.php?rev=1635761&r1=1635760&r2=1635761&view=diff
==============================================================================
--- vcl/trunk/web/.ht-inc/utils.php (original)
+++ vcl/trunk/web/.ht-inc/utils.php Fri Oct 31 13:05:18 2014
@@ -1114,7 +1114,8 @@ function dbDisconnect() {
function doQuery($query, $errcode=101, $db="vcl", $nolog=0) {
global $mysql_link_vcl, $mysql_link_acct, $user, $mode,
$ENABLE_ITECSAUTH;
if($db == "vcl") {
- if((! $nolog) && preg_match('/^(UPDATE|INSERT|DELETE)/',
$query) &&
+ if((! defined('QUERYLOGGING') || QUERYLOGGING != 0) &&
+ (! $nolog) && preg_match('/^(UPDATE|INSERT|DELETE)/',
$query) &&
strpos($query, 'UPDATE continuations SET expiretime = ') ===
FALSE) {
$logquery = str_replace("'", "\'", $query);
$logquery = str_replace('"', '\"', $logquery);
@@ -11916,22 +11917,24 @@ function xmlRPChandler($function, $args,
else
$keyid = $user['id'];
if(function_exists($function)) {
- $saveargs = mysql_real_escape_string(serialize($args));
- $query = "INSERT INTO xmlrpcLog "
- . "(xmlrpcKeyid, "
- . "timestamp, "
- . "IPaddress, "
- . "method, "
- . "apiversion, "
- . "comments) "
- . "VALUES "
- . "($keyid, "
- . "NOW(), "
- . "'$remoteIP', "
- . "'$function', "
- . "$apiversion, "
- . "'$saveargs')";
- doQuery($query, 101);
+ if(! defined('XMLRPCLOGGING') || XMLRPCLOGGING != 0) {
+ $saveargs = mysql_real_escape_string(serialize($args));
+ $query = "INSERT INTO xmlrpcLog "
+ . "(xmlrpcKeyid, "
+ . "timestamp, "
+ . "IPaddress, "
+ . "method, "
+ . "apiversion, "
+ . "comments) "
+ . "VALUES "
+ . "($keyid, "
+ . "NOW(), "
+ . "'$remoteIP', "
+ . "'$function', "
+ . "$apiversion, "
+ . "'$saveargs')";
+ doQuery($query, 101);
+ }
}
else {
printXMLRPCerror(2);
