Email address no longer used in Audit log when accessing Portal. See #32
Email address no longer used in Audit log when accessing Portal. See #32

<?php <?php
/** Audit logging implementation /** Audit logging implementation
* *
* Copyright (C) 2012 B Tasker * Copyright (C) 2012 B Tasker
* Released under GNU GPL V2 * Released under GNU GPL V2
* See LICENSE * See LICENSE
* *
*/ */
defined('_CREDLOCK') or die; defined('_CREDLOCK') or die;
class Logging extends BTDB{ class Logging extends BTDB{
   
   
/** Create a new logEntry /** Create a new logEntry
* *
* @arg Cred - String - The credential being viewed/edited (this may also be a user id) * @arg Cred - String - The credential being viewed/edited (this may also be a user id)
* @arg action - Int: * @arg action - Int:
* *
* 0: User Created * 0: User Created
* 1: User Edited * 1: User Edited
* 2: User Deleted * 2: User Deleted
* 3: Customer Added * 3: Customer Added
* 4: Customer Edited * 4: Customer Edited
* 5: Customer Viewed * 5: Customer Viewed
* 6: Customer Deleted * 6: Customer Deleted
* 7: Credential Added * 7: Credential Added
* 8: Credential Edited * 8: Credential Edited
* 9: Credential Viewed * 9: Credential Viewed
* 10: Credential Deleted * 10: Credential Deleted
* 11: User logged in * 11: User logged in
* 12: User logged out * 12: User logged out
* 13: User Group Created * 13: User Group Created
* 14: User Group Deleted * 14: User Group Deleted
* 15: Credential Type Created * 15: Credential Type Created
* 16: Credential Type Deleted * 16: Credential Type Deleted
* 17: Credential Type Edited * 17: Credential Type Edited
* 18: User Group Edited * 18: User Group Edited
* *
* @return boolean * @return boolean
*/ */
function logEntry($cred,$action){ function logEntry($cred,$action){
   
$loggingenabled = BTMain::getConf()->loggingenabled; $loggingenabled = BTMain::getConf()->loggingenabled;
   
$user = BTMain::getUser()->name; // Added to allow logging of Portal actions without revealing email addresses
  if (BTMain::getUser()->PortalID){
  $user = BTMain::getUser()->PortalID;
  }else{
  $user = BTMain::getUser()->name;
  }
   
$useres = $this->stringEscape($user); $useres = $this->stringEscape($user);
$credes = $this->stringEscape($cred); $credes = $this->stringEscape($cred);
$actiones = $this->stringEscape($action); $actiones = $this->stringEscape($action);
$timestamp = date('Y-m-d H:i:s'); $timestamp = date('Y-m-d H:i:s');
   
if ($loggingenabled){ if ($loggingenabled){
   
$sql = "INSERT INTO #__Audit (`User`,`Cust`,`date`,`Action`) VALUES('$useres','$credes','$timestamp','$actiones')"; $sql = "INSERT INTO #__Audit (`User`,`Cust`,`date`,`Action`) VALUES('$useres','$credes','$timestamp','$actiones')";
$this->setQuery($sql); $this->setQuery($sql);
$res = $this->runQuery(); $res = $this->runQuery();
   
} }
   
$data->user = $user; $data->user = $user;
$data->cred = $cred; $data->cred = $cred;
$data->timestamp = $timestamp; $data->timestamp = $timestamp;
$data->action = $action; $data->action = $action;
   
$plg = new Plugins; $plg = new Plugins;
$plg->loadPlugins('Logging',$data); $plg->loadPlugins('Logging',$data);
   
return $res; return $res;
   
} }
   
   
   
} }
   
?> ?>