Commit db92d73b authored by Dries's avatar Dries

- Improved watchdog and submission throttle: removed redundant code,
  streamlined the existing code, added new watchdog type called "httpd"
  for Apache errors.  The latter should make it easier to add watchdog
  filters later on.

- Clarified some watchdog messages.
parent 7d631fb6
......@@ -2,13 +2,13 @@
include_once "includes/common.inc";
$errors = array(500 => "500 error - internal server error",
404 => "404 error - `$REDIRECT_URL' not found",
403 => "403 error - access denied - forbidden",
401 => "401 error - authorization required",
400 => "400 error - bad request");
$errors = array(500 => "500 error: internal server error",
404 => "404 error: `$REDIRECT_URL' not found",
403 => "403 error: access denied - forbidden",
401 => "401 error: authorization required",
400 => "400 error: bad request");
watchdog("error", $errors[$REDIRECT_STATUS]);
watchdog("httpd", $errors[$REDIRECT_STATUS]);
header("Location: index.php");
......
......@@ -19,21 +19,19 @@ function error_handler($errno, $message, $filename, $line, $variables) {
}
function watchdog($type, $message) {
global $user, $watchdog, $PHP_SELF;
$link = ($mod) ? $mod : substr(strrchr($PHP_SELF, "/"), 1, strrchr($PHP_SELF, "/") - 4);
db_query("INSERT INTO watchdog (user, type, link, message, location, hostname, timestamp) VALUES ('$user->id', '". check_input($type) ."', '". check_input($link) ."', '". check_input($message) ."', '". check_input(getenv("REQUEST_URI")) ."', '". check_input(getenv("REMOTE_ADDR")) ."', '". time() ."')");
global $user;
db_query("INSERT INTO watchdog (user, type, message, location, hostname, timestamp) VALUES ('$user->id', '". check_input($type) ."', '". check_input($message) ."', '". check_input(getenv("REQUEST_URI")) ."', '". check_input(getenv("REMOTE_ADDR")) ."', '". time() ."')");
}
function throttle($type, $rate) {
global $user;
if (!(user_access($user, "watchdog") || user_access($user, "comment") || user_access($user, "node"))) {
if (!user_access($user)) {
if ($throttle = db_fetch_object(db_query("SELECT * FROM watchdog WHERE type = '$type' AND hostname = '". getenv("REMOTE_ADDR") ."' AND ". time() ." - timestamp < $rate"))) {
watchdog("warning", "throttle: '". getenv("REMOTE_ADDR") ."' exceeded submission rate - $throttle->type");
header("Location: error.php?op=throttle");
die("submission rate exceeded");
die(message_throttle());
}
else {
watchdog($type, "throttle control");
watchdog($type, "throttle");
}
}
}
......@@ -48,10 +46,14 @@ function path_img() {
return "./images/";
}
function notice_account() {
function message_account() {
return t("This page requires a valid user account. Please <A HREF=\"account.php\">create a user account</A> and <A HREF=\"account.php\">login</A> prior to accessing it.");
}
function message_throttle() {
return t("You exceeded the submission rate exceeded. Please wait a few minutes and try again.");
}
function check_form($text) {
return htmlspecialchars(stripslashes($text));
}
......
......@@ -94,7 +94,7 @@ function node_save($node, $filter) {
}
else {
// verify submission rate:
throttle("post node", variable_get("max_node_rate", 900));
throttle("node", variable_get("max_node_rate", 900));
// prepare queries:
foreach ($filter as $field=>$value) {
......@@ -126,18 +126,19 @@ function node_save($node, $filter) {
if (($node[pid]) && ($node[status] == node_status("posted"))) {
db_query("UPDATE node SET status = '". node_status(expired) ."' WHERE nid = '$node[pid]'");
}
watchdog("special", "node: added $filter[type] '$node[title]'");
}
else {
watchdog("warning", "node: added '$node[title]' - failed");
watchdog("warning", "node: added $filter[type] '$node[title]' - failed");
}
}
else {
db_query("DELETE FROM node WHERE nid = '$nid'");
watchdog("warning", "node: added '$node[title]' - failed");
watchdog("warning", "node: added $filter[type] '$node[title]' - failed");
}
}
else {
watchdog("warning", "node: added '$node[title]' - failed");
watchdog("warning", "node: added $filter[type] '$node[title]' - failed");
}
}
......
......@@ -125,7 +125,7 @@ function queue_page() {
}
else {
$theme->header();
$theme->box(t("Moderation queue"), notice_account());
$theme->box(t("Moderation queue"), message_account());
$theme->footer();
}
}
......
......@@ -18,15 +18,15 @@ function watchdog_cron() {
}
function watchdog_overview() {
$colors = array(message => "#FFFFFF", special => "#836FFF", warning => "#FFAA22", error => "#EE2C2C");
$colors = array(message => "#FFFFFF", special => "#836FFF", warning => "#FFAA22", httpd => "#77BB77", error => "#EE2C2C");
$result = db_query("SELECT w.*, u.userid FROM watchdog w LEFT JOIN users u ON w.user = u.id ORDER BY timestamp DESC LIMIT 1000");
$output .= "<TABLE BORDER=\"1\" CELLPADDING=\"2\" CELLSPACING=\"2\">\n";
$output .= " <TR><TH>date</TH><TH>type</TH><TH>message</TH><TH>user</TH><TH>operations</TH></TR>\n";
$output .= " <TR><TH>date</TH><TH>message</TH><TH>user</TH><TH>operations</TH></TR>\n";
while ($watchdog = db_fetch_object($result)) {
if ($color = $colors[$watchdog->type]) {
$output .= " <TR BGCOLOR=\"$color\"><TD>". format_date($watchdog->timestamp) ."</TD><TD ALIGN=\"center\">$watchdog->link</TD><TD>". substr(check_output($watchdog->message), 0, 50) ."</TD><TD ALIGN=\"center\">". format_username($watchdog->userid) ."</A></TD><TD ALIGN=\"center\"><A HREF=\"admin.php?mod=watchdog&op=view&id=$watchdog->id\">details</A></TD></TR>\n";
$output .= " <TR BGCOLOR=\"$color\"><TD>". format_date($watchdog->timestamp) ."</TD><TD>". substr(check_output($watchdog->message), 0, 50) ."</TD><TD ALIGN=\"center\">". format_username($watchdog->userid) ."</A></TD><TD ALIGN=\"center\"><A HREF=\"admin.php?mod=watchdog&op=view&id=$watchdog->id\">details</A></TD></TR>\n";
}
}
$output .= "</TABLE>\n";
......
......@@ -18,15 +18,15 @@ function watchdog_cron() {
}
function watchdog_overview() {
$colors = array(message => "#FFFFFF", special => "#836FFF", warning => "#FFAA22", error => "#EE2C2C");
$colors = array(message => "#FFFFFF", special => "#836FFF", warning => "#FFAA22", httpd => "#77BB77", error => "#EE2C2C");
$result = db_query("SELECT w.*, u.userid FROM watchdog w LEFT JOIN users u ON w.user = u.id ORDER BY timestamp DESC LIMIT 1000");
$output .= "<TABLE BORDER=\"1\" CELLPADDING=\"2\" CELLSPACING=\"2\">\n";
$output .= " <TR><TH>date</TH><TH>type</TH><TH>message</TH><TH>user</TH><TH>operations</TH></TR>\n";
$output .= " <TR><TH>date</TH><TH>message</TH><TH>user</TH><TH>operations</TH></TR>\n";
while ($watchdog = db_fetch_object($result)) {
if ($color = $colors[$watchdog->type]) {
$output .= " <TR BGCOLOR=\"$color\"><TD>". format_date($watchdog->timestamp) ."</TD><TD ALIGN=\"center\">$watchdog->link</TD><TD>". substr(check_output($watchdog->message), 0, 50) ."</TD><TD ALIGN=\"center\">". format_username($watchdog->userid) ."</A></TD><TD ALIGN=\"center\"><A HREF=\"admin.php?mod=watchdog&op=view&id=$watchdog->id\">details</A></TD></TR>\n";
$output .= " <TR BGCOLOR=\"$color\"><TD>". format_date($watchdog->timestamp) ."</TD><TD>". substr(check_output($watchdog->message), 0, 50) ."</TD><TD ALIGN=\"center\">". format_username($watchdog->userid) ."</A></TD><TD ALIGN=\"center\"><A HREF=\"admin.php?mod=watchdog&op=view&id=$watchdog->id\">details</A></TD></TR>\n";
}
}
$output .= "</TABLE>\n";
......
......@@ -23,7 +23,7 @@
}
}
else {
$theme->box("Submit", notice_account());
$theme->box("Submit", message_account());
}
$theme->footer();
......
......@@ -237,3 +237,6 @@ ALTER TABLE node CHANGE attribute attributes varchar(255) DEFAULT '' NOT NULL;
ALTER TABLE bundle CHANGE attribute attributes varchar(255) DEFAULT '' NOT NULL;
ALTER TABLE feed CHANGE attribute attributes varchar(255) DEFAULT '' NOT NULL;
ALTER TABLE item CHANGE attribute attributes varchar(255) DEFAULT '' NOT NULL;
# 12/06/01
ALTER TABLE watchdog DROP link;
\ No newline at end of file
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment