29require
'../../main.inc.php';
30require_once DOL_DOCUMENT_ROOT.
'/core/class/events.class.php';
31require_once DOL_DOCUMENT_ROOT.
'/core/lib/date.lib.php';
32require_once DOL_DOCUMENT_ROOT.
'/core/triggers/interface_20_all_Logevents.class.php';
42$action =
GETPOST(
'action',
'aZ09');
43$confirm =
GETPOST(
'confirm',
'alpha');
44$optioncss =
GETPOST(
"optioncss",
"aZ");
45$contextpage =
GETPOST(
'contextpage',
'aZ') ?
GETPOST(
'contextpage',
'aZ') : str_replace(
'_',
'', basename(dirname(__FILE__)).basename(__FILE__,
'.php'));
48$langs->loadLangs(array(
"companies",
"admin",
"users",
"other",
"withdrawals"));
52$sortfield =
GETPOST(
'sortfield',
'aZ09comma');
53$sortorder =
GETPOST(
'sortorder',
'aZ09comma');
55if (empty($page) || $page == -1) {
58$offset = $limit * $page;
62 $sortfield =
"e.rowid";
68$search_rowid =
GETPOST(
"search_rowid",
"intcomma");
69$search_code =
GETPOST(
"search_code",
"alpha");
70$search_ip =
GETPOST(
"search_ip",
"alpha");
71$search_user =
GETPOST(
"search_user",
"alpha");
72$search_desc =
GETPOST(
"search_desc",
"alpha");
73$search_ua =
GETPOST(
"search_ua",
"restricthtml");
74$search_prefix_session =
GETPOST(
"search_prefix_session",
"restricthtml");
75$search_entity = ($user->entity > 0 ? $user->entity :
GETPOSTINT(
'search_entity'));
92if ($date_start !==
'' && $date_end !==
'' && $date_start > $date_end) {
93 $date_end = $date_start + 86400;
96if (!GETPOSTISSET(
'pageplusoneold') && !GETPOSTISSET(
'page') && $date_start ===
'') {
97 $date_start =
dol_get_first_day($nowarray[
'year'], $nowarray[
'mon'],
'tzuserrel');
99if (!GETPOSTISSET(
'pageplusoneold') && !GETPOSTISSET(
'page') && $date_end ===
'') {
100 $date_end =
dol_get_last_day($nowarray[
'year'], $nowarray[
'mon'],
'tzuserrel');
105$date_startmonth =
'';
110if ($date_start !==
'') {
112 $date_startday = $tmp[
'mday'];
113 $date_startmonth = $tmp[
'mon'];
114 $date_startyear = $tmp[
'year'];
116if ($date_end !==
'') {
118 $date_endday = $tmp[
'mday'];
119 $date_endmonth = $tmp[
'mon'];
120 $date_endyear = $tmp[
'year'];
125 'e.prefix_session' => array(
126 'label' =>
'UserAgent',
154if (
GETPOST(
'button_removefilter_x',
'alpha') ||
GETPOST(
'button_removefilter.x',
'alpha') ||
GETPOST(
'button_removefilter',
'alpha')) {
159 $date_startmonth =
'';
161 $date_startyear =
'';
169 $search_prefix_session =
'';
174if ($action ==
'confirm_purge' && $confirm ==
'yes' && $user->admin) {
178 $securityevents =
new Events($db);
181 $sql =
"DELETE FROM ".MAIN_DB_PREFIX.
"events";
182 $sql .=
" WHERE entity = ".$conf->entity;
185 $resql = $db->query($sql);
192 $text = $langs->trans(
"SecurityEventsPurged");
193 $securityevent =
new Events($db);
194 $securityevent->type =
'SECURITY_EVENTS_PURGE';
195 $securityevent->dateevent = $now;
196 $securityevent->description = $text;
198 $result = $securityevent->create($user);
214$title = $langs->trans(
"Audit");
215llxHeader(
'', $title,
'',
'', 0, 0,
'',
'',
'',
'mod-admin page-tools_listevents');
217$form =
new Form($db);
219$userstatic =
new User($db);
222$sql =
"SELECT e.rowid, e.type, e.ip, e.user_agent, e.dateevent,";
223$sql .=
" e.fk_user, e.description, e.prefix_session,";
224$sql .=
" u.login, u.admin, u.email, u.entity, u.firstname, u.lastname, u.gender, u.photo, u.statut as status";
225$sql .=
" FROM ".MAIN_DB_PREFIX.
"events as e";
226$sql .=
" LEFT JOIN ".MAIN_DB_PREFIX.
"user as u ON u.rowid = e.fk_user";
227if ($search_entity > 0) {
228 $sql .=
" WHERE e.entity = ".((int) $search_entity).
")";
230 $sql .=
" WHERE e.entity IN (".getEntity(
'event', (
GETPOSTINT(
'search_current_entity') ? 0 : 1)).
")";
232if ($date_start !==
'') {
233 $sql .=
" AND e.dateevent >= '".$db->idate($date_start).
"'";
235if ($date_end !==
'') {
236 $sql .=
" AND e.dateevent <= '".$db->idate($date_end).
"'";
262if ($search_prefix_session) {
264 $sql .=
natural_search(
"e.prefix_session", $search_prefix_session, 0);
266$sql .= $db->order($sortfield, $sortorder);
269$nbtotalofrecords =
'';
281$sql .= $db->plimit($limit + 1, $offset);
283$result = $db->query($sql);
285 $num = $db->num_rows($result);
289 if ($contextpage && $contextpage != $_SERVER[
"PHP_SELF"]) {
290 $param .=
'&contextpage='.urlencode($contextpage);
292 if ($limit > 0 && $limit !=
$conf->liste_limit) {
293 $param .=
'&limit='.((int) $limit);
295 if ($optioncss !=
'') {
296 $param .=
'&optioncss='.urlencode($optioncss);
298 if ($search_entity !=
'') {
299 $param .=
'&search_entity='.((int) $search_entity);
302 $param .=
'&search_rowid='.urlencode((
string) ($search_rowid));
305 $param .=
'&search_code='.urlencode($search_code);
308 $param .=
'&search_ip='.urlencode($search_ip);
311 $param .=
'&search_user='.urlencode($search_user);
314 $param .=
'&search_desc='.urlencode($search_desc);
317 $param .=
'&search_ua='.urlencode($search_ua);
319 if ($search_prefix_session) {
320 $param .=
'&search_prefix_session='.urlencode($search_prefix_session);
322 if ($date_startmonth) {
323 $param .=
"&date_startmonth=".((int) $date_startmonth);
325 if ($date_startday) {
326 $param .=
"&date_startday=".((int) $date_startday);
328 if ($date_startyear) {
329 $param .=
"&date_startyear=".((int) $date_startyear);
331 if ($date_endmonth) {
332 $param .=
"&date_endmonth=".((int) $date_endmonth);
335 $param .=
"&date_endday=".((int) $date_endday);
338 $param .=
"&date_endyear=".((int) $date_endyear);
343 $center =
'<a class="butActionDelete small" href="'.$_SERVER[
"PHP_SELF"].
'?action=purge">'.$langs->trans(
"Purge").
'</a>';
346 print
'<form method="POST" action="'.$_SERVER[
"PHP_SELF"].
'">';
347 print
'<input type="hidden" name="token" value="'.newToken().
'">';
350 print_barre_liste($langs->trans(
"ListOfSecurityEvents"), $page, $_SERVER[
"PHP_SELF"], $param, $sortfield, $sortorder, $center, $num, $nbtotalofrecords,
'setup', 0,
'',
'', $limit);
352 if ($action ==
'purge') {
353 $formquestion = array();
354 print $form->formconfirm($_SERVER[
"PHP_SELF"].
'?noparam=noparam', $langs->trans(
'PurgeAuditEvents'), $langs->trans(
'ConfirmPurgeAuditEvents'),
'confirm_purge', $formquestion,
'no', 1);
371 print
'<div class="div-table-responsive">';
372 print
'<table class="liste noborder centpercent">';
375 print
'<tr class="liste_titre">';
379 print
'<td class="liste_titre maxwidthsearch center">';
380 $searchpicto = $form->showFilterAndCheckAddButtons(0);
386 print
'<td class="liste_titre">';
387 print
'<input class="flat maxwidth50" type="text" name="search_rowid" value="'.dol_escape_htmltag($search_rowid).
'">';
391 print
'<td class="liste_titre" width="15%">';
392 print $form->selectDate($date_start ===
'' ? -1 : $date_start,
'date_start', 0, 0, 0,
'', 1, 0, 0,
'',
'',
'',
'', 1,
'',
'',
'tzuserrel');
393 print $form->selectDate($date_end ===
'' ? -1 : $date_end,
'date_end', 0, 0, 0,
'', 1, 0, 0,
'',
'',
'',
'', 1,
'',
'',
'tzuserrel');
396 print
'<td class="liste_titre">';
397 print
'<input class="flat maxwidth75" type="text" name="search_code" value="'.dol_escape_htmltag($search_code).
'">';
401 print
'<td class="liste_titre">';
402 print
'<input class="flat maxwidth75" type="text" name="search_ip" value="'.dol_escape_htmltag($search_ip).
'">';
405 print
'<td class="liste_titre">';
406 print
'<input class="flat maxwidth100" type="text" name="search_user" value="'.dol_escape_htmltag($search_user).
'">';
409 print
'<td class="liste_titre">';
413 print
'<td class="liste_titre left">';
414 print
'<input class="flat maxwidth100" type="text" name="search_ua" value="'.dol_escape_htmltag($search_ua).
'">';
417 if (!empty($arrayfields[
'e.prefix_session'][
'checked'])) {
418 print
'<td class="liste_titre left">';
419 print
'<input class="flat maxwidth100" type="text" name="search_prefix_session" value="'.dol_escape_htmltag($search_prefix_session).
'">';
425 print
'<td class="liste_titre maxwidthsearch">';
426 $searchpicto = $form->showFilterAndCheckAddButtons(0);
434 print
'<tr class="liste_titre">';
444 print_liste_field_titre(
"Description", $_SERVER[
"PHP_SELF"],
"e.description",
"", $param,
'', $sortfield, $sortorder);
445 print_liste_field_titre(
"UserAgent", $_SERVER[
"PHP_SELF"],
"e.user_agent",
"", $param,
'', $sortfield, $sortorder);
446 if (!empty($arrayfields[
'e.prefix_session'][
'checked'])) {
447 print_liste_field_titre(
"SuffixSessionName", $_SERVER[
"PHP_SELF"],
"e.prefix_session",
"", $param,
'', $sortfield, $sortorder);
455 while ($i < min($num, $limit)) {
456 $obj = $db->fetch_object($result);
458 print
'<tr class="oddeven">';
462 print
'<td class="center">';
463 $htmltext =
'<b>'.$langs->trans(
"UserAgent").
'</b>: '.($obj->user_agent ?
dol_string_nohtmltag($obj->user_agent) : $langs->trans(
"Unknown"));
464 $htmltext .=
'<br><b>'.$langs->trans(
"SuffixSessionName").
' (DOLSESSID_...)</b>: '.($obj->prefix_session ?
dol_string_nohtmltag($obj->prefix_session) : $langs->trans(
"Unknown"));
465 print $form->textwithpicto(
'', $htmltext);
470 print
'<td class="nowrap left">'.dol_escape_htmltag($obj->rowid).
'</td>';
473 print
'<td class="nowrap left">'.dol_print_date($db->jdate($obj->dateevent),
'%Y-%m-%d %H:%M:%S',
'tzuserrel').
'</td>';
476 print
'<td>'.dol_escape_htmltag($obj->type).
'</td>';
479 print
'<td class="nowraponall">';
484 print
'<td class="tdoverflowmax125">';
485 if ($obj->fk_user > 0) {
486 $userstatic->id = $obj->fk_user;
487 $userstatic->login = $obj->login;
488 $userstatic->admin = $obj->admin;
489 $userstatic->entity = $obj->entity;
490 $userstatic->status = $obj->status;
491 $userstatic->gender = $obj->gender;
492 $userstatic->photo = $obj->photo;
493 $userstatic->firstname = $obj->firstname;
494 $userstatic->lastname = $obj->lastname;
495 $userstatic->email = $obj->email;
497 if (isModEnabled(
'multicompany') && $userstatic->admin && !$userstatic->entity) {
498 print
img_picto($langs->trans(
"SuperAdministratorDesc"),
'redstar',
'class="valignmiddle paddingright"');
499 } elseif ($userstatic->admin) {
500 print
img_picto($langs->trans(
"AdministratorDesc"),
'star',
'class="valignmiddle paddingright"');
504 print $userstatic->getNomUrl(-1);
511 $text = $langs->trans($obj->description);
514 $val = explode(
' : ', $obj->description);
515 $text = $langs->trans($val[0], isset($val[1]) ? $val[1] :
'', isset($val[2]) ? $val[2] :
'', isset($val[3]) ? $val[3] :
'', isset($val[4]) ? $val[4] :
'');
517 if (preg_match(
'/\((.*)\)(.*)/i', $obj->description, $reg)) {
518 $val = explode(
',', $reg[1]);
519 $text = $langs->trans($val[0], isset($val[1]) ? $val[1] :
'', isset($val[2]) ? $val[2] :
'', isset($val[3]) ? $val[3] :
'', isset($val[4]) ? $val[4] :
'');
520 if (!empty($reg[2])) {
524 print
'<td class="tdoverflowmax400" title="'.dol_escape_htmltag($text).
'">';
529 print
'<td class="tdoverflowmax150" title="'.dol_escape_htmltag($obj->user_agent).
'">';
534 if (!empty($arrayfields[
'e.prefix_session'][
'checked'])) {
535 print
'<td class="tdoverflowmax150" title="'.dol_escape_htmltag($obj->prefix_session).
'">';
542 print
'<td class="right">';
543 $htmltext =
'<b>'.$langs->trans(
"UserAgent").
'</b>: '.($obj->user_agent ?
dol_string_nohtmltag($obj->user_agent) : $langs->trans(
"Unknown"));
544 $htmltext .=
'<br><b>'.$langs->trans(
"SuffixSessionName").
' (DOLSESSID_...)</b>: '.($obj->prefix_session ?
dol_string_nohtmltag($obj->prefix_session) : $langs->trans(
"Unknown"));
545 print $form->textwithpicto(
'', $htmltext);
555 if (!empty($arrayfields[
'e.prefix_session'][
'checked'])) {
559 print
'<tr><td colspan="'.$colspan.
'"><span class="opacitymedium">'.$langs->trans(
"NoEventFoundWithCriteria").
'</span></td></tr>';
561 print
'<tr><td colspan="'.$colspan.
'"><span class="opacitymedium">'.$langs->trans(
"NoEventOrNoAuditSetup").
'</span></td></tr>';
llxFooter($comment='', $zone='private', $disabledoutputofmessages=0)
Empty footer.
if(!defined('NOREQUIRESOC')) if(!defined( 'NOREQUIRETRAN')) if(!defined('NOTOKENRENEWAL')) if(!defined( 'NOREQUIREMENU')) if(!defined('NOREQUIREHTML')) if(!defined( 'NOREQUIREAJAX')) llxHeader($head='', $title='', $help_url='', $target='', $disablejs=0, $disablehead=0, $arrayofjs='', $arrayofcss='', $morequerystring='', $morecssonbody='', $replacemainareaby='', $disablenofollow=0, $disablenoindex=0)
Empty header.
static isEventActionTextKey($event_text)
Check if text contains an event action key.
Class to manage Dolibarr users.
dol_get_last_hour($date, $gm='tzserver')
Return GMT time for last hour of a given GMT date (it replaces hours, min and second part to 23:59:59...
dol_get_first_day($year, $month=1, $gm=false)
Return GMT time for first day of a month or year.
dol_get_last_day($year, $month=12, $gm=false)
Return GMT time for last day of a month or year.
dol_mktime($hour, $minute, $second, $month, $day, $year, $gm='auto', $check=1)
Return a timestamp date built from detailed information (by default a local PHP server timestamp) Rep...
setEventMessages($mesg, $mesgs, $style='mesgs', $messagekey='', $noduplicate=0, $attop=0)
Set event messages in dol_events session object.
print_barre_liste($title, $page, $file, $options='', $sortfield='', $sortorder='', $morehtmlcenter='', $num=-1, $totalnboflines='', $picto='generic', $pictoisfullpath=0, $morehtmlright='', $morecss='', $limit=-1, $selectlimitsuffix=0, $hidenavigation=0, $pagenavastextinput=0, $morehtmlrightbeforearrow='')
Print a title with navigation controls for pagination.
dol_print_ip($ip, $mode=0)
Return an IP formatted to be shown on screen.
img_picto($titlealt, $picto, $moreatt='', $pictoisfullpath=0, $srconly=0, $notitle=0, $alt='', $morecss='', $marginleftonlyshort=2)
Show picto whatever it's its name (generic function)
GETPOSTINT($paramname, $method=0)
Return the value of a $_GET or $_POST supervariable, converted into integer.
dol_string_nohtmltag($stringtoclean, $removelinefeed=1, $pagecodeto='UTF-8', $strip_tags=0, $removedoublespaces=1)
Clean a string from all HTML tags and entities.
natural_search($fields, $value, $mode=0, $nofirstand=0)
Generate natural SQL search string for a criteria (this criteria can be tested on one or several fiel...
dol_now($mode='auto')
Return date for now.
print_liste_field_titre($name, $file="", $field="", $begin="", $moreparam="", $moreattrib="", $sortfield="", $sortorder="", $prefix="", $tooltip="", $forcenowrapcolumntitle=0)
Show title line of an array.
GETPOST($paramname, $check='alphanohtml', $method=0, $filter=null, $options=null, $noreplace=0)
Return value of a param into GET or POST supervariable.
dol_print_error($db=null, $error='', $errors=null)
Displays error message system with all the information to facilitate the diagnosis and the escalation...
getDolGlobalString($key, $default='')
Return a Dolibarr global constant string value.
dol_syslog($message, $level=LOG_INFO, $ident=0, $suffixinfilename='', $restricttologhandler='', $logcontext=null)
Write log message into outputs.
dol_getdate($timestamp, $fast=false, $forcetimezone='')
Return an array with locale date info.
dol_escape_htmltag($stringtoescape, $keepb=0, $keepn=0, $noescapetags='', $escapeonlyhtmltags=0, $cleanalsojavascript=0)
Returns text escaped for inclusion in HTML alt or title or value tags, or into values of HTML input f...
global $conf
The following vars must be defined: $type2label $form $conf, $lang, The following vars may also be de...
accessforbidden($message='', $printheader=1, $printfooter=1, $showonlymessage=0, $params=null)
Show a message to say access is forbidden and stop program.