marc
/
CiviProxy
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

make logging more secure (#17)

This commit is contained in:
systopia 2017-08-29 09:12:26 +02:00
parent 0c18d8c9e4
commit f29646cfac
2 changed files with 16 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
proxy/config.php
View File

@ -35,8 +35,10 @@ $target_mail_view = $target_civicrm . '/civicrm/mailing/view';
// Set to NULL/FALSE to disable the feature // Set to NULL/FALSE to disable the feature
$mail_subscription_user_key = NULL; $mail_subscription_user_key = NULL;
// CAREFUL: only enable temporarily on debug systems. Will log all queries to given PUBLIC file // CAREFUL: only enable temporarily on debug systems.
$debug = NULL; //'debug.log'; // Will log all queries to given PUBLIC file
// Also: use some random name (not this one!)
$debug = NULL; //'LUXFbiaoz4dVWuAHEcuBAe7YQ4YP96rN4MCDmKj89p.log';
// Local network interface or IP to be used for the relayed query // Local network interface or IP to be used for the relayed query
// This is usefull in some VPN configurations (see CURLOPT_INTERFACE) // This is usefull in some VPN configurations (see CURLOPT_INTERFACE)

13
proxy/proxy.php
View File

@ -135,7 +135,18 @@ function civiproxy_security_check($target, $quit=TRUE) {
global $debug; global $debug;
if (!empty($debug)) { if (!empty($debug)) {
$file = fopen($debug, 'a'); $file = fopen($debug, 'a');
fwrite($file, "REQUEST FROM " . $_SERVER['REMOTE_ADDR'] . " ON " . date('Y-m-d H:i:s') . ' -- ' . print_r($_REQUEST,1));
// filter log data
$log_data = $_REQUEST;
if (isset($log_data['api_key'])) {
$log_data['api_key'] = substr($log_data['api_key'], 0, 4) . '...';
}
if (isset($log_data['key'])) {
$log_data['key'] = substr($log_data['key'], 0, 4) . '...';
}
// write log record
fwrite($file, "REQUEST FROM " . $_SERVER['REMOTE_ADDR'] . " ON " . date('Y-m-d H:i:s') . ' -- ' . print_r($log_data ,1));
fclose($file); fclose($file);
} }