Skip to content
GitLab
Projects
Groups
Snippets
/
Help
Help
Support
Community forum
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in
Toggle navigation
Menu
Open sidebar
moodle
moodle
Commits
8b9196d7
Commit
8b9196d7
authored
Mar 06, 2017
by
Dan Poltawski
Browse files
Merge branch 'MDL-57887-nginx-username-logging' of
https://github.com/brendanheywood/moodle
parents
892ceeb7
c31a35b5
Changes
2
Hide whitespace changes
Inline
Side-by-side
config-dist.php
View file @
8b9196d7
...
...
@@ -385,7 +385,15 @@ $CFG->admin = 'admin';
// LogFormat "%h %l %{MOODLEUSER}n %t \"%r\" %s %b \"%{Referer}i\" \"%{User-Agent}i\"" moodleformat
// And in the part specific to your Moodle install / virtualhost:
// CustomLog "/your/path/to/log" moodleformat
// CAUTION: Use of this option will expose usernames in the Apache log,
//
// Alternatively for other webservers such as nginx, you can instead have the username sent via a http header
// 'X-MOODLEUSER' which can be saved in the logfile and then stripped out before being sent to the browser:
// $CFG->headerloguser = 0; // Turn this feature off. Default value.
// $CFG->headerloguser = 1; // Log user id.
// $CFG->headerloguser = 2; // Log full name in cleaned format. ie, Darth Vader will be displayed as darth_vader.
// $CFG->headerloguser = 3; // Log username.
//
// CAUTION: Use of this option will expose usernames in the Apache / nginx log,
// If you are going to publish your log, or the output of your web stats analyzer
// this will weaken the security of your website.
//
...
...
lib/setup.php
View file @
8b9196d7
...
...
@@ -915,36 +915,54 @@ if (!empty($CFG->debugvalidators) and !empty($CFG->guestloginbutton)) {
// Apache log integration. In apache conf file one can use ${MOODULEUSER}n in
// LogFormat to get the current logged in username in moodle.
if
(
$USER
&&
function_exists
(
'apache_note'
)
&&
!
empty
(
$CFG
->
apacheloguser
)
&&
isset
(
$USER
->
username
))
{
$apachelog_userid
=
$USER
->
id
;
$apachelog_username
=
clean_filename
(
$USER
->
username
);
$apachelog_name
=
''
;
if
(
isset
(
$USER
->
firstname
))
{
// We can assume both will be set
// - even if to empty.
$apachelog_name
=
clean_filename
(
$USER
->
firstname
.
" "
.
$USER
->
lastname
);
// Alternatvely for other web servers a header X-MOODLEUSER can be set which
// can be using in the logfile and stripped out if needed.
if
(
$USER
&&
isset
(
$USER
->
username
))
{
$logmethod
=
''
;
$logvalue
=
0
;
if
(
!
empty
(
$CFG
->
apacheloguser
)
&&
function_exists
(
'apache_note'
))
{
$logmethod
=
'apache'
;
$logvalue
=
$CFG
->
apacheloguser
;
}
if
(
\
core\session\manager
::
is_loggedinas
())
{
$realuser
=
\
core\session\manager
::
get_realuser
();
$apachelog_username
=
clean_filename
(
$realuser
->
username
.
" as "
.
$apachelog_username
);
$apachelog_name
=
clean_filename
(
$realuser
->
firstname
.
" "
.
$realuser
->
lastname
.
" as "
.
$apachelog_name
);
$apachelog_userid
=
clean_filename
(
$realuser
->
id
.
" as "
.
$apachelog_userid
);
if
(
!
empty
(
$CFG
->
headerloguser
))
{
$logmethod
=
'header'
;
$logvalue
=
$CFG
->
headerloguser
;
}
switch
(
$CFG
->
apacheloguser
)
{
case
3
:
$logname
=
$apachelog_username
;
break
;
case
2
:
$logname
=
$apachelog_name
;
break
;
case
1
:
default
:
$logname
=
$apachelog_userid
;
break
;
if
(
!
empty
(
$logmethod
))
{
$loguserid
=
$USER
->
id
;
$logusername
=
clean_filename
(
$USER
->
username
);
$logname
=
''
;
if
(
isset
(
$USER
->
firstname
))
{
// We can assume both will be set
// - even if to empty.
$logname
=
clean_filename
(
$USER
->
firstname
.
" "
.
$USER
->
lastname
);
}
if
(
\
core\session\manager
::
is_loggedinas
())
{
$realuser
=
\
core\session\manager
::
get_realuser
();
$logusername
=
clean_filename
(
$realuser
->
username
.
" as "
.
$logusername
);
$logname
=
clean_filename
(
$realuser
->
firstname
.
" "
.
$realuser
->
lastname
.
" as "
.
$logname
);
$loguserid
=
clean_filename
(
$realuser
->
id
.
" as "
.
$loguserid
);
}
switch
(
$logvalue
)
{
case
3
:
$logname
=
$logusername
;
break
;
case
2
:
$logname
=
$logname
;
break
;
case
1
:
default
:
$logname
=
$loguserid
;
break
;
}
if
(
$logmethod
==
'apache'
)
{
apache_note
(
'MOODLEUSER'
,
$logname
);
}
if
(
$logmethod
==
'header'
)
{
header
(
"X-MOODLEUSER:
$logname
"
);
}
}
apache_note
(
'MOODLEUSER'
,
$logname
);
}
// Ensure the urlrewriteclass is setup correctly (to avoid crippling site).
...
...
Write
Preview
Supports
Markdown
0%
Try again
or
attach a new file
.
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment