Fossil

Check-in [e3b3c5cf]
Login

Many hyperlinks are disabled.
Use anonymous login to enable hyperlinks.

Overview
Comment:Improvements to the access log. The display is still primitive.
Downloads: Tarball | ZIP archive | SQL archive
Timelines: family | ancestors | descendants | both | trunk
Files: files | file ages | folders
SHA1:e3b3c5cfbb65b2727d9550d0725c1c9728cdc1b2
User & Date: drh 2011-01-19 15:43:57
Context
2011-01-19
16:16
Add some primitive clean-up buttons on the access log. check-in: a37abeca user: drh tags: trunk
15:43
Improvements to the access log. The display is still primitive. check-in: e3b3c5cf user: drh tags: trunk
02:57
Add a primitive display of the access-log history. check-in: f274222e user: drh tags: trunk
Changes
Hide Diffs Unified Diffs Ignore Whitespace Patch

Changes to src/login.c.

211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
    blob_init(&b, zNow, -1);
    blob_appendf(&b, "/%z/%s", ipPrefix(zIpAddr), db_get("captcha-secret",""));
    sha1sum_blob(&b, &b);
    zCookie = sqlite3_mprintf("anon/%s/%s", zNow, blob_buffer(&b));
    blob_reset(&b);
    free(zNow);
    cgi_set_cookie(zCookieName, zCookie, 0, 6*3600);
    record_login_attempt("anonyous", zIpAddr, 1);
    redirect_to_g();
  }
  if( zUsername!=0 && zPasswd!=0 && zPasswd[0]!=0 ){
    zSha1Pw = sha1_shared_secret(zPasswd, zUsername);
    uid = db_int(0,
        "SELECT uid FROM user"
        " WHERE login=%Q"







|







211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
    blob_init(&b, zNow, -1);
    blob_appendf(&b, "/%z/%s", ipPrefix(zIpAddr), db_get("captcha-secret",""));
    sha1sum_blob(&b, &b);
    zCookie = sqlite3_mprintf("anon/%s/%s", zNow, blob_buffer(&b));
    blob_reset(&b);
    free(zNow);
    cgi_set_cookie(zCookieName, zCookie, 0, 6*3600);
    record_login_attempt("anonymous", zIpAddr, 1);
    redirect_to_g();
  }
  if( zUsername!=0 && zPasswd!=0 && zPasswd[0]!=0 ){
    zSha1Pw = sha1_shared_secret(zPasswd, zUsername);
    uid = db_int(0,
        "SELECT uid FROM user"
        " WHERE login=%Q"

Changes to src/user.c.

387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403


404

405
406
407
408
409
410

411
412






413







414
415


416
417
418
419
420
421
422




423
424
425
426
427
428
429
430




431
432
433
434
    " WHERE length(pw)>0 AND length(pw)!=40"
  );
}

/*
** WEBPAGE: access_log
**
**    s        Success only
**    f        Failures only
**    n=N      Number of entries to show
**    o=N      Skip this many entries
*/
void access_log_page(void){
  int bSuccessOnly = P("s")!=0;
  int bFailOnly = P("f")!=0;
  int n = atoi(PD("n","50"));
  int skip = atoi(PD("o","0"));


  Stmt q;


  login_check_credentials();
  if( !g.okAdmin ){ login_needed(); return; }

  style_header("Access Log");
  db_prepare(&q,

    "SELECT uname, ipaddr, datetime(mtime), success"
    "  FROM accesslog ORDER BY mtime DESC"






    " LIMIT %d OFFSET %d", n, skip);







  @ <table border="1" cellpadding="5">
  @ <tr><th>Date</th><th>User</th><th>IP Address</th><th>Success?</th></tr>


  while( db_step(&q)==SQLITE_ROW ){
    const char *zName = db_column_text(&q, 0);
    const char *zIP = db_column_text(&q, 1);
    const char *zDate = db_column_text(&q, 2);
    int bSuccess = db_column_int(&q, 3);
    if( bSuccessOnly && bSuccess==0 ) continue;
    if( bFailOnly && bSuccess!=0 ) continue;




    if( bSuccess ){
      @ <tr>
    }else{
      @ <tr bgcolor="#ffacc0">
    }
    @ <td>%s(zDate)</td><td>%h(zName)</td><td>%h(zIP)</td>
    @ <td>%s(bSuccess?"yes":"no")</td></tr>
  }




  @ </table>
  db_finalize(&q);
  style_footer();
}







|
<




|
<


>
>

>





|
>
|
|
>
>
>
>
>
>
|
>
>
>
>
>
>
>
|
<
>
>





|
|
>
>
>
>





|
<

>
>
>
>
|



387
388
389
390
391
392
393
394

395
396
397
398
399

400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429

430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448

449
450
451
452
453
454
455
456
457
    " WHERE length(pw)>0 AND length(pw)!=40"
  );
}

/*
** WEBPAGE: access_log
**
**    y=N      1: success only.  2: failure only.  3: both

**    n=N      Number of entries to show
**    o=N      Skip this many entries
*/
void access_log_page(void){
  int y = atoi(PD("y","3"));

  int n = atoi(PD("n","50"));
  int skip = atoi(PD("o","0"));
  const char *zNow;
  Blob sql;
  Stmt q;
  int cnt = 0;

  login_check_credentials();
  if( !g.okAdmin ){ login_needed(); return; }

  style_header("Access Log");
  blob_zero(&sql);
  blob_append(&sql, 
    "SELECT uname, ipaddr, datetime(mtime, 'localtime'), success"
    "  FROM accesslog", -1
  );
  if( y==1 ){
    blob_append(&sql, "  WHERE success", -1);
  }else if( y==2 ){
    blob_append(&sql, "  WHERE NOT success", -1);
  }
  blob_appendf(&sql,"  ORDER BY mtime DESC LIMIT %d OFFSET %d", n+1, skip);
  if( skip ){
    style_submenu_element("Newer", "Newer entries",
              "%s/access_log?o=%d&n=%d&y=%d", g.zTop, skip>=n ? skip-n : 0,
              n, y);
  }
  db_prepare(&q, blob_str(&sql));
  zNow = db_text(0, "SELECT datetime('now','localtime');");
  @ <center><table border="1" cellpadding="5">

  @ <tr><th width="33%%">Date</th><th width="34%%">User</th>
  @ <th width="33%%">IP Address</th></tr>
  while( db_step(&q)==SQLITE_ROW ){
    const char *zName = db_column_text(&q, 0);
    const char *zIP = db_column_text(&q, 1);
    const char *zDate = db_column_text(&q, 2);
    int bSuccess = db_column_int(&q, 3);
    cnt++;
    if( cnt>n ){
      style_submenu_element("Older", "Older entries",
                  "%s/access_log?o=%d&n=%d&y=%d", g.zTop, skip+n, n, y);
      break;
    }
    if( bSuccess ){
      @ <tr>
    }else{
      @ <tr bgcolor="#ffacc0">
    }
    @ <td>%s(zDate)</td><td>%h(zName)</td><td>%h(zIP)</td></tr>

  }
  if( skip>0 || cnt>n ){
    style_submenu_element("All", "All entries",
          "%s/access_log?n=10000000", g.zTop);
  }
  @ </table></center>
  db_finalize(&q);
  style_footer();
}