aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorplegall <plg@piwigo.org>2016-01-04 15:04:02 +0100
committerplegall <plg@piwigo.org>2016-01-04 15:04:02 +0100
commitf2f9e5ecb7d6c16332aaccf8bc7b1c4248e6e889 (patch)
treed1864d8a3e311868dd3f16719f25ea394e19b670
parentf4040a5a3a4fd371a230c54e17f819922c9a39b2 (diff)
feature #392, authentication keys, history log
When a user successfully performs an authentication with an auth_key, Piwigo registers it in the history table. For now, it is not shown/searchable in the history screen, but we can add it in the future and we can provide a plugin with specific details about authentication keys usage.
-rw-r--r--include/functions.inc.php2
-rw-r--r--include/functions_user.inc.php5
-rw-r--r--install/db/148-database.php39
3 files changed, 45 insertions, 1 deletions
diff --git a/include/functions.inc.php b/include/functions.inc.php
index 2119abe8f..578830ba5 100644
--- a/include/functions.inc.php
+++ b/include/functions.inc.php
@@ -446,6 +446,7 @@ INSERT INTO '.HISTORY_TABLE.'
image_id,
image_type,
format_id,
+ auth_key_id,
tag_ids
)
VALUES
@@ -459,6 +460,7 @@ INSERT INTO '.HISTORY_TABLE.'
'.(isset($image_id) ? $image_id : 'NULL').',
'.(isset($image_type) ? "'".$image_type."'" : 'NULL').',
'.(isset($format_id) ? $format_id : 'NULL').',
+ '.(isset($page['auth_key_id']) ? $page['auth_key_id'] : 'NULL').',
'.(isset($tags_string) ? "'".$tags_string."'" : 'NULL').'
)
;';
diff --git a/include/functions_user.inc.php b/include/functions_user.inc.php
index ba4ed6808..cd186183a 100644
--- a/include/functions_user.inc.php
+++ b/include/functions_user.inc.php
@@ -1472,7 +1472,7 @@ function get_recent_photos_sql($db_field)
*/
function auth_key_login($auth_key)
{
- global $conf, $user;
+ global $conf, $user, $page;
if ($user['id'] != $conf['guest_id'])
{
@@ -1519,6 +1519,9 @@ SELECT
log_user($user['id'], false);
trigger_notify('login_success', stripslashes($key['username']));
+ // to be registered in history table by pwg_log function
+ $page['auth_key_id'] = $key['auth_key_id'];
+
return true;
}
diff --git a/install/db/148-database.php b/install/db/148-database.php
new file mode 100644
index 000000000..79edebdbc
--- /dev/null
+++ b/install/db/148-database.php
@@ -0,0 +1,39 @@
+<?php
+// +-----------------------------------------------------------------------+
+// | Piwigo - a PHP based photo gallery |
+// +-----------------------------------------------------------------------+
+// | Copyright(C) 2008-2015 Piwigo Team http://piwigo.org |
+// | Copyright(C) 2003-2008 PhpWebGallery Team http://phpwebgallery.net |
+// | Copyright(C) 2002-2003 Pierrick LE GALL http://le-gall.net/pierrick |
+// +-----------------------------------------------------------------------+
+// | This program is free software; you can redistribute it and/or modify |
+// | it under the terms of the GNU General Public License as published by |
+// | the Free Software Foundation |
+// | |
+// | This program is distributed in the hope that it will be useful, but |
+// | WITHOUT ANY WARRANTY; without even the implied warranty of |
+// | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU |
+// | General Public License for more details. |
+// | |
+// | You should have received a copy of the GNU General Public License |
+// | along with this program; if not, write to the Free Software |
+// | Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, |
+// | USA. |
+// +-----------------------------------------------------------------------+
+
+if (!defined('PHPWG_ROOT_PATH'))
+{
+ die('Hacking attempt!');
+}
+
+$upgrade_description = 'add auth_key_id in history table';
+
+// we use PREFIX_TABLE, in case Piwigo uses an external user table
+pwg_query('
+ALTER TABLE `'.PREFIX_TABLE.'history`
+ ADD COLUMN `auth_key_id` int(11) unsigned DEFAULT NULL
+;');
+
+echo "\n".$upgrade_description."\n";
+
+?>