2014-07-14 Vanessa Gil <vanessa.gil@artica.es>

* godmode/admin_access_log.php
	  include/functions.php: Added export to csv.

	* godmode/audit_log_csv.php: Added file.


git-svn-id: https://svn.code.sf.net/p/pandora/code/trunk@10339 c3f86ba8-e40f-0410-aaad-9ba5e7f4b01f

pandora_console/ChangeLog

@@ -1,3 +1,10 @@
+2014-07-14  Vanessa Gil <vanessa.gil@artica.es>
+
+	* godmode/admin_access_log.php
+	  include/functions.php: Added export to csv.
+
+	* godmode/audit_log_csv.php: Added file.
+
 2014-07-10  Miguel de Dios <miguel.dedios@artica.es>
 	
 	* include/functions_api.php: fixed the call "set_update_agent"

pandora_console/godmode/admin_access_logs.php

@@ -295,6 +295,13 @@ foreach ($result as $row) {
 
 html_print_table ($table);
 
+echo '<div style="width: '.$table->width.'" class="action-buttons">';
+echo '<a href="' .
+			ui_get_full_url(false, false, false, false) . 'godmode/audit_log_csv.php?tipo_log='.$tipo_log.'&user_filter='.$user_filter.'&filter_text='.$filter_text.'&filter_hours_old='.$filter_hours_old.'&filter_ip='.$filter_ip.'"'.
+			'target="_new">' .
+			html_print_button (__('Export to CSV '), 'export_csv', false, '', 'class=sub next', true, false). '</a>';
+echo '</div>';
+
 if ($enterprise_include !== ENTERPRISE_NOT_HOOK) {
 	enterprise_hook('enterpriseAuditFooter');
 }

pandora_console/godmode/audit_log_csv.php

@@ -0,0 +1,137 @@
+<?php
+// ______                 __                     _______ _______ _______
+//|   __ \.---.-.-----.--|  |.-----.----.---.-. |    ___|   |   |     __|
+//|    __/|  _  |     |  _  ||  _  |   _|  _  | |    ___|       |__     |
+//|___|   |___._|__|__|_____||_____|__| |___._| |___|   |__|_|__|_______|
+//
+// ============================================================================
+// Copyright (c) 2007-2010 Artica Soluciones Tecnologicas, http://www.artica.es
+// This code is NOT free software. This code is NOT licenced under GPL2 licence
+// You cannnot redistribute it without written permission of copyright holder.
+// ============================================================================
+
+if (file_exists("../../../include/config.php"))
+	require ("../../../include/config.php");
+else  {
+	//TODO FIX AND SET AS RELATIVE DIRECTORY
+	if (file_exists("/var/www/pandora_console/include/config.php"))
+		require ("/var/www/pandora_console/include/config.php");
+	if (file_exists("/srv/www/htdocs/pandora_console/include/config.php"))
+		require ("/srv/www/htdocs/pandora_console/include/config.php");
+}
+
+global $config;
+
+require_once ($config["homedir"]."/include/functions.php");
+require_once ($config["homedir"]."/include/functions_db.php");
+require_once ($config["homedir"]."/enterprise/include/functions_reporting_csv.php");
+require_once ($config["homedir"]."/include/auth/mysql.php");
+
+error_reporting(E_ALL);
+ini_set("display_errors", 1);
+
+if (! isset ($_SESSION["id_usuario"])) {
+	session_start ();
+	session_write_close ();
+}
+
+
+// Login check
+if (!isset($_SESSION["id_usuario"])) {
+	$config['id_user'] = null;
+}
+else {
+	$config['id_user'] = $_SESSION["id_usuario"];
+}
+
+if (!check_login()) {
+	db_pandora_audit("ACL Violation", "Trying to access graph builder");
+	include ($config["homedir"]."/general/noaccess.php");
+	return;
+}
+
+if (! check_acl ($config['id_user'], 0, "PM")) {
+	db_pandora_audit( "ACL Violation",
+		"Trying to access event viewer");
+	require ("general/noaccess.php");
+	exit;
+}
+
+$tipo_log = get_parameter ("tipo_log", 'all');
+$user_filter = get_parameter('user_filter', 'all');
+$filter_text = get_parameter('filter_text', '');
+$filter_hours_old = get_parameter('filter_hours_old', 24);
+$filter_ip = get_parameter('filter_ip', '');
+
+$filter = 'WHERE 1 = 1';
+
+if ($tipo_log != 'all') {
+	$filter .= " AND accion = '$tipo_log'";
+}
+switch ($config['dbtype']) {
+	case "mysql":
+		if ($user_filter != 'all') {
+			$filter .= sprintf(' AND id_usuario = "%s"', $user_filter);
+		}
+		
+		$filter .= ' AND (accion LIKE "%' . $filter_text . '%" OR descripcion LIKE "%' . $filter_text . '%")';
+		
+		if ($filter_ip != '') {
+			$filter .= sprintf(' AND ip_origen LIKE "%s"', $filter_ip);
+		}
+		break;
+	case "postgresql":
+	case "oracle":
+		if ($user_filter != 'all') {
+			$filter .= sprintf(' AND id_usuario = \'%s\'', $user_filter);
+		}
+		
+		$filter .= ' AND (accion LIKE \'%' . $filter_text . '%\' OR descripcion LIKE \'%' . $filter_text . '%\')';
+		
+		if ($filter_ip != '') {
+			$filter .= sprintf(' AND ip_origen LIKE \'%s\'', $filter_ip);
+		}
+		break;
+}
+
+if ($filter_hours_old != 0) {
+	switch ($config["dbtype"]) {
+		case "mysql":
+			$filter .= ' AND fecha >= DATE_ADD(NOW(), INTERVAL -' . $filter_hours_old . ' HOUR)';
+			break;
+		case "postgresql":
+			$filter .= ' AND fecha >= NOW() - INTERVAL \'' . $filter_hours_old . ' HOUR \'';
+			break;
+		case "oracle":
+			$filter .= ' AND fecha >= (SYSTIMESTAMP - INTERVAL \'' . $filter_hours_old . '\' HOUR)';
+			break;
+	}
+}
+
+switch ($config["dbtype"]) {
+	case "mysql":
+		$sql = sprintf ("SELECT *
+			FROM tsesion
+			%s
+			ORDER BY fecha DESC", $filter);
+		break;
+	case "postgresql":
+		$sql = sprintf ("SELECT *
+			FROM tsesion
+			%s
+			ORDER BY fecha DESC", $filter);
+		break;
+	case "oracle":
+		$sql = sprintf ("SELECT *
+			FROM tsesion
+			%s
+			ORDER BY fecha DESC", $filter);
+		$result = oracle_recode_query ($sql, $set);
+		break;
+}
+
+$result = db_get_all_rows_sql ($sql);
+
+print_audit_csv ($result);
+
+?>

pandora_console/include/functions.php

@@ -2134,4 +2134,29 @@ function get_news($arguments) {
 	return $news;
 }
 
+
+/**
+ * Print audit data in CSV format.
+ *
+ * @param array Audit data.
+ *
+ */
+function print_audit_csv ($data) {
+	global $config;
+	global $graphic_type;
+
+	$config['ignore_callback'] = true;
+	while (@ob_end_clean ());
+	
+	header("Content-type: application/octet-stream");
+	header("Content-Disposition: attachment; filename=audit_log".date("Y-m-d_His").".csv");
+	header("Pragma: no-cache");
+	header("Expires: 0");
+	
+	echo __('User') . ';' . __('Action') . ';' . __('Date') . ';' . __('Source ID') . ';'. __('Comments') ."\n";
+	foreach ($data as $line) {
+		echo io_safe_output($line['id_usuario']) . ';' .  io_safe_output($line['accion']) . ';' .  $line['fecha'] . ';' .  $line['ip_origen'] . ';'.  io_safe_output($line['descripcion']). "\n";
+	}
+}
+
 ?>