xinyin025/TravianZ
1
0
Fork 0
mirror of https://github.com/Shadowss/TravianZ.git synced 2026-06-28 00:24:23 +00:00
Code Issues Packages Projects Releases Wiki Activity

feat: access log config setting and a real get-post-cookie logger

Browse Source 
This is a very naive and primitive logger of user requests to the game.
To be used on systems where access to webserver's log data is not
available (especially if the webserver doesn't store POST data as well).
This commit is contained in:
Martin Ambrus
2017-10-28 18:59:16 +02:00
parent 133a5126f9
commit f5c3e029b5
44 changed files with 292 additions and 11 deletions
Download Patch File Download Diff File Expand all files Collapse all files
.htaccess
+5
View File
@@ -8,6 +8,11 @@
Deny from all
</Files>
<Files "*.log">
Order Allow,Deny
Deny from all
</Files>
<Files "installed">
Order Allow,Deny
Deny from all
a2b.php
+3
View File
@@ -9,7 +9,10 @@
## ##
#################################################################################
use App\Utils\AccessLogger;
include("GameEngine/Village.php");
AccessLogger::logRequest();
$start = $generator->pageLoadTimeStart();
if(isset($_GET['newdid'])) {
a2b2.php
+3
View File
@@ -10,8 +10,11 @@
## ##
#################################################################################
use App\Utils\AccessLogger;
include("GameEngine/Village.php");
AccessLogger::logRequest();
$amount = $_SESSION['amount'];
$start = $generator->pageLoadTimeStart();
if(isset($_GET['newdid'])) {
activate.php
+4
View File
@@ -10,7 +10,11 @@
## ##
#################################################################################
use App\Utils\AccessLogger;
include('GameEngine/Account.php');
AccessLogger::logRequest();
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
ajax.php
+23
View File
@@ -9,6 +9,29 @@
## ##
#################################################################################
// even with autoloader created, we can't use it here yet, as it's not been created
// ... so, let's see where it is and include it
$autoloader_found = false;
// go max 5 levels up - we don't have folders that go deeper than that
for ($i = 0; $i < 5; $i++) {
$autoprefix = str_repeat('../', $i);
if (file_exists($autoprefix.'autoloader.php')) {
$autoloader_found = true;
include_once $autoprefix.'autoloader.php';
break;
}
}
if (!$autoloader_found) {
die('Could not find autoloading class.');
}
// we need config to determine whether to log access or not
include_once($autoprefix.'GameEngine/config.php');
use App\Utils\AccessLogger;
AccessLogger::logRequest();
switch($_GET['f']) {
case 'k7':
header('Content-Type: application/json');
allianz.php
+4
View File
@@ -1,8 +1,12 @@
<?php
//fix by ronix
use App\Utils\AccessLogger;
if(isset($_GET['aid']) && !is_numeric($_GET['aid'])) die('Hacking Attemp');
include ("GameEngine/Village.php");
include ("GameEngine/Chat.php");
AccessLogger::logRequest();
$start = $generator->pageLoadTimeStart();
$alliance->procAlliance($_GET);
if(isset($_GET['newdid'])) {
anleitung.php
+3
View File
@@ -9,9 +9,12 @@
## ##
#################################################################################
use App\Utils\AccessLogger;
include("GameEngine/config.php");
include("GameEngine/Database.php");
include("GameEngine/Lang/".LANG.".php");
AccessLogger::logRequest();
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
anmelden.php
+4
View File
@@ -10,12 +10,16 @@
## ##
#################################################################################
use App\Utils\AccessLogger;
if(!file_exists('var/installed') && @opendir('install')) {
header("Location: install/");
exit;
}
include('GameEngine/Account.php');
AccessLogger::logRequest();
$invited=(isset($_GET['uid'])) ? filter_var($_GET['uid'], FILTER_SANITIZE_NUMBER_INT):$form->getError('invt');
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
banned.php
+5 -2
View File
@@ -9,9 +9,12 @@
## ##
#################################################################################
include("GameEngine/Village.php");
$start = $generator->pageLoadTimeStart();
use App\Utils\AccessLogger;
include("GameEngine/Village.php");
AccessLogger::logRequest();
$start = $generator->pageLoadTimeStart();
if($session->access == BANNED){
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
berichte.php
+4
View File
@@ -10,7 +10,11 @@
## ##
#################################################################################
use App\Utils\AccessLogger;
include("GameEngine/Village.php");
AccessLogger::logRequest();
$start = $generator->pageLoadTimeStart();
$message->noticeType($_GET);
$message->procNotice($_POST);
build.php
+4
View File
@@ -10,9 +10,13 @@
## ##
#################################################################################
use App\Utils\AccessLogger;
ob_start();
include_once("GameEngine/Village.php");
include_once("GameEngine/Units.php");
AccessLogger::logRequest();
if(isset($_GET['newdid'])) {
$_SESSION['wid'] = $_GET['newdid'];
header("Location: ".$_SERVER['PHP_SELF'].(isset($_GET['id'])?'?id='.$_GET['id']:(isset($_GET['gid'])?'?gid='.$_GET['gid']:'')));
celebration.php
+4
View File
@@ -8,7 +8,11 @@
## Copyright: TravianX (c) 2010-2011. All rights reserved. ##
## ##
#################################################################################
use App\Utils\AccessLogger;
include("GameEngine/Village.php");
AccessLogger::logRequest();
if(isset($_GET['newdid'])){
$_SESSION['wid'] = $_GET['newdid'];
header("Location: ".$_SERVER['PHP_SELF']);
create_account.php
+2
View File
@@ -19,6 +19,7 @@
use App\Entity\User;
use App\Utils\AccessLogger;
global $autoprefix;
@@ -34,6 +35,7 @@ for ($i = 0; $i < 5; $i++) {
include_once ($autoprefix."GameEngine/Session.php");
include_once ($autoprefix."GameEngine/config.php");
AccessLogger::logRequest();
/**
crop_finder.php
+3
View File
@@ -8,7 +8,10 @@
| Copyright: TravianX Project All rights reserved |
\*-------------------------------------------------------*/
use App\Utils\AccessLogger;
include ("GameEngine/Village.php");
AccessLogger::logRequest();
if($session->goldclub == 0) {
header("Location: plus.php?id=3");
dorf1.php
+4
View File
@@ -9,7 +9,11 @@
## Copyright: TravianX (c) 2010-2011. All rights reserved. ##
## ##
#################################################################################
use App\Utils\AccessLogger;
include("GameEngine/Village.php");
AccessLogger::logRequest();
$start = $generator->pageLoadTimeStart();
if(isset($_GET['ok'])){
$database->updateUserField($session->uid,'ok','0','1'); $_SESSION['ok'] = '0';
dorf2.php
+4
View File
@@ -9,7 +9,11 @@
## Copyright: TravianX (c) 2010-2011. All rights reserved. ##
## ##
#################################################################################
use App\Utils\AccessLogger;
include("GameEngine/Village.php");
AccessLogger::logRequest();
$start = $generator->pageLoadTimeStart();
if(isset($_GET['newdid'])) {
$_SESSION['wid'] = $_GET['newdid'];
dorf3.php
+4
View File
@@ -11,7 +11,11 @@
#################################################################################
use App\Utils\AccessLogger;
include("GameEngine/Village.php");
AccessLogger::logRequest();
$start = $generator->pageLoadTimeStart();
if(isset($_GET['newdid'])) {
$_SESSION['wid'] = $_GET['newdid'];
impressum.php
+3
View File
@@ -14,9 +14,12 @@
## ##
#################################################################################
use App\Utils\AccessLogger;
include("GameEngine/config.php");
include("GameEngine/Database.php");
include("GameEngine/Lang/".LANG.".php");
AccessLogger::logRequest();
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
index.php
+7 -2
View File
@@ -1,4 +1,6 @@
<?php
use App\Utils\AccessLogger;
#################################################################################
## ##
## -= YOU MUST NOT REMOVE OR CHANGE THIS NOTICE =- ##
@@ -44,8 +46,11 @@ else
{
die('Security: Please activate security class!');
}
include ("GameEngine/Database.php");
include ("GameEngine/Lang/".LANG.".php");
include_once "GameEngine/Database.php";
include_once "GameEngine/Lang/".LANG.".php";
AccessLogger::logRequest();
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
install/data/constant_format.tpl
+4
View File
@@ -305,6 +305,10 @@ define("MULTIHUNTER",8);
define("ADMIN",9);
define("COOKIE_EXPIRE", 60*60*24*7);
define("COOKIE_PATH", "/");
define("LOG_PAGE_ACCESS", false);
define("PAGE_ACCESS_LOG_DATE", true);
define("PAGE_ACCESS_LOG_IP", true);
define("PAGE_ACCESS_LOG_FILENAME", 'access.log'); // filename ONLY, no path!
////////////////////////////////////////////
karte.php
+4
View File
@@ -10,8 +10,12 @@
## ##
#################################################################################
use App\Utils\AccessLogger;
if(isset($_GET['z']) && !is_numeric($_GET['z'])) die('Hacking Attempt');
include("GameEngine/Village.php");
AccessLogger::logRequest();
$start = $generator->pageLoadTimeStart();
if(isset($_GET['newdid'])) {
$_SESSION['wid'] = $_GET['newdid'];
karte2.php
+5 -1
View File
@@ -8,8 +8,12 @@
## Copyright: TravianX (c) 2010-2011. All rights reserved. ##
## ##
#################################################################################
use App\Utils\AccessLogger;
include("GameEngine/Village.php");
$building->procBuild($_GET);
AccessLogger::logRequest();
$building->procBuild($_GET);
if($session->plus){
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
login.php
+4 -1
View File
@@ -10,13 +10,16 @@
## ##
#################################################################################
use App\Utils\AccessLogger;
if(!file_exists('var/installed') && @opendir('install')) {
header("Location: install/");
exit;
}
error_reporting(E_ALL);
include("GameEngine/Account.php");
AccessLogger::logRequest();
if(isset($_GET['del_cookie'])) {
setcookie("COOKUSR","",time()-3600*24,"/");
header("Location: login.php");
logout.php
+4
View File
@@ -11,7 +11,11 @@
#################################################################################
use App\Utils\AccessLogger;
include("GameEngine/Account.php");
AccessLogger::logRequest();
$start = $generator->pageLoadTimeStart();
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
massmessage.php
+5 -1
View File
@@ -10,7 +10,11 @@
## ##
#################################################################################
use App\Utils\AccessLogger;
include_once("GameEngine/Account.php");
AccessLogger::logRequest();
$max_per_pass = 1000;
if (mysqli_num_rows(mysqli_query($GLOBALS['link'],"SELECT id FROM ".TB_PREFIX."users WHERE access = 9 AND id = ".(int) $session->uid)) != '1') die("Hacking attemp!");
@@ -189,7 +193,7 @@ if (isset($_GET['send']) && isset($_GET['from']))
<?php echo MASS_UNITS; ?>
<a href="javascript:toggleDisplay('message_smilies')"><?php echo MASS_SHOWHIDE; ?></a>
<div id="smilll" id="message_smilies" style="background:none repeat scroll 0 0 #EFEFEF;border:1px solid #71D000;left:20px;margin-top:5px;max-width:660px;padding:5px;position:relative;display: none;">
<div id="message_smilies" style="background:none repeat scroll 0 0 #EFEFEF;border:1px solid #71D000;left:20px;margin-top:5px;max-width:660px;padding:5px;position:relative;display: none;">
<?php echo MASS_READ; ?>
<a href="#" onclick="smilie('*u1*')"><img src="img/x.gif" class="uu1" /></a>
<a href="#" onclick="smilie('*u2*')"><img src="img/x.gif" class="uu2" /></a>
nachrichten.php
+5 -1
View File
@@ -11,10 +11,14 @@
#################################################################################
use App\Utils\AccessLogger;
include("GameEngine/Village.php");
AccessLogger::logRequest();
$start = $generator->pageLoadTimeStart();
$message->procMessage($_POST);
if($_GET['t'] == 1){
if(isset($_GET['t']) && $_GET['t'] == 1){
$automation->isWinner();
}
if(isset($_GET['newdid'])) {
packages.php
+4
View File
@@ -9,7 +9,11 @@
## ##
#################################################################################
use App\Utils\AccessLogger;
include("GameEngine/Village.php");
AccessLogger::logRequest();
$start = $generator->pageLoadTimeStart();
$id = $_GET['id'];
if($session->access != BANNED){
password.php
+3
View File
@@ -9,6 +9,8 @@
## Copyright: TravianX (c) 2010-2011. All rights reserved. ##
## ##
#################################################################################
use App\Utils\AccessLogger;
if(!file_exists('var/installed') && @opendir('install')) {
header("Location: install/");
exit;
@@ -18,6 +20,7 @@ include("GameEngine/Lang/" . LANG . ".php");
include("GameEngine/Database.php");
include("GameEngine/Mailer.php");
include("GameEngine/Generator.php");
AccessLogger::logRequest();
if(!isset($_REQUEST['npw'])){
header("Location: login.php");
plus.php
+4
View File
@@ -11,7 +11,11 @@
#################################################################################
use App\Utils\AccessLogger;
include("GameEngine/Village.php");
AccessLogger::logRequest();
$start = $generator->pageLoadTimeStart();
if(isset($_GET['newdid'])) {
$_SESSION['wid'] = $_GET['newdid'];
plus1.php
+4
View File
@@ -1,6 +1,10 @@
<?php
use App\Utils\AccessLogger;
include("GameEngine/Village.php");
AccessLogger::logRequest();
$start = $generator->pageLoadTimeStart();
if(isset($_GET['newdid'])) {
$_SESSION['wid'] = $_GET['newdid'];
rules.php
+4
View File
@@ -11,7 +11,11 @@
#################################################################################
use App\Utils\AccessLogger;
include("GameEngine/Village.php");
AccessLogger::logRequest();
$start = $generator->pageLoadTimeStart();
if(isset($_GET['newdid'])) {
$_SESSION['wid'] = $_GET['newdid'];
spieler.php
+4
View File
@@ -9,8 +9,12 @@
## Copyright: TravianX (c) 2010-2011. All rights reserved. ##
## ##
#################################################################################
use App\Utils\AccessLogger;
ob_start();
include("GameEngine/Village.php");
AccessLogger::logRequest();
$start = $generator->pageLoadTimeStart();
$profile->procProfile($_POST);
$profile->procSpecial($_GET);
spielregeln.php
+3
View File
@@ -9,9 +9,12 @@
## ##
#################################################################################
use App\Utils\AccessLogger;
include("GameEngine/config.php");
include("GameEngine/Database.php");
include("GameEngine/Lang/".LANG.".php");
AccessLogger::logRequest();
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
src/Database/IDbConnection.php
+1 -1
View File
@@ -3,7 +3,7 @@
## -= YOU MAY NOT REMOVE OR CHANGE THIS NOTICE =- ##
## --------------------------------------------------------------------------- ##
## Project: TravianZ ##
## Filename User.php ##
## Filename IDbConnection.php ##
## Developed by: martinambrus ##
## License: TravianZ Project ##
## Copyright: TravianZ (c) 2010-2017. All rights reserved. ##
src/Utils/AccessLogger.php
+112
View File
@@ -0,0 +1,112 @@
<?php
#################################################################################
## -= YOU MAY NOT REMOVE OR CHANGE THIS NOTICE =- ##
## --------------------------------------------------------------------------- ##
## Project: TravianZ ##
## Filename AccessLogger.php ##
## Developed by: martinambrus ##
## License: TravianZ Project ##
## Copyright: TravianZ (c) 2010-2017. All rights reserved. ##
## URLs: https://travian.martinambrus.com ##
## Source code: https://github.com/Shadowss/TravianZ ##
## ##
#################################################################################
namespace App\Utils;
/**
* Logs all user access (URLs, REQUEST data, Cookies...)
* into a file. Usually used in hostings that do not provide
* web server access logs, let alone ones that include
* POST data and Cookies.
*
* @author martinambrus
*/
class AccessLogger {
/**
* Logs current request into a file defined via config constant.
*/
public static function logRequest() {
try {
if (defined('LOG_PAGE_ACCESS') && LOG_PAGE_ACCESS) {
// go max 5 levels up - we don't have folders that go deeper than that
$autoprefix = '';
for ($i = 0; $i < 5; $i++) {
$autoprefix = str_repeat('../', $i);
if (file_exists($autoprefix.'autoloader.php')) {
// we have our path, let's leave
break;
}
}
// determine log file name
$fname = $autoprefix.'var/log/'.(defined('PAGE_ACCESS_LOG_FILENAME') ? PAGE_ACCESS_LOG_FILENAME : 'access.log');
// prepare a prefix for the log record
$prefix = [];
// add date
if (!defined('PAGE_ACCESS_LOG_DATE') || (defined('PAGE_ACCESS_LOG_DATE') && PAGE_ACCESS_LOG_DATE)) {
$prefix[] = date('j.m.Y H:i:s');
}
// add IP
if (!defined('PAGE_ACCESS_LOG_IP') || (defined('PAGE_ACCESS_LOG_IP') && PAGE_ACCESS_LOG_IP)) {
$prefix[] = $_SERVER['REMOTE_ADDR'];
}
// add the actual file name
$prefix[] = $_SERVER['PHP_SELF'];
// make prefix a string
$prefix = implode(" ", $prefix);
// add cookie info
if (count($_COOKIE)) {
$out = [];
foreach ($_COOKIE as $key => $value) {
$out[] = $key.'='.$value;
}
// write the log line
$cookie = implode("&", $out);
} else {
$cookie = '';
}
// add GET info
if (count($_GET)) {
$out = [];
foreach ($_GET as $key => $value) {
$out[] = $key.'='.$value;
}
$get_info = '?'.implode("&", $out);
} else {
$get_info = '';
}
// write the log line
file_put_contents($fname, $prefix . $get_info . "\t" . $cookie . "\n", FILE_APPEND);
// add POST info
if (count($_POST)) {
$out = [];
foreach ($_POST as $key => $value) {
$out[] = $key.'='.$value;
}
// write the log line
file_put_contents($fname, "[POSTDATA] " . implode("&", $out) . "\n", FILE_APPEND);
}
}
return true;
} catch (\Exception $e) {
// we shouldn't raise exceptions if we can't log for some reason
// but we definitelly should return false
return false;
}
}
}
src/Utils/Math.php
+1 -1
View File
@@ -3,7 +3,7 @@
## -= YOU MAY NOT REMOVE OR CHANGE THIS NOTICE =- ##
## --------------------------------------------------------------------------- ##
## Project: TravianZ ##
## Filename User.php ##
## Filename Math.php ##
## Developed by: martinambrus ##
## License: TravianZ Project ##
## Copyright: TravianZ (c) 2010-2017. All rights reserved. ##
statistiken.php
+4
View File
@@ -11,7 +11,11 @@
#################################################################################
use App\Utils\AccessLogger;
include("GameEngine/Village.php");
AccessLogger::logRequest();
$__start = $generator->pageLoadTimeStart();
if(isset($_GET['rank'])){ $_POST['rank']==$_GET['rank']; }
$_GET['aid'] = $session->alliance;
support.php
+5 -1
View File
@@ -9,7 +9,11 @@
## Copyright: TravianX (c) 2010-2011. All rights reserved. ##
## ##
#################################################################################
include("GameEngine/Village.php");
use App\Utils\AccessLogger;
include("GameEngine/Village.php");
AccessLogger::logRequest();
$amount = $_SESSION['amount'];
$start = $generator->pageLoadTimeStart();
if(isset($_GET['newdid'])) {
sysmsg.php
+4
View File
@@ -9,7 +9,11 @@
## ##
#################################################################################
use App\Utils\AccessLogger;
include_once("GameEngine/Account.php");
AccessLogger::logRequest();
$max_per_pass = 1000;
if (mysqli_num_rows(mysqli_query($GLOBALS['link'],"SELECT id FROM ".TB_PREFIX."users WHERE access = 9 AND id = ".$session->uid)) != '1') die("Hacking attempt!");
tutorial.php
+3
View File
@@ -10,9 +10,12 @@
## ##
#################################################################################
use App\Utils\AccessLogger;
include("GameEngine/config.php");
include("GameEngine/Database.php");
include("GameEngine/Lang/".LANG.".php");
AccessLogger::logRequest();
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
var/log/access.log
View File
version.php
+4
View File
@@ -11,7 +11,11 @@
#################################################################################
use App\Utils\AccessLogger;
include("GameEngine/Village.php");
AccessLogger::logRequest();
$amount = $_SESSION['amount'];
$start = $generator->pageLoadTimeStart();
if(isset($_GET['newdid'])) {
warsim.php
+4
View File
@@ -11,7 +11,11 @@
#################################################################################
use App\Utils\AccessLogger;
include("GameEngine/Village.php");
AccessLogger::logRequest();
$start = $generator->pageLoadTimeStart();
$battle->procSim($_POST);
?>
winner.php
+4
View File
@@ -18,6 +18,8 @@
## ##
#################################################################################
use App\Utils\AccessLogger;
if (!function_exists('mysqli_result')) {
function mysqli_result($res, $row, $field=0) {
$res->data_seek($row);
@@ -27,6 +29,8 @@ if (!function_exists('mysqli_result')) {
}
include("GameEngine/Village.php");
AccessLogger::logRequest();
$start = $generator->pageLoadTimeStart();
if(isset($_GET['newdid'])) {
$_SESSION['wid'] = $_GET['newdid'];