Fixes #2222. Added IP address to system log table and log browser. Fixed problem in log browser that would only show entries without an owner_guid.

1 files changed, 15 insertions, 6 deletions

diff --git a/engine/lib/system_log.php b/engine/lib/system_log.php
index fd5644135..28d90be56 100644
--- a/engine/lib/system_log.php
+++ b/engine/lib/system_log.php
@@ -11,6 +11,7 @@
  * Retrieve the system log based on a number of parameters.
  *
  * @param int|array $by_user    The guid(s) of the user(s) who initiated the event.
+ *                              Use 0 for unowned entries. Anything else falsey means anyone.
  * @param string    $event      The event you are searching on.
  * @param string    $class      The class of object it effects.
  * @param string    $type       The type
@@ -21,11 +22,12 @@
  * @param int       $timebefore Lower time limit
  * @param int       $timeafter  Upper time limit
  * @param int       $object_id  GUID of an object
- *
+ * @param str       $ip_address The IP address.
  * @return mixed
  */
 function get_system_log($by_user = "", $event = "", $class = "", $type = "", $subtype = "",
-$limit = 10, $offset = 0, $count = false, $timebefore = 0, $timeafter = 0, $object_id = 0) {
+$limit = 10, $offset = 0, $count = false, $timebefore = 0, $timeafter = 0, $object_id = 0,
+$ip_address = false) {
 
 	global $CONFIG;
 
@@ -37,16 +39,18 @@ $limit = 10, $offset = 0, $count = false, $timebefore = 0, $timeafter = 0, $obje
 	} else {
 		$by_user = (int)$by_user;
 	}
+	
 	$event = sanitise_string($event);
 	$class = sanitise_string($class);
 	$type = sanitise_string($type);
 	$subtype = sanitise_string($subtype);
+	$ip_address = sanitise_string($ip_address);
 	$limit = (int)$limit;
 	$offset = (int)$offset;
 
 	$where = array();
 
-	if ($by_user_orig !== "") {
+	if ($by_user_orig !== "" && $by_user_orig !== false && $by_user_orig !== null) {
 		if (is_int($by_user)) {
 			$where[] = "performed_by_guid=$by_user";
 		} else if (is_array($by_user)) {
@@ -75,6 +79,9 @@ $limit = 10, $offset = 0, $count = false, $timebefore = 0, $timeafter = 0, $obje
 	if ($object_id) {
 		$where[] = "object_id = " . ((int) $object_id);
 	}
+	if ($ip_address) {
+		$where[] = "ip_address = '$ip_address'";
+	}
 
 	$select = "*";
 	if ($count) {
@@ -91,7 +98,8 @@ $limit = 10, $offset = 0, $count = false, $timebefore = 0, $timeafter = 0, $obje
 	}
 
 	if ($count) {
-		if ($numrows = get_data_row($query)) {
+		$numrows = get_data_row($query);
+		if ($numrows) {
 			return $numrows->count;
 		}
 	} else {
@@ -171,6 +179,7 @@ function system_log($object, $event) {
 		$object_subtype = $object->getSubtype();
 		$event = sanitise_string($event);
 		$time = time();
+		$ip_address = sanitise_string($_SERVER['REMOTE_ADDR']);
 		$performed_by = elgg_get_logged_in_user_guid();
 
 		if (isset($object->access_id)) {
@@ -194,10 +203,10 @@ function system_log($object, $event) {
 		if (!isset($log_cache[$time][$object_id][$event])) {
 			$query = "INSERT DELAYED into {$CONFIG->dbprefix}system_log
 				(object_id, object_class, object_type, object_subtype, event,
-				performed_by_guid, owner_guid, access_id, enabled, time_created)
+				performed_by_guid, owner_guid, access_id, enabled, time_created, ip_address)
 			VALUES
 				('$object_id','$object_class','$object_type', '$object_subtype', '$event',
-				$performed_by, $owner_guid, $access_id, '$enabled', '$time')";
+				$performed_by, $owner_guid, $access_id, '$enabled', '$time', '$ip_address')";
 
 			insert_data($query);