aboutsummaryrefslogtreecommitdiffstats
path: root/include/text.php
diff options
context:
space:
mode:
authorzotlabs <mike@macgirvin.com>2018-06-25 13:20:12 -0700
committerzotlabs <mike@macgirvin.com>2018-06-25 13:20:12 -0700
commitf66fb8e2a866f5ad638f34385cf6c24da7419c1b (patch)
tree84014ac92f3b8f66f078deb759cafca5700231c3 /include/text.php
parent4866ed52836028008af795da65faa2c0cd6e5df2 (diff)
downloadvolse-hubzilla-f66fb8e2a866f5ad638f34385cf6c24da7419c1b.tar.gz
volse-hubzilla-f66fb8e2a866f5ad638f34385cf6c24da7419c1b.tar.bz2
volse-hubzilla-f66fb8e2a866f5ad638f34385cf6c24da7419c1b.zip
SECURITY: logging: hash the session_id in case somebody posts log snippets from active sessions; also provide a hashed process_id if using a daemon process (with no session) for easier tracking of related log events
Diffstat (limited to 'include/text.php')
-rw-r--r--include/text.php13
1 files changed, 10 insertions, 3 deletions
diff --git a/include/text.php b/include/text.php
index 8bade6e90..7d62895bd 100644
--- a/include/text.php
+++ b/include/text.php
@@ -665,7 +665,7 @@ function logger($msg, $level = LOGGER_NORMAL, $priority = LOG_INFO) {
$stack = debug_backtrace(DEBUG_BACKTRACE_IGNORE_ARGS, 2);
$where = basename($stack[0]['file']) . ':' . $stack[0]['line'] . ':' . $stack[1]['function'] . ': ';
- $s = datetime_convert('UTC','UTC', 'now', ATOM_TIME) . ':' . log_priority_str($priority) . ':' . session_id() . ':' . $where . $msg . PHP_EOL;
+ $s = datetime_convert('UTC','UTC', 'now', ATOM_TIME) . ':' . log_priority_str($priority) . ':' . logid() . ':' . $where . $msg . PHP_EOL;
$pluginfo = array('filename' => $logfile, 'loglevel' => $level, 'message' => $s,'priority' => $priority, 'logged' => false);
if(! (App::$module == 'setup'))
@@ -675,6 +675,13 @@ function logger($msg, $level = LOGGER_NORMAL, $priority = LOG_INFO) {
@file_put_contents($pluginfo['filename'], $pluginfo['message'], FILE_APPEND);
}
+function logid() {
+ $x = session_id();
+ if(! $x)
+ $x = getmypid();
+ return hash('crc32',$x);
+}
+
/**
* @brief like logger() but with a function backtrace to pinpoint certain classes
* of problems which show up deep in the calling stack.
@@ -693,7 +700,7 @@ function btlogger($msg, $level = LOGGER_NORMAL, $priority = LOG_INFO) {
if(file_exists(BTLOGGER_DEBUG_FILE) && is_writable(BTLOGGER_DEBUG_FILE)) {
$stack = debug_backtrace(DEBUG_BACKTRACE_IGNORE_ARGS, 2);
$where = basename($stack[0]['file']) . ':' . $stack[0]['line'] . ':' . $stack[1]['function'] . ': ';
- $s = datetime_convert('UTC','UTC', 'now', ATOM_TIME) . ':' . log_priority_str($priority) . ':' . session_id() . ':' . $where . $msg . PHP_EOL;
+ $s = datetime_convert('UTC','UTC', 'now', ATOM_TIME) . ':' . log_priority_str($priority) . ':' . logid() . ':' . $where . $msg . PHP_EOL;
@file_put_contents(BTLOGGER_DEBUG_FILE, $s, FILE_APPEND);
}
@@ -764,7 +771,7 @@ function dlogger($msg, $level = 0) {
$where = basename($stack[0]['file']) . ':' . $stack[0]['line'] . ':' . $stack[1]['function'] . ': ';
- @file_put_contents($logfile, datetime_convert('UTC','UTC', 'now', ATOM_TIME) . ':' . session_id() . ' ' . $where . $msg . PHP_EOL, FILE_APPEND);
+ @file_put_contents($logfile, datetime_convert('UTC','UTC', 'now', ATOM_TIME) . ':' . logid() . ' ' . $where . $msg . PHP_EOL, FILE_APPEND);
}