1<?php
2/**
3 * Logging functionality for webserver.
4 *
5 * This includes web server specific code to log some information.
6 */
7
8declare(strict_types=1);
9
10namespace PhpMyAdmin;
11
12use const LOG_AUTHPRIV;
13use const LOG_NDELAY;
14use const LOG_PID;
15use const LOG_WARNING;
16use function closelog;
17use function date;
18use function error_log;
19use function function_exists;
20use function openlog;
21use function syslog;
22
23/**
24 * Misc logging functions
25 */
26class Logging
27{
28    /**
29     * Get authentication logging destination
30     *
31     * @return string
32     */
33    public static function getLogDestination()
34    {
35        $log_file = $GLOBALS['PMA_Config']->get('AuthLog');
36
37        /* Autodetect */
38        if ($log_file === 'auto') {
39            if (function_exists('syslog')) {
40                $log_file = 'syslog';
41            } elseif (function_exists('error_log')) {
42                $log_file = 'php';
43            } else {
44                $log_file = '';
45            }
46        }
47
48        return $log_file;
49    }
50
51    /**
52     * Generate log message for authentication logging
53     *
54     * @param string $user   user name
55     * @param string $status status message
56     *
57     * @return string
58     */
59    public static function getLogMessage($user, $status)
60    {
61        if ($status === 'ok') {
62            return 'user authenticated: ' . $user . ' from ' . Core::getIp();
63        }
64
65        return 'user denied: ' . $user . ' (' . $status . ') from ' . Core::getIp();
66    }
67
68    /**
69     * Logs user information to webserver logs.
70     *
71     * @param string $user   user name
72     * @param string $status status message
73     *
74     * @return void
75     */
76    public static function logUser($user, $status = 'ok')
77    {
78        if (function_exists('apache_note')) {
79            apache_note('userID', $user);
80            apache_note('userStatus', $status);
81        }
82        /* Do not log successful authentications */
83        if (! $GLOBALS['PMA_Config']->get('AuthLogSuccess') && $status === 'ok') {
84            return;
85        }
86        $log_file = self::getLogDestination();
87        if (empty($log_file)) {
88            return;
89        }
90        $message = self::getLogMessage($user, $status);
91        if ($log_file === 'syslog') {
92            if (function_exists('syslog')) {
93                @openlog('phpMyAdmin', LOG_NDELAY | LOG_PID, LOG_AUTHPRIV);
94                @syslog(LOG_WARNING, $message);
95                closelog();
96            }
97        } elseif ($log_file === 'php') {
98            @error_log($message);
99        } elseif ($log_file === 'sapi') {
100            @error_log($message, 4);
101        } else {
102            @error_log(
103                date('M d H:i:s') . ' phpmyadmin: ' . $message . "\n",
104                3,
105                $log_file
106            );
107        }
108    }
109}
110