« previous next »
Pages: [1]

Author Topic: User activity log and reports  (Read 3863 times)

setekh

  • Newbie
  • *
  • Posts: 35
    • View Profile
User activity log and reports
« on: January 21, 2009, 06:10:14 am »
How to see what users have done? Is there a log of the users activities?
in 1.2 the only report working is for the Time schedule, what are the others?

If there is no logging module how we can setup one? Is it a good idea to add a table with username, action, object_type, object_name, date, time ... and after each activity taken to write in there ? Let's say after delete from trash we will add in table (for example) og_logs -> user, trash_delete, document, some_name, 20.01.2009,10:10:10 ... Is there something like that already, what kind of information is accessible without logging it myself and where to find it ? Where is best to add such logging functionality ?

I also see that you can call php files direct there is no define(_valid+access) or something ? Is that just in 1.2 beta or ?

I would appreciate if someone can help me in making such logging module for detailed user logs and adding it to the administration panel... I will post what i have done, but my php is not so good, but i'll try anyway and post what i have done.
Logged

conrado

  • Administrator
  • Hero Member
  • *****
  • Posts: 998
  • Conrado
    • View Profile
    • Feng Office
    • Email
Re: User activity log and reports
« Reply #1 on: January 21, 2009, 09:56:12 am »
There is a log of activity, but currently the only way to see it is by CO: when viewing a CO, in the 'Actions' panel, click on 'View History'.

I am not sure I understand your question about calling php files.  ???

Code contributions are always welcome!  :D Send us what you have done and we'll take a look at it.
Logged
Get Official Support for your Feng Office. Support the development team. Sign up for a Free Trial here.

setekh

  • Newbie
  • *
  • Posts: 35
    • View Profile
Re: User activity log and reports
« Reply #2 on: January 21, 2009, 05:52:50 pm »
O.K. I'm sorry my english sux :)
About the logs - i see that almost detailed logs are kept in a table, so it's just a matter of accessing them, i will try to do it and send you the code for corrections..

About direct access to php files.. you know..when you write in the url direct path to some file lets say http:\\somesite.com\public\addmessage.php and the file is executed..
I have added in my installation define(_VALID_ACCESS,true) n the init and defined(_VALID_ACCESS) || die('No direct access allowed'); in other files - i hope you get the idea...

Do you have any ideas about the detailed log, also it would be a good idea to keep what and when users have send using the integrated mail and probably a filter for some documents, I have also added in my installation a simple IP white list that can access the site, very simply made.. for example :
if ($_SERVER['HTTP_X_FORWARDED_FOR']) {
$ip=($_SERVER['HTTP_X_FORWARDED_FOR']); } else {
$ip=($_SERVER['REMOTE_ADDR']);}
$startip=ip2long(100.100.100.1);
$endip=ip2long(100.100.100.255);
$whitelist = array (ip2long(127.0.0.1),ip2long(192.168.0.1)) + range($startip, $endip);
if ( in_array(ip2long($ip), $whitelist)) { echo 'ok'; } elses { die("ip not allowed"); }
...
something like that can be added inside OpenGoo.. but that is not as important as the detailed log of user actions...
I will try tomorrow to do it, the idea is - check if the user is admin or has admin priv. , access the application_logs table and read the data, still i am not so sure what every record mean but i'll find out... there are :
taken_by_id, rel_object_id, and so on... what are is_private and is_silent, where do we set that is_silent thing ?
Also about the tags, if someone deletes the object the tag is left behind and can not be removed, there should be a whole tags management tab i have done a simple link that just deletes all tags :) but i'll fix that soon, i'll add an delete tag option when you click on some tag, but if you can do it it would be great as i am not a good php developer, i am/was more of a system programmer, you know asm, c, cpp, delphi - whatever , but php is not so different and i guess it's just a practice thing ...
I will post all i have done soon...
Thanks, and once again, your product is great.
btw where can i upload a translation for OpenGoo 1.2 that you do not have, also i have it for 0.9x ... so you can review it and if you deicide you can post it with the installation, the language is bg_bg
Logged

ignacio

  • Hero Member
  • *****
  • Posts: 1703
    • View Profile
Re: User activity log and reports
« Reply #3 on: January 22, 2009, 01:50:58 pm »
Hi setekh,

I think being able to see the logs through OpenGoo  would be useful. We would gladly consider what you do for a future version.

About calling PHP files directly, I think there's no need to include those kind of constants, as most files wouldn't let you do anything harmful, and the ones that do pass through many validations first. Theoretically, the only way of modifying or viewing content in OpenGoo is through the controllers, which are only executed from index.php, and which will check if you are logged in before letting you do anything. On the other hand, any extra security doesn't hurt :)

About the translations, you can attach your zipped translations to a post in the forums (when writing a post, there's an "Additional Options" link that will let you attach files), or you can send them by email to contact@opengoo.org.

Thanks.
Logged
Pages: [1]
« previous next »