From 5684dff5f9cf59933f899543ebe6cabe581df0ae Mon Sep 17 00:00:00 2001
From: Steve Sutton <steve@gaslightmedia.com>
Date: Tue, 10 Sep 2019 16:20:17 -0400
Subject: [PATCH] Setup new location for log directory.

If site is on ispConfig server and has a private directory it will
create a folder there
else
it will create one in uploads.
---
 controllers/admin.php       | 31 ++++++++++++++++++++++---------
 defines.php                 | 26 ++++++++++++++++++++++++++
 models/admin/logs/index.php | 18 ++++--------------
 views/admin/logs/index.html |  4 ++--
 4 files changed, 54 insertions(+), 25 deletions(-)

diff --git a/controllers/admin.php b/controllers/admin.php
index cfccabaf..42229d3e 100755
--- a/controllers/admin.php
+++ b/controllers/admin.php
@@ -253,7 +253,7 @@ class glmMembersAdmin extends GlmPluginSupport
     public function glmMembersAdminAjax()
     {
 
-        $this->logUserActions();
+        // $this->logUserActions();
 
         if ( GLM_MEMBERS_PLUGIN_ADMIN_DEBUG_VERBOSE ) {
             trigger_error(
@@ -1127,26 +1127,39 @@ class glmMembersAdmin extends GlmPluginSupport
      */
     public function logUserActions()
     {
+        // Don't log anything from the logs page.
         if ( isset( $_REQUEST['page'] ) && $_REQUEST['page'] == 'glm-members-admin-menu-logs' ) {
             return;
         }
-        $user_id      = get_current_user_id();
-        if ( !empty( $user_id ) ) {
-            $logFile   = GLM_MEMBERS_PLUGIN_MEDIA_PATH . '/' . date('Y-m-d') . '-user.log';
+        // Only log if the GLM_MEMBERS_PLUGIN_LOGS is defined.
+        if ( !defined( 'GLM_MEMBERS_PLUGIN_LOGS' ) ) {
+            return;
+        }
+        // Get currint user id.
+        $wpUser  = wp_get_current_user();
+        // echo '<pre>$wpUser: ' . print_r( $wpUser, true ) . '</pre>';
+        // Log only for activity that has a user id.
+        if ( isset( $wpUser->ID ) && filter_var( $wpUser->ID, FILTER_VALIDATE_INT ) ) {
+            $logFile   = GLM_MEMBERS_PLUGIN_LOGS . '/' . date('Y-m-d') . '-user.log';
             $timeZone  = get_option( 'timezone_string' );
             $cTimezone = date_default_timezone_get();
             date_default_timezone_set( $timeZone );
 
             $errorLogTime = date( 'j-M-Y H:i:s e' );
 
-            if ( !empty( $_POST['option'] ) ) {
-                $_GET['option'] = $_POST['option'];
+            if ( !empty( $_POST ) ) {
+                $data = $_POST;
+            } else {
+                $data = $_GET;
             }
-            if ( !empty( $_POST['glm_action'] ) ) {
-                $_GET['glm_action'] = $_POST['glm_action'];
+            if ( !empty( $data ) ) {
+                foreach ( $data as $key => &$val ) {
+                    $val = str_replace( "\n", '', $val );
+                    $val = str_replace( "\t", '', $val );
+                }
             }
 
-            error_log( "[{$errorLogTime}]\tIP: {$_SERVER['REMOTE_ADDR']}\tUSER: {$user_id}\tGET: " . serialize( $_GET ) . "\n", 3, $logFile );
+            error_log( "[{$errorLogTime}]\t{$_SERVER['REMOTE_ADDR']}\t{$wpUser->data->user_login}\t" . serialize( $data ) . "\n", 3, $logFile );
         }
         date_default_timezone_set( $cTimezone );
     }
diff --git a/defines.php b/defines.php
index 4f70ca25..659cdf90 100644
--- a/defines.php
+++ b/defines.php
@@ -82,6 +82,32 @@ define('GLM_MEMBERS_PLUGIN_FILES_PATH', GLM_MEMBERS_PLUGIN_MEDIA_PATH.'/files');
 define('GLM_MEMBERS_PLUGIN_FILE_LIBRARY_PATH', GLM_MEMBERS_PLUGIN_MEDIA_PATH.'/fileLibrary');
 define('GLM_MEMBERS_PLUGIN_CONFIG_PATH', GLM_MEMBERS_PLUGIN_PATH.'/config');
 
+// See if we have a ispConfig private directory.
+// If not then use a directory in uploads.
+$logDir = dirname( ABSPATH, 1 ) . '/private';
+if ( is_dir( $logDir ) ) {
+    $logDirName = $logDir . '/glmLogs';
+} else {
+    $logDirName = $WPUploadDir['basedir'].'/glmLogs';
+}
+// If the directory doesn't exists then attempt to create it.
+if ( !is_dir( $logDirName ) ) {
+    // Create the log directory if not created yet.
+    $oldUmask = umask( 0 );
+    $ret = mkdir( $logDirName, 0770 );
+    umask( $oldUmask );
+    if ( $ret ) {
+        // Create a .htaccess file for deny all
+        file_put_contents( $logDirName . '/.htaccess', 'deny from all' );
+    } else {
+        trigger_error( 'Failed to create log directory', E_USER_NOTICE );
+    }
+}
+// Set define only if there's really a log directory.
+if ( is_dir( $logDirName ) ) {
+    define( 'GLM_MEMBERS_PLUGIN_LOGS', $logDirName );
+}
+
 $pluginsPath = str_replace(GLM_MEMBERS_PLUGIN_SLUG, '', GLM_MEMBERS_PLUGIN_PATH);
 define('GLM_MEMBERS_WORDPRESS_PLUGIN_PATH', $pluginsPath);
 define('GLM_MEMBERS_WORDPRESS_PLUGIN_URL', WP_PLUGIN_URL);
diff --git a/models/admin/logs/index.php b/models/admin/logs/index.php
index a41bfc00..aefea7a7 100644
--- a/models/admin/logs/index.php
+++ b/models/admin/logs/index.php
@@ -98,10 +98,10 @@ class GlmMembersAdmin_logs_index
         $fileData = false;
 
         // Defaults to today's date
-        $logFile = GLM_MEMBERS_PLUGIN_MEDIA_PATH . '/' . date('Y-m-d') . '-user.log';
+        $logFile = GLM_MEMBERS_PLUGIN_LOGS . '/' . date('Y-m-d') . '-user.log';
 
-        if ( isset( $_REQUEST['logFile'] ) && $_REQUEST['logFile'] && is_readable( GLM_MEMBERS_PLUGIN_MEDIA_PATH . '/' . $_REQUEST['logFile'] ) ) {
-            $logFile = GLM_MEMBERS_PLUGIN_MEDIA_PATH . '/' . $_REQUEST['logFile'];
+        if ( isset( $_REQUEST['logFile'] ) && $_REQUEST['logFile'] && is_readable( GLM_MEMBERS_PLUGIN_LOGS . '/' . $_REQUEST['logFile'] ) ) {
+            $logFile = GLM_MEMBERS_PLUGIN_LOGS . '/' . $_REQUEST['logFile'];
         }
 
         if ( isset( $_REQUEST['option'] ) ) {
@@ -110,7 +110,7 @@ class GlmMembersAdmin_logs_index
 
         // Get a list of log files.
         // Log files will be date then -user.log
-        $glmFiles = scandir( GLM_MEMBERS_PLUGIN_MEDIA_PATH );
+        $glmFiles = scandir( GLM_MEMBERS_PLUGIN_LOGS );
         if ( !empty( $glmFiles ) ) {
             foreach ( $glmFiles as $fileItem ) {
                 if ( preg_match( '/[0-9]{4}-[0-9]{2}-[0-9]{2}-user.log/', $fileItem ) ) {
@@ -130,16 +130,6 @@ class GlmMembersAdmin_logs_index
 
             foreach ( $file as $lineNumber => $line ) {
                 $lineContents = explode( "\t", $line );
-                foreach ( $lineContents as $key => &$item ) {
-                    if ( preg_match( '/USER: ([0-9]*)/', $item, $userMatch ) ) {
-                        // echo '<pre>$userMatch: ' . print_r( $userMatch, true ) . '</pre>';
-                        // get user name
-                        if ( $userId = filter_var( $userMatch[1], FILTER_VALIDATE_INT ) ) {
-                            $user = get_user_by( 'id', $userId );
-                            $item = 'USER: ' . $user->user_login;
-                        }
-                    }
-                }
                 $logFileContent[$lineNumber] = $lineContents;
             }
 
diff --git a/views/admin/logs/index.html b/views/admin/logs/index.html
index ef76e092..01a2dd25 100644
--- a/views/admin/logs/index.html
+++ b/views/admin/logs/index.html
@@ -13,7 +13,7 @@
     {if !empty($logFiles)}
         <select id="logFile" name="logFile">
             {foreach $logFiles as $fileName}
-                <option value="{$fileName}">{$fileName}</option>
+                <option value="{$fileName}"{if !empty($smarty.request.logFile) && $smarty.request.logFile == $fileName} selected{/if}>{$fileName}</option>
             {/foreach}
         </select>
     {/if}
@@ -26,7 +26,7 @@
     <tr>
         <th width="250">Time</th>
         <th width="100">IP Address</th>
-        <th width="100">User Id</th>
+        <th width="100">User Login</th>
         <th>Data</th>
     </tr>
     {foreach $fileData as $lineNumber => $content}
-- 
2.17.1