Not signed in (Sign In)
-
Subscribe
-
-
- CommentAuthorD34N0
- CommentTimeJun 4th 2009 edited
For anyone interested I have been able to add the logging of tags to the database by making the following changes to "IDS/Log/Database.php" file.
Database Table CreationCREATE TABLE IF NOT EXISTS `intrusions` (
`id` int(11) unsigned NOT null auto_increment,
`name` varchar(128) NOT null,
`value` text NOT null,
`page` varchar(255) NOT null,
`tags` varchar(128) NOT null,
`ip` varchar(15) NOT null,
`impact` int(11) unsigned NOT null,
`origin` varchar(15) NOT null,
`created` datetime NOT null,
PRIMARY KEY (`id`)
) ENGINE=MyISAM ;
SQL Preparation Statement$this->statement = $this->handle->prepare('
INSERT INTO ' . $this->table . ' (
name,
value,
page,
tags,
ip,
impact,
origin,
created
)
VALUES (
:name,
:value,
:page,
:tags,
:ip,
:impact,
:origin,
now()
)
');
Foreach Loop in Function execute()foreach ($data as $event) {
$page = isset($_SERVER['REQUEST_URI']) ? $_SERVER['REQUEST_URI'] : '';
$ip = $this->ip;
$tags = implode(", ",$event->getTags());
$this->statement->bindParam('name', $event->getName());
$this->statement->bindParam('value', $event->getValue());
$this->statement->bindParam('page', $page);
$this->statement->bindParam('tags', $tags);
$this->statement->bindParam('ip', $ip);
$this->statement->bindParam('impact', $data->getImpact());
$this->statement->bindParam('origin', $_SERVER['SERVER_ADDR']);
if (!$this->statement->execute()) {
$info = $this->statement->errorInfo();
throw new Exception(
$this->statement->errorCode() . ', ' . $info[1] . ', ' . $info[2]
);
}
}
Hope this is helpful.
Dean -
-
CommentAuthor.mario
- CommentTimeJun 5th 2009
Hi!
Nice - thx. We didn't log them since we thought the prio is not too high and if a developer needs them a m:n table would have been used anyway. I'll make this thread sticky and if enough people think it makes sense we will add it to the core.
Thx again,
mario -
-
- CommentAuthorpatoff
- CommentTimeApr 13th 2010 edited
Hi,
I really like the tags add-on and I've done been a step further by including the filterid use to detect the injection in the database. I'm using it for making out some stats :)
Hope it helps!
Database Table CreationCREATE TABLE IF NOT EXISTS `intrusions` (
`id` int(11) unsigned NOT null auto_increment,
`name` varchar(128) NOT null,
`value` text NOT null,
`page` varchar(255) NOT null,
`tags` varchar(128) NOT null,
`filterid` varchar(128) NOT null,
`ip` varchar(15) NOT null,
`impact` int(11) unsigned NOT null,
`origin` varchar(15) NOT null,
`created` datetime NOT null,
PRIMARY KEY (`id`)
) ENGINE=MyISAM ;
SQL Preparation Statement$this->statement = $this->handle->prepare('
INSERT INTO ' . $this->table . ' (
name,
value,
page,
tags,
filterid,
ip,
impact,
origin,
created
)
VALUES (
:name,
:value,
:page,
:tags,
:filterid,
:ip,
:impact,
:origin,
now()
)
');
Foreach Loop in Function execute()foreach ($data as $event) {
$page = isset($_SERVER['REQUEST_URI']) ? $_SERVER['REQUEST_URI'] : '';
$ip = $this->ip;
$tags = implode(", ",$event->getTags());
$filters = $event->getFilters();
$filter= $filters[0]->id;
$this->statement->bindParam('name', $event->getName());
$this->statement->bindParam('value', $event->getValue());
$this->statement->bindParam('page', $page);
$this->statement->bindParam('tags', $tags);
$this->statement->bindParam('filterid', $filter);
$this->statement->bindParam('ip', $ip);
$this->statement->bindParam('impact', $data->getImpact());
$this->statement->bindParam('origin', $_SERVER['SERVER_ADDR']);
if (!$this->statement->execute()) {
$info = $this->statement->errorInfo();
throw new Exception(
$this->statement->errorCode() . ', ' . $info[1] . ', ' . $info[2]
);
}
}
Pat -
-
CommentAuthor.mario
- CommentTimeApr 19th 2010
I just added your changes to the PHPIDS core - thx! -
1 to 4 of 4