Add audit logging of POST actions

author: Simon Rettberg 2025-05-22 16:07:03 +0200
committer: Simon Rettberg 2025-05-22 16:07:03 +0200
commit: 19160ec62cec3b6e436590b16ebb2b329ef5d55b (patch)
tree: bdfc8a89829fde79133b839d4cb52a27c7b3e520 /index.php
parent: [locationinfo] URLpanel: Browser accept-language and screen rotation (diff)
download: slx-admin-19160ec62cec3b6e436590b16ebb2b329ef5d55b.tar.gz
slx-admin-19160ec62cec3b6e436590b16ebb2b329ef5d55b.tar.xz
slx-admin-19160ec62cec3b6e436590b16ebb2b329ef5d55b.zip
1 files changed, 7 insertions, 0 deletions
diff --git a/index.php b/index.php
index 73dc6e0d..85f2970e 100644
--- a/index.php
+++ b/index.php
@@ -178,6 +178,13 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST') {
 	}
 }
 
+// Auditing - log any post requests, but mask potential password fields.
+// This REQUIRES naming those form fields accordingly
+if ($_SERVER['REQUEST_METHOD'] === 'POST') {
+	$mod = Page::getModule();
+	Audit::run($mod ? $mod->getIdentifier() : strtolower($_POST['do'] ?? '???'));
+}
+
 // AJAX Stuff? Just do so. Otherwise, run preprocessing
 if (AJAX) {
 	ob_start('ob_gzhandler');
author	Simon Rettberg	2025-05-22 16:07:03 +0200
committer	Simon Rettberg	2025-05-22 16:07:03 +0200
commit	19160ec62cec3b6e436590b16ebb2b329ef5d55b (patch)
tree	bdfc8a89829fde79133b839d4cb52a27c7b3e520 /index.php
parent	[locationinfo] URLpanel: Browser accept-language and screen rotation (diff)
download	slx-admin-19160ec62cec3b6e436590b16ebb2b329ef5d55b.tar.gz slx-admin-19160ec62cec3b6e436590b16ebb2b329ef5d55b.tar.xz slx-admin-19160ec62cec3b6e436590b16ebb2b329ef5d55b.zip