From 19160ec62cec3b6e436590b16ebb2b329ef5d55b Mon Sep 17 00:00:00 2001
From: Simon Rettberg
Date: Thu, 22 May 2025 16:07:03 +0200
Subject: Add audit logging of POST actions

---
 inc/util.inc.php | 16 ++++++++++++++--
 1 file changed, 14 insertions(+), 2 deletions(-)

(limited to 'inc/util.inc.php')

diff --git a/inc/util.inc.php b/inc/util.inc.php
index 91232f46..003da9fa 100644
--- a/inc/util.inc.php
+++ b/inc/util.inc.php
@@ -14,11 +14,12 @@ class Util
 	 * been displayed yet will be appended to the redirect.
 	 *
 	 * @param string|false $location Location to redirect to. "false" to redirect to same URL (useful after POSTs)
+	 * @param ?int $virtualResponseCode Which response code to treat this redirect as for audit purposes
 	 * @param bool $preferRedirectPost if true, use the value from $_POST['redirect'] instead of $location
-	 * @param bool $ignoreRedirectParams if true, ignore any additional params set via ::addRedirectParam())
+	 * @param bool $ignoreRedirectParams if true, ignore any additional params set via ::addRedirectParam()
 	 */
 	#[NoReturn]
-	public static function redirect($location = false, bool $preferRedirectPost = false, bool $ignoreRedirectParams = false): void
+	public static function redirect($location = false, ?int $virtualResponseCode = null, bool $preferRedirectPost = false, bool $ignoreRedirectParams = false): void
 	{
 		if ($location === false) {
 			$location = preg_replace('/([&?])message\[\]=[^&]*/', '\1', $_SERVER['REQUEST_URI']);
@@ -50,6 +51,17 @@ class Util
 				. Database::getQueryCount() . ' queries, '
 				. round(Database::getQueryTime(), 3) . 's query time total');
 		}
+		// For cosmetic reasons, allow overriding the HTTP response code we log to the audit table.
+		// This is only for logging, this doesn't get send to the client.
+		if ($virtualResponseCode !== null) {
+			Audit::overrideResponseCode($virtualResponseCode, false);
+		} elseif (Message::hasError('main.parameter-empty', 'main.parameter-missing', 'main.value-invalid', 'main.invalid-action')) {
+			Audit::overrideResponseCode(400, false);
+		} elseif (Message::hasError('main.no-permission')) {
+			Audit::overrideResponseCode(403, false);
+		} elseif (Message::hasError('main.error-read', 'main.error-write')) {
+			Audit::overrideResponseCode(500, false);
+		}
 		Header('Location: ' . $location);
 		exit(0);
 	}
-- 
cgit v1.2.3-55-g7522