mirror/zoneminder
1
0
Fork 0
mirror of https://github.com/ZoneMinder/zoneminder.git synced 2026-03-28 10:43:41 -04:00
Code Issues Packages Projects Releases Wiki Activity
Files
e6ace6fcf408eb06919f2d7a01077342cc9b217e
zoneminder/web/includes/actions/function.php
Isaac Connor e6ace6fcf4 feat: add AUDIT logging level for tracking administrative changes 
Add a new AUDIT logging level (-5) between PANIC (-4) and NOLOG (shifted
to -6) across C++, PHP, and Perl loggers. AUDIT entries use code 'AUD'
and syslog priority LOG_NOTICE. They record who changed what, from where,
for monitors, filters, users, config, roles, groups, zones, states,
servers, storage, events, snapshots, control caps, and login/logout.

AUDIT entries have their own retention period (ZM_LOG_AUDIT_DATABASE_LIMIT,
default 1 year) separate from regular log pruning. The log pruning in
zmstats.pl and zmaudit.pl now excludes AUDIT rows from regular pruning
and prunes them independently.

Critical safety: the C++ termination logic is changed from
'if (level <= FATAL)' to 'if (level == FATAL || level == PANIC)' to
prevent AUDIT-level log calls from killing the process.

Includes db migration zm_update-1.39.1.sql to shift any stored NOLOG
config values from -5 to -6.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-02-23 18:19:20 -05:00

62 lines
2.4 KiB
PHP
Raw Blame History

<?php
//
// ZoneMinder web action file
// Copyright (C) 2019 ZoneMinder LLC
//
// This program is free software; you can redistribute it and/or
// modify it under the terms of the GNU General Public License
// as published by the Free Software Foundation; either version 2
// of the License, or (at your option) any later version.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// along with this program; if not, write to the Free Software
// Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
//
// Monitor edit actions, require a monitor id and edit permissions for that monitor
if ( empty($_REQUEST['mid']) ) {
ZM\Error('Must specify mid');
return;
}
$mid = validInt($_REQUEST['mid']);
if ( !canEdit('Monitors', $mid) ) {
ZM\Error("You do not have permission to edit monitor $mid");
return;
}
if ($action == 'save') {
$monitor = new ZM\Monitor($mid);
if ( !$monitor->Id() ) {
ZM\Error("Monitor not found with Id=$mid");
return;
}
$newFunction = validStr($_REQUEST['newFunction']);
# Because we use a checkbox, it won't get passed in the request. So not being in _REQUEST means 0
$newEnabled = ( !isset($_REQUEST['newEnabled']) or $_REQUEST['newEnabled'] != '1' ) ? '0' : '1';
$newDecodingEnabled = ( !isset($_REQUEST['newDecodingEnabled']) or $_REQUEST['newDecodingEnabled'] != '1' ) ? '0' : '1';
$oldFunction = $monitor->Function();
$oldEnabled = $monitor->Enabled();
$oldDecodingEnabled = $monitor->DecodingEnabled();
if ( $newFunction != $oldFunction || $newEnabled != $oldEnabled || $newDecodingEnabled != $oldDecodingEnabled ) {
$monitor->save(array('Function'=>$newFunction, 'Enabled'=>$newEnabled, 'DecodingEnabled'=>$newDecodingEnabled));
ZM\AuditAction('update', 'monitor', $mid, "Function: $oldFunction->$newFunction Enabled: $oldEnabled->$newEnabled");
if ( daemonCheck() && ($monitor->Type() != 'WebSite') ) {
$monitor->zmcControl(($newFunction != 'None') ? 'restart' : 'stop');
}
} else {
ZM\Debug('No change to function, not doing anything.');
}
} else {
ZM\Error("Unsupported action $action on view=function.");
} // end if action
$redirect = '?view=console';
?>
Reference in New Issue View Git Blame Copy Permalink