Project

General

Profile

Actions
Copy link

Feature #16350

closed

a) FormSubmiLog: update recordid after insert. b) sql.log: reference to FormSubmitLog entry. c) Do not log Dirty, d) log HTTP_X_REAL_IP

Added by Carsten Rose about 1 year ago. Updated 10 months ago.

Status:
Closed
Priority:
High
Assignee:
Carsten Rose
Target version:
23.10.0
Start date:
03.06.2023
Due date:
% Done:

0%

Estimated time:
Discuss:
Prio Planung:
No
Vote:

Description

a) FormSubmiLog: update recordid after insert.

  • Aktuell steht in der Spalte 'recordId' bei Insert immer ein 0.
  • Gut waere wenn dort die neu angelegt ID stehen wuerde.
  • ACHTUNG: Im Mode LOG_MODIFY sollten INSERT/UPDATE fuer die Tabelle FormSubmitLog NICHT geloggt werden.

b) sql.log: reference to FormSubmitLog entry

  • Im sql.log fuer jede Query die Referenz angegeben auf den FormSubmitLog Record.

c) Do not log Dirty

  • Neu: Im Mode LOG_MODIFY sollten INSERT/UPDATE/DELETE fuer die Tabelle Dirty NICHT geloggt werden.

d) REMOTE_ADDRESS / HTTP_X_REAL_IP

  • Die I-MATH Homepage ist hinter einem Proxy.
  • Der Wert von $_SERVER[REMOTE_ADDRESS] ist daher immer die IP des Proxy
  • Das ist schlecht fuer
    • FormSubmitLog, denn dort wird die REMOTE_ADDRESS geloggt.
    • Fuer die Dirty Table, denn auch dort wird die REMOTE_ADDRESS geloggt.
    • QFQ Applikationen, die gerne wuessten von wo der aktuelle Aufruf kam.
  • Der verwendete NGINX Proxy setzt die Server Variable HTTP_X_REAL_IP.
  • Falls HTTP_X_REAL_IP gesetzt ist, soll diese den Wert von REMOTE_ADDRESS ueberschreiben

Related issues

Related to QFQ - Feature #15986: QFQ Exception: report original IP if HTTP request has been forwarded through a proxyNewCarsten Rose12.04.2023

Actions
Actions
Copy link
 #1

Updated by Carsten Rose about 1 year ago

  • Subject changed from a) FormSubmiLog: update recordid after insert. b) sql.log: reference to FormSubmitLog entry to a) FormSubmiLog: update recordid after insert. b) sql.log: reference to FormSubmitLog entry. c) Do not log Dirty
  • Description updated (diff)
Actions
Copy link
 #2

Updated by Carsten Rose about 1 year ago

  • Description updated (diff)
Actions
Copy link
 #3

Updated by Enis Nuredini 10 months ago

  • Status changed from New to In Progress
Actions
Copy link
 #4

Updated by Enis Nuredini 10 months ago

  • Status changed from In Progress to Feedback
  • Assignee changed from Carsten Rose to Enis Nuredini

Die Punkte wurden umgesetzt, jedoch bedarf es einer Besprechung mit CR.

Actions
Copy link
 #5

Updated by Carsten Rose 10 months ago

  • Tracker changed from Support to Feature
  • Subject changed from a) FormSubmiLog: update recordid after insert. b) sql.log: reference to FormSubmitLog entry. c) Do not log Dirty to a) FormSubmiLog: update recordid after insert. b) sql.log: reference to FormSubmitLog entry. c) Do not log Dirty, d) log HTTP_X_REAL_IP
  • Description updated (diff)
Actions
Copy link
 #6

Updated by Carsten Rose 10 months ago

  • Status changed from Feedback to In Progress
  • Assignee changed from Enis Nuredini to Carsten Rose
Actions
Copy link
 #7

Updated by Carsten Rose 10 months ago

  • Status changed from In Progress to Closed
  • Target version changed from 411 to 23.10.0
Actions
Copy link
 #8

Updated by Carsten Rose 9 months ago

  • Related to Feature #15986: QFQ Exception: report original IP if HTTP request has been forwarded through a proxy added
Actions
Copy link

Also available in: Atom PDF