Difference between revisions of "Protecting access log"
(→Related links) |
(→Pull Down Menu Mod) |
||
| (2 intermediate revisions by the same user not shown) | |||
| Line 3: | Line 3: | ||
|} | |} | ||
| − | This article was extracted from the following TNG Thread [ | + | This article was extracted from the following TNG Thread [https://tng.community/index.php?/forums/index.php?showtopic=5488&pid=26503&st=0&#entry26503 on protecting your Access Log]. |
== Allow Admin access == | == Allow Admin access == | ||
| Line 22: | Line 22: | ||
=== Pull Down Menu Mod === | === Pull Down Menu Mod === | ||
| + | {{TNG 8.1.3|and before}} | ||
The pull down menus generated by genlib.php do not show the Access Log. So if you want to show the Access Log on the Info pull down menu, you can make the following mod to genlib.php after the following line | The pull down menus generated by genlib.php do not show the Access Log. So if you want to show the Access Log on the Info pull down menu, you can make the following mod to genlib.php after the following line | ||
| Line 33: | Line 34: | ||
$menu .= "<li><a href=\"$cms[tngpath]" . "showlog.php\"><img src=\"$cms[tngpath]tng_log.gif\" class=\"tnggif\" align=\"left\" alt=\"\" />$text[mnushowlog]</a></li>\n"; // added by Ken Roy | $menu .= "<li><a href=\"$cms[tngpath]" . "showlog.php\"><img src=\"$cms[tngpath]tng_log.gif\" class=\"tnggif\" align=\"left\" alt=\"\" />$text[mnushowlog]</a></li>\n"; // added by Ken Roy | ||
</nowiki></code> | </nowiki></code> | ||
| − | |||
== Check Login == | == Check Login == | ||
| Line 39: | Line 39: | ||
After the login check in the showlog.php | After the login check in the showlog.php | ||
| − | < | + | <syntaxhighlight lang="php" enclose="div"> |
| + | include($cms['tngpath'] . "checklogin.php"); | ||
| + | </syntaxhighlight> | ||
| + | |||
| + | {{TNG 9.0|and after}} | ||
| + | |||
| + | For TNG v9 and later, the code should be added after the | ||
| + | |||
| + | <syntaxhighlight lang="php" enclose="div"> | ||
| + | |||
| + | include("tng_begin.php"); | ||
| + | </syntaxhighlight> | ||
Add the following logic | Add the following logic | ||
| − | + | <syntaxhighlight lang="php" enclose="div"> | |
| − | < | + | if( $assignedtree || !$allow_edit ) { |
$message = $admtext[norights]; | $message = $admtext[norights]; | ||
header( "Location: login.php?message=" . urlencode($message) ); | header( "Location: login.php?message=" . urlencode($message) ); | ||
exit; | exit; | ||
| − | }</ | + | } |
| − | + | </syntaxhighlight> | |
== Protect the File == | == Protect the File == | ||
Latest revision as of 01:27, 3 April 2017
This article was extracted from the following TNG Thread on protecting your Access Log.
Allow Admin access
Modify the access for log to be only shown if the user has admin privileges.
- See Template 4 index.php and topmenu.php for an example of how this is done for a specific template.
- Modify the genlib.php to add the Access Log to the Info pull down for users with Admin privilege
Template 4 Logic
if( $allow_admin ) {
echo "<li><a href=\"showlog.php\" class=\"lightlink\">$text[mnushowlog]</a></li>\n";
echo "<li><a href=\"admin/index.php\" class=\"lightlink\">$text[mnuadmin]</a></li>\n";
}
Pull Down Menu Mod
| TNG version: | ≤ 8.1.3 |
The pull down menus generated by genlib.php do not show the Access Log. So if you want to show the Access Log on the Info pull down menu, you can make the following mod to genlib.php after the following line
if( $allow_admin_db )
$menu .= "<li><a href=\"$admin_url\"><img src=\"$cms[tngpath]tng_admin.gif\" class=\"tnggif\" align=\"left\" alt=\"\" />$text[administration]</a></li>\n";
by adding
if( $allow_admin_db )
$menu .= "<li><a href=\"$cms[tngpath]" . "showlog.php\"><img src=\"$cms[tngpath]tng_log.gif\" class=\"tnggif\" align=\"left\" alt=\"\" />$text[mnushowlog]</a></li>\n"; // added by Ken Roy
Check Login
After the login check in the showlog.php
include($cms['tngpath'] . "checklogin.php");
| TNG version: | ≥ 9.0 |
For TNG v9 and later, the code should be added after the
include("tng_begin.php");Add the following logic
if( $assignedtree || !$allow_edit ) {
$message = $admtext[norights];
header( "Location: login.php?message=" . urlencode($message) );
exit;
}Protect the File
Add an .htaccess entry to protect the genlog.txt file from access directly by going to your www.yoursite.org/genlog.txt
<Files "genlog.txt"> order deny,allow deny from all </Files>
To protect all .txt-files from access directly by going to your www.yoursite.org/***.txt you have to add .htaccess entry:
<Files *.txt> order deny,allow deny from all </Files>
Related links
The following provide additional security measures:
Controlling Site Access
Protecting Resources
- Permissions Explained
- Database User
- Move your configuration files
- Move your backup files
- Move your gedcom files
- Overlaid Subroot how to recover from subroot.php overlay
- Prevent Directory Listing
- Protecting access log
