diff --git a/includes/misc.inc.php b/includes/misc.inc.php
index 7041d0f..fd75739 100644
--- a/includes/misc.inc.php
+++ b/includes/misc.inc.php
@@ -128,7 +128,6 @@ function do_db_auth($u, $p) {
$db->close();
if ($userinfo and $userinfo['password'] and (crypt($p, $userinfo['password']) === $userinfo['password'])) {
- writelog('Succesful login.');
return TRUE;
}
@@ -277,11 +276,15 @@ function clearlogs() {
writelog("Logtable truncated.");
}
-function writelog($line) {
+function writelog($line, $user=False) {
global $logging;
if ($logging !== TRUE)
return;
+ if ($user === False) {
+ $user = get_sess_user();
+ }
+
try {
$db = get_db();
$q = $db->prepare('CREATE TABLE IF NOT EXISTS logs (
@@ -292,7 +295,7 @@ function writelog($line) {
$ret = $q->execute();
$q = $db->prepare('INSERT INTO logs (user, log) VALUES (:user, :log)');
- $q->bindValue(':user', get_sess_user(), SQLITE3_TEXT);
+ $q->bindValue(':user', $user, SQLITE3_TEXT);
$q->bindValue(':log', $line, SQLITE3_TEXT);
$q->execute();
$db->close();
diff --git a/includes/session.inc.php b/includes/session.inc.php
index 0af9f89..996f052 100644
--- a/includes/session.inc.php
+++ b/includes/session.inc.php
@@ -150,6 +150,7 @@ function _try_login($username, $password) {
global $wefactapiurl, $wefactapikey;
if (!valid_user($username)) {
+ writelog("Illegal username at login!", $username);
return false;
}
@@ -158,6 +159,7 @@ function _try_login($username, $password) {
if (isset($wefactapiurl) && isset($wefactapikey)) {
$wefact = do_wefact_auth($username, $password);
if (false === $wefact ) {
+ writelog("Failed Wefact login!", $username);
return false;
}
if (-1 !== $wefact) {
@@ -166,11 +168,13 @@ function _try_login($username, $password) {
}
if ($do_local_auth && !do_db_auth($username, $password)) {
+ writelog("Failed login!", $username);
return false;
}
$user = get_user_info($username);
if (!$user) {
+ writelog("Failed to find user!", $username);
return false;
} else {
_set_current_user($username, (bool) $user['isadmin']);