Skip to content

Commit

Permalink
Add audit log cleanup/retention period to cron
Browse files Browse the repository at this point in the history 
Audit logs will be automatically cleaned up after 90 days (new installs) or 7 years (existing installs). This is configurable in Settings > Security.
  • Loading branch information
@wrongecho
wrongecho committed Jun 30, 2024
1 parent cc38c64 commit 8db9822
Show file tree
Hide file tree
Showing 7 changed files with 36 additions and 10 deletions.
10 changes: 8 additions & 2 deletions cron.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -67,9 +67,12 @@
$config_enable_alert_domain_expire = intval($row['config_enable_alert_domain_expire']);
$config_send_invoice_reminders = intval($row['config_send_invoice_reminders']);

// Remmeber Token Expire
// Remember-me Token Expiry
$config_login_remember_me_expire = intval($row['config_login_remember_me_expire']);

// Log retention
$config_log_retention = intval($row['config_log_retention']);

// Set Currency Format
$currency_format = numfmt_create($company_locale, NumberFormatter::CURRENCY);

Expand Down Expand Up @@ -120,9 +123,12 @@
// Clean-up mail queue
mysqli_query($mysqli, "DELETE FROM email_queue WHERE email_queued_at < CURDATE() - INTERVAL 90 DAY");

// Clean-up old remember me tokens (2 or more days old)
// Clean-up old remember me tokens
mysqli_query($mysqli, "DELETE FROM remember_tokens WHERE remember_token_created_at < CURDATE() - INTERVAL $config_login_remember_me_expire DAY");

// Cleanup old audit logs
mysqli_query($mysqli, "DELETE FROM logs WHERE log_created_at < CURDATE() - INTERVAL $config_log_retention DAY");

//Logging
//mysqli_query($mysqli, "INSERT INTO logs SET log_type = 'Cron', log_action = 'Task', log_description = 'Cron cleaned up old data'");

Expand Down
19 changes: 13 additions & 6 deletions database_updates.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -1944,7 +1944,7 @@

if (CURRENT_DATABASE_VERSION == '1.3.6') {
mysqli_query($mysqli, "ALTER TABLE `clients` ADD `client_abbreviation` VARCHAR(10) DEFAULT NULL AFTER `client_tax_id_number`");

mysqli_query($mysqli, "UPDATE `settings` SET `config_current_database_version` = '1.3.7'");
}

Expand Down Expand Up @@ -1975,7 +1975,7 @@
)");

mysqli_query($mysqli, "UPDATE `settings` SET `config_current_database_version` = '1.3.9'");

}

if (CURRENT_DATABASE_VERSION == '1.3.9') {
Expand Down Expand Up @@ -2073,14 +2073,21 @@
mysqli_query($mysqli, "ALTER TABLE `assets` ADD `asset_photo` VARCHAR(200) DEFAULT NULL AFTER `asset_install_date`");

mysqli_query($mysqli, "ALTER TABLE `assets` ADD `asset_physical_location` VARCHAR(200) DEFAULT NULL AFTER `asset_photo`");

mysqli_query($mysqli, "UPDATE `settings` SET `config_current_database_version` = '1.4.1'");
}

// if (CURRENT_DATABASE_VERSION == '1.4.1') {
// // Insert queries here required to update to DB version 1.4.2
if (CURRENT_DATABASE_VERSION == '1.4.1') {
mysqli_query($mysqli, "ALTER TABLE `settings` ADD `config_log_retention` INT(11) NOT NULL DEFAULT '90' AFTER `config_login_remember_me_expire`;");
mysqli_query($mysqli, "UPDATE `settings` SET `config_log_retention` = '2555' WHERE company_id = 1;"); // Set to 7 years for existing installs

mysqli_query($mysqli, "UPDATE `settings` SET `config_current_database_version` = '1.4.2'");
}

// if (CURRENT_DATABASE_VERSION == '1.4.2') {
// // Insert queries here required to update to DB version 1.4.3
// // Then, update the database to the next sequential version
// mysqli_query($mysqli, "UPDATE `settings` SET `config_current_database_version` = '1.4.2'");
// mysqli_query($mysqli, "UPDATE `settings` SET `config_current_database_version` = '1.4.3'");
// }

} else {
Expand Down
2 changes: 1 addition & 1 deletion database_version.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -5,4 +5,4 @@
* It is used in conjunction with database_updates.php
*/

DEFINE("LATEST_DATABASE_VERSION", "1.4.1");
DEFINE("LATEST_DATABASE_VERSION", "1.4.2");
1 change: 1 addition & 0 deletions db.sql
View file
Original file line number Diff line number Diff line change
Expand Up @@ -1501,6 +1501,7 @@ CREATE TABLE `settings` (
`config_login_key_required` tinyint(1) NOT NULL DEFAULT 0,
`config_login_key_secret` varchar(255) DEFAULT NULL,
`config_login_remember_me_expire` int(11) NOT NULL DEFAULT 3,
`config_log_retention` int(11) NOT NULL DEFAULT 90,
`config_module_enable_ticketing` tinyint(1) NOT NULL DEFAULT 1,
`config_theme` varchar(200) DEFAULT 'blue',
`config_telemetry` tinyint(1) DEFAULT 0,
Expand Down
1 change: 1 addition & 0 deletions get_settings.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -113,6 +113,7 @@
$config_login_key_required = $row['config_login_key_required'];
$config_login_key_secret = $row['config_login_key_secret'];
$config_login_remember_me_expire = intval($row['config_login_remember_me_expire']);
$config_log_retention = intval($row['config_log_retention']);

// Locale
$config_currency_format = "US_en";
Expand Down
3 changes: 2 additions & 1 deletion post/setting.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -545,8 +545,9 @@
$config_login_key_required = intval($_POST['config_login_key_required']);
$config_login_key_secret = sanitizeInput($_POST['config_login_key_secret']);
$config_login_remember_me_expire = intval($_POST['config_login_remember_me_expire']);
$config_log_retention = intval($_POST['config_log_retention']);

mysqli_query($mysqli,"UPDATE settings SET config_login_message = '$config_login_message', config_login_key_required = '$config_login_key_required', config_login_key_secret = '$config_login_key_secret', config_login_remember_me_expire = $config_login_remember_me_expire WHERE company_id = 1");
mysqli_query($mysqli,"UPDATE settings SET config_login_message = '$config_login_message', config_login_key_required = '$config_login_key_required', config_login_key_secret = '$config_login_key_secret', config_login_remember_me_expire = $config_login_remember_me_expire, config_log_retention = $config_log_retention WHERE company_id = 1");

// Logging
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Settings', log_action = 'Modify', log_description = '$session_name modified login key settings', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id");
Expand Down
10 changes: 10 additions & 0 deletions settings_security.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -43,6 +43,16 @@
</div>
</div>

<div class="form-group">
<label>Log retention <small class="text-secondary">(The amount of days before audit logs are deleted during nightly cron)</small></label>
<div class="input-group">
<div class="input-group-prepend">
<span class="input-group-text"><i class="fa fa-fw fa-clock"></i></span>
</div>
<input type="number" class="form-control" name="config_log_retention" placeholder="Enter days to retain" value="<?php echo intval($config_log_retention); ?>">
</div>
</div>

<hr>

<button type="submit" name="edit_security_settings" class="btn btn-primary text-bold"><i class="fas fa-check mr-2"></i>Save</button>
Expand Down

0 comments on commit 8db9822

Please sign in to comment.