diff options
author | jim-p <jimp@pfsense.org> | 2011-08-10 10:39:21 -0400 |
---|---|---|
committer | jim-p <jimp@pfsense.org> | 2011-08-10 10:41:36 -0400 |
commit | 3d2ec65e15f100e0de4ebf04ed8c932c39f865dd (patch) | |
tree | 798cf9228d2b1915ddb47de800df5e29add22578 | |
parent | 3bb423f005715fd08ecf24161f7ed16a23c3e0f3 (diff) | |
download | pfsense-3d2ec65e15f100e0de4ebf04ed8c932c39f865dd.zip pfsense-3d2ec65e15f100e0de4ebf04ed8c932c39f865dd.tar.gz |
Log when a user tries to access an unauthorized page.
-rw-r--r-- | etc/inc/authgui.inc | 6 |
1 files changed, 6 insertions, 0 deletions
diff --git a/etc/inc/authgui.inc b/etc/inc/authgui.inc index d64d1cc..8c9e3fa 100644 --- a/etc/inc/authgui.inc +++ b/etc/inc/authgui.inc @@ -62,6 +62,12 @@ if (!isAllowedPage($_SERVER['SCRIPT_NAME'])) { $_SESSION['Post_Login'] = true; require_once("functions.inc"); pfSenseHeader("/{$page}"); + + $username = empty($_SESSION["Username"]) ? "(system)" : $_SESSION['Username']; + if (!empty($_SERVER['REMOTE_ADDR'])) + $username .= '@' . $_SERVER['REMOTE_ADDR']; + log_error("{$username} attempted to access {$_SERVER['SCRIPT_NAME']} but does not have access to that page. Redirecting to {$page}."); + exit; } else { display_error_form("201", "No page assigned to this user! Click here to logout."); |