summaryrefslogtreecommitdiffstats
path: root/etc
diff options
context:
space:
mode:
authorjim-p <jimp@pfsense.org>2011-08-10 10:39:21 -0400
committerjim-p <jimp@pfsense.org>2011-08-10 10:40:36 -0400
commit0d4f348f174cb5bef4ba4af5859b59a113d221f3 (patch)
tree9f1e63b2f19d213c54d48e9ae1ccb9209d235ef2 /etc
parent277ee8580e5cfb1c72f087df3fac8009c754c552 (diff)
downloadpfsense-0d4f348f174cb5bef4ba4af5859b59a113d221f3.zip
pfsense-0d4f348f174cb5bef4ba4af5859b59a113d221f3.tar.gz
Log when a user tries to access an unauthorized page.
Diffstat (limited to 'etc')
-rw-r--r--etc/inc/authgui.inc6
1 files changed, 6 insertions, 0 deletions
diff --git a/etc/inc/authgui.inc b/etc/inc/authgui.inc
index 9b1b8f0..d491927 100644
--- a/etc/inc/authgui.inc
+++ b/etc/inc/authgui.inc
@@ -62,6 +62,12 @@ if (!isAllowedPage($_SERVER['SCRIPT_NAME'])) {
$_SESSION['Post_Login'] = true;
require_once("functions.inc");
pfSenseHeader("/{$page}");
+
+ $username = empty($_SESSION["Username"]) ? "(system)" : $_SESSION['Username'];
+ if (!empty($_SERVER['REMOTE_ADDR']))
+ $username .= '@' . $_SERVER['REMOTE_ADDR'];
+ log_error("{$username} attempted to access {$_SERVER['SCRIPT_NAME']} but does not have access to that page. Redirecting to {$page}.");
+
exit;
} else {
display_error_form("201", gettext("No page assigned to this user! Click here to logout."));
OpenPOWER on IntegriCloud