// based on log class from http://www.redips.net/php/write-to-log-file/ class SysLog { const DEFAULT_LOG_PATH = '/var/log/httpd/mylog.log'; // declare log file and file pointer as private properties private $log_file; private $fp; public $clientIp; // the altLogPath could be set after instance has been created public $altLogPath; // set log file (path and name) public $internalIpOnly; /** * Whether to use proxy addresses or not. * As default this setting is disabled - IP address is mostly needed to increase * security. HTTP_* are not reliable since can easily be spoofed. It can be enabled * just for more flexibility, but if user uses proxy to connect to trusted services * it's his/her own risk, only reliable field for IP address is $_SERVER['REMOTE_ADDR']. * @var bool */ protected $useProxy = false; /** * List of trusted proxy IP addresses * @var array */ protected $trustedProxies = array(); /** * HTTP header to introspect for proxies * @var string */ protected $proxyHeader = 'HTTP_X_FORWARDED_FOR'; function SysLog() { $this->clientIp = $this->getIpAddress(); } public function lfile($path = null) { $this->log_file = $path; } // write message to the log file public function lwrite($message) { // if file pointer doesn't exist, then open log file if (!is_resource($this->fp)) { $this->lopen(); } // define script name // for PHP 5.2.0+ // $script_name = pathinfo($_SERVER['PHP_SELF'], PATHINFO_FILENAME); // for PHP version <= 5.2.0 $script_name = basename($_SERVER['PHP_SELF']); // $script_name = substr($script_name, 0, -4); // php extension and dot are not needed $script_name = getcwd() . DIRECTORY_SEPARATOR . $script_name; // define current time and suppress E_WARNING if using the system TZ settings // (don't forget to set the INI setting date.timezone) $time = @date('[d/M/Y:H:i:s]'); // write current time, script name and message to the log file fwrite($this->fp, "$time ($script_name) \n$message" . PHP_EOL); } // short name for lwrite public function log($message) { $this->lwrite($message); } // takes arrays and objects as params public function logdump($someObj) { $this->log(print_r($someObj, true)); } // close log file (it's always a good idea to close a file when you're done with it) public function lclose() { fclose($this->fp); } // open log file (private method) private function lopen() { // in case of Windows set default log file if (strtoupper(substr(PHP_OS, 0, 3)) === 'WIN') { $log_file_default = 'c:/php/logfile.txt'; } elseif(isset($this->altLogPath)) { // alternative log path could be set, require full path; $log_file_default = $this->altLogPath; } else { // set default log file for Linux and other systems $log_file_default = self::DEFAULT_LOG_PATH; } // define log file from lfile method or use previously set default $lfile = $this->log_file ? $this->log_file : $log_file_default; // open log file for writing only and place file pointer at the end of the file // (if the file does not exist, try to create it) $this->fp = fopen($lfile, 'a') or exit("Can't open $lfile!"); } /** * Returns client IP address. * * @return string IP address. */ public function getIpAddress() { $ip = $this->getIpAddressFromProxy(); if ($ip) { return $ip; } // direct IP address if (isset($_SERVER['REMOTE_ADDR'])) { return $_SERVER['REMOTE_ADDR']; } return ''; } /** * Attempt to get the IP address for a proxied client * * @see http://tools.ietf.org/html/draft-ietf-appsawg-http-forwarded-10#section-5.2 * @return false|string */ protected function getIpAddressFromProxy() { if (!$this->useProxy || (isset($_SERVER['REMOTE_ADDR']) && !in_array($_SERVER['REMOTE_ADDR'], $this->trustedProxies)) ) { return false; } $header = $this->proxyHeader; if (!isset($_SERVER[$header]) || empty($_SERVER[$header])) { return false; } // Extract IPs $ips = explode(',', $_SERVER[$header]); // trim, so we can compare against trusted proxies properly $ips = array_map('trim', $ips); // remove trusted proxy IPs $ips = array_diff($ips, $this->trustedProxies); // Any left? if (empty($ips)) { return false; } // Since we've removed any known, trusted proxy servers, the right-most // address represents the first IP we do not know about -- i.e., we do // not know if it is a proxy server, or a client. As such, we treat it // as the originating IP. // @see http://en.wikipedia.org/wiki/X-Forwarded-For $ip = array_pop($ips); return $ip; } }