112 lines
3.3 KiB
PHP
112 lines
3.3 KiB
PHP
|
<?php
|
||
|
|
// Database.php
|
||
|
|
class Database {
|
||
|
|
private $db;
|
||
|
|
private static $instance = null;
|
||
|
|
|
||
|
|
private function __construct() {
|
||
|
|
$config = require 'config.php';
|
||
|
|
$this->db = new SQLite3($config['db']['path']);
|
||
|
|
$this->db->enableExceptions(true);
|
||
|
|
}
|
||
|
|
|
||
|
|
public static function getInstance() {
|
||
|
|
if (self::$instance === null) {
|
||
|
|
self::$instance = new self();
|
||
|
|
}
|
||
|
|
return self::$instance;
|
||
|
|
}
|
||
|
|
|
||
|
|
public function logActivity($userId, $actionType, $details = '') {
|
||
|
|
$stmt = $this->db->prepare('
|
||
|
|
INSERT INTO activity_logs (user_id, action_type, details, ip_address)
|
||
|
|
VALUES (:user_id, :action_type, :details, :ip)
|
||
|
|
');
|
||
|
|
|
||
|
|
$stmt->bindValue(':user_id', $userId, SQLITE3_INTEGER);
|
||
|
|
$stmt->bindValue(':action_type', $actionType, SQLITE3_TEXT);
|
||
|
|
$stmt->bindValue(':details', $details, SQLITE3_TEXT);
|
||
|
|
$stmt->bindValue(':ip', $_SERVER['REMOTE_ADDR'], SQLITE3_TEXT);
|
||
|
|
|
||
|
|
return $stmt->execute();
|
||
|
|
}
|
||
|
|
|
||
|
|
public function getActivityLogs($filters = []) {
|
||
|
|
$query = '
|
||
|
|
SELECT
|
||
|
|
al.*,
|
||
|
|
u.username,
|
||
|
|
u.role
|
||
|
|
FROM activity_logs al
|
||
|
|
LEFT JOIN users u ON al.user_id = u.id
|
||
|
|
WHERE 1=1
|
||
|
|
';
|
||
|
|
|
||
|
|
$params = [];
|
||
|
|
|
||
|
|
if (!empty($filters['action_type'])) {
|
||
|
|
$query .= ' AND action_type = :action_type';
|
||
|
|
$params[':action_type'] = $filters['action_type'];
|
||
|
|
}
|
||
|
|
|
||
|
|
if (!empty($filters['date_from'])) {
|
||
|
|
$query .= ' AND created_at >= :date_from';
|
||
|
|
$params[':date_from'] = $filters['date_from'];
|
||
|
|
}
|
||
|
|
|
||
|
|
if (!empty($filters['date_to'])) {
|
||
|
|
$query .= ' AND created_at <= :date_to';
|
||
|
|
$params[':date_to'] = $filters['date_to'];
|
||
|
|
}
|
||
|
|
|
||
|
|
$query .= ' ORDER BY created_at ' .
|
||
|
|
(!empty($filters['order']) && $filters['order'] === 'asc' ? 'ASC' : 'DESC');
|
||
|
|
|
||
|
|
$stmt = $this->db->prepare($query);
|
||
|
|
|
||
|
|
foreach ($params as $key => $value) {
|
||
|
|
$stmt->bindValue($key, $value);
|
||
|
|
}
|
||
|
|
|
||
|
|
$result = $stmt->execute();
|
||
|
|
$logs = [];
|
||
|
|
|
||
|
|
while ($row = $result->fetchArray(SQLITE3_ASSOC)) {
|
||
|
|
$logs[] = $row;
|
||
|
|
}
|
||
|
|
|
||
|
|
return $logs;
|
||
|
|
}
|
||
|
|
|
||
|
|
public function checkLoginAttempts($username) {
|
||
|
|
$config = require 'config.php';
|
||
|
|
$window = $config['security']['attempt_window'];
|
||
|
|
|
||
|
|
$stmt = $this->db->prepare('
|
||
|
|
SELECT COUNT(*) as attempts
|
||
|
|
FROM login_attempts
|
||
|
|
WHERE username = :username
|
||
|
|
AND attempt_time > datetime("now", "-' . $window . ' seconds")
|
||
|
|
');
|
||
|
|
|
||
|
|
$stmt->bindValue(':username', $username, SQLITE3_TEXT);
|
||
|
|
$result = $stmt->execute();
|
||
|
|
$row = $result->fetchArray();
|
||
|
|
|
||
|
|
return $row['attempts'];
|
||
|
|
}
|
||
|
|
|
||
|
|
public function logLoginAttempt($username) {
|
||
|
|
$stmt = $this->db->prepare('
|
||
|
|
INSERT INTO login_attempts (username, ip_address)
|
||
|
|
VALUES (:username, :ip)
|
||
|
|
');
|
||
|
|
|
||
|
|
$stmt->bindValue(':username', $username, SQLITE3_TEXT);
|
||
|
|
$stmt->bindValue(':ip', $_SERVER['REMOTE_ADDR'], SQLITE3_TEXT);
|
||
|
|
|
||
|
|
return $stmt->execute();
|
||
|
|
}
|
||
|
|
}
|
||
|
|
?>
|