Erweiterung Log Export und Login / Logout Log

httpdocs/app/bootstrap.php

@@ -494,6 +494,7 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST') {
     if ($action === 'login') {
         $found = findUserByEmail($pdo, trim((string)($_POST['email'] ?? '')));
         if ($found && password_verify((string)($_POST['password'] ?? ''), $found['password_hash'])) {
+            addAuditLog($pdo, (int)$found['id'], 'Anmeldung erfolgreich.');
             session_regenerate_id(true);
             $_SESSION['user'] = ['id' => (int)$found['id'], 'firstname' => $found['firstname'] ?? '', 'lastname' => $found['lastname'] ?? '', 'name' => displayName($found), 'email' => $found['email'], 'role' => $found['role']];
             header('Location: /?page=dashboard');
@@ -803,6 +804,29 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST') {
         $error = 'SQL-Dump ist ohne Datenbank nicht verfuegbar.';
     }
 
+    if ($user && $action === 'export_logs_csv' && $user['role'] === 'admin') {
+        if ($pdo) {
+            addAuditLog($pdo, (int)$user['id'], 'Logansicht als CSV exportiert.');
+            $filename = 'log-export-' . date('Y-m-d-His') . '.csv';
+            header('Content-Type: text/csv; charset=utf-8');
+            header('Content-Disposition: attachment; filename="' . $filename . '"');
+            $output = fopen('php://output', 'wb');
+            if ($output !== false) {
+                fwrite($output, "\xEF\xBB\xBF");
+                $rows = $pdo->query('(SELECT w.created_at AS ts, CONCAT(a.firstname, " ", a.lastname) AS actor, CONCAT(w.hours, " Stunden für ", m.firstname, " ", m.lastname, " gebucht: ", w.note) AS action FROM work_logs w JOIN users a ON a.id = w.actor_id JOIN users m ON m.id = w.member_id) UNION ALL (SELECT l.created_at AS ts, CONCAT(a.firstname, " ", a.lastname) AS actor, l.action FROM audit_logs l JOIN users a ON a.id = l.actor_id) ORDER BY ts DESC')->fetchAll(PDO::FETCH_ASSOC);
+                if ($rows) {
+                    fputcsv($output, array_keys($rows[0]));
+                    foreach ($rows as $row) {
+                        fputcsv($output, $row);
+                    }
+                }
+                fclose($output);
+            }
+            exit;
+        }
+        $error = 'Log-Export ist ohne Datenbank nicht verfuegbar.';
+    }
+
     if ($user && $action === 'import_sql_dump' && $user['role'] === 'admin') {
         if (!$pdo) {
             $error = 'SQL-Wiederherstellung ist ohne Datenbank nicht verfuegbar.';
@@ -902,6 +926,7 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST') {
     }
 
     if ($user && $action === 'logout') {
+        addAuditLog($pdo, (int)$user['id'], 'Abmeldung erfolgt.');
         session_destroy();
         header('Location: /?page=login');
         exit;