Changeset 997

Timestamp:

01/29/09 14:55:38 (3 years ago)

Author:

strat.cristian@…

Message:

Log remote IP and X-Forwarded-For header on job submit, textblock create/edit, and attachment upload. For privacy considerations, IP addresses are only displayed to admins and helpers.

• Contains database migration script.
• Adds new simplified security action. (sensitive-info)

Location:

trunk

Files:

• common/common.php (modified) (2 diffs)
• common/db/attachment.php (modified) (5 diffs)
• common/db/db.php (modified) (1 diff)
• common/db/job.php (modified) (6 diffs)
• common/db/round.php (modified) (2 diffs)
• common/db/task.php (modified) (2 diffs)
• common/db/textblock.php (modified) (8 diffs)
• common/db/user.php (modified) (1 diff)
• common/job.php (modified) (3 diffs)
• common/log.php (modified) (1 diff)
• common/security.php (modified) (6 diffs)
• common/textblock.php (modified) (2 diffs)
• junk/userpage-fix.php (modified) (1 diff)
• scripts/init-blog-comments (modified) (2 diffs)
• scripts/link-task-forum (modified) (1 diff)
• scripts/migrate-newsletters-to-html (modified) (1 diff)
• scripts/migrate-remote-ip (added)
• scripts/textblock-add-topic-id (modified) (2 diffs)
• www/controllers/account.php (modified) (1 diff)
• www/controllers/account_validator.php (modified) (1 diff)
• www/controllers/attachment.php (modified) (1 diff)
• www/controllers/job_filters.php (modified) (1 diff)
• www/controllers/monitor.php (modified) (1 diff)
• www/controllers/round.php (modified) (1 diff)
• www/controllers/submit.php (modified) (1 diff)
• www/controllers/task.php (modified) (1 diff)
• www/controllers/textblock.php (modified) (1 diff)
• www/controllers/textblock_copy.php (modified) (1 diff)
• www/controllers/textblock_edit.php (modified) (1 diff)
• www/static/css/screen.css (modified) (1 diff)
• www/utilities.php (modified) (1 diff)
• www/views/changes.php (modified) (1 diff)
• www/views/job_detail.php (modified) (2 diffs)
• www/views/listattach.php (modified) (2 diffs)
• www/views/textblock_history.php (modified) (2 diffs)

trunk/common/common.php

@@ -38 +38 @@
 define("IA_RE_USER_NAME", '[_@a-z0-9][a-z0-9_\-\.\@]*');
 
+// IPv4 address, doesn't check for values greater than 255.
+define("IA_RE_IPV4", '(?:\d{1,3}\.){3}\d{1,3}');
+// Full IPv6 address, doesn't match compressed IPv6 formats.
+define("IA_RE_IPV6_NO_COMPRESS", '(?:[0-9A-Fa-f]{1,4}:){7}[0-9A-Fa-f]{1,4}');
+// IP address, matches IPv4 and non-compressed IPv6.
+define("IA_RE_IP_ADDRESS", IA_RE_IPV4."|".IA_RE_IPV6_NO_COMPRESS);
+
 // Valid email. A complete check is not possible, see
 // http://www.regular-expressions.info/email.html
@@ -101 +108 @@
     }
     return true;
+}
+
+// Check for (apparently) valid IP address.
+// It will match IPv4 and only non-compressed IPv6. Doesn't check
+// for values greater than 255.
+function is_valid_ip_address($ip_address) {
+    return preg_match('/^'.IA_RE_IP_ADDRESS.'$/xi', $ip_address);
 }
 

trunk/common/db/attachment.php

@@ -65 +65 @@
 
 // Update an attachment. FIXME: hash args.
-function attachment_update($id, $name, $size, $mime_type, $page, $user_id) {
+function attachment_update($id, $name, $size, $mime_type, $page, $user_id,
+        $remote_ip_info) {
     $attachment = array(
             'id' => $id,
@@ -74 +75 @@
             'user_id' => $user_id,
             'timestamp' => db_date_format(),
+            'remote_ip_info' => $remote_ip_info,
     );
 
@@ -82 +84 @@
 
 // Inserts an attachment in the db
-function attachment_insert($name, $size, $mime_type, $page, $user_id) {
+function attachment_insert($name, $size, $mime_type, $page, $user_id,
+        $remote_ip_info) {
     $attachment = array(
             'name' => $name,
@@ -90 +93 @@
             'user_id' => $user_id,
             'timestamp' => db_date_format(),
+            'remote_ip_info' => $remote_ip_info,
     );
 
@@ -95 +99 @@
     $attachment['id'] = db_insert_id();
     _attachment_cache_add($attachment);
-    
+
     return $attachment['id'];
 }

trunk/common/db/db.php

@@ -262 +262 @@
 }
 
+// FIXME: This shouldn't be here. Move it in common/db/task.php or
+// common/db/round.php
 function db_get_task_filter_clause($filter, $table_alias) {
     if ($filter == IA_TLF_SOLVED) {

trunk/common/db/job.php

@@ -22 +22 @@
 
 // Creates new eval job
-function job_create($task_id, $round_id, $user_id, $compiler_id, $file_contents) {
+function job_create($task_id, $round_id, $user_id, $compiler_id, $file_contents,
+        $remote_ip_info = null) {
     $query = <<<SQL
         INSERT INTO ia_job
-            (`task_id`, `round_id`, `user_id`, `compiler_id`, `file_contents`, `submit_time`)
-        VALUES (%s, %s, %s, %s, %s, %s)
+            (`task_id`, `round_id`, `user_id`, `compiler_id`, `file_contents`,
+             `submit_time`, `remote_ip_info`)
+        VALUES (%s, %s, %s, %s, %s, %s, %s)
 SQL;
     $query = sprintf($query,
             db_quote($task_id), db_quote($round_id), db_quote($user_id),
-            db_quote($compiler_id), db_quote($file_contents), db_quote(db_date_format()));
+            db_quote($compiler_id), db_quote($file_contents),
+            db_quote(db_date_format()), db_quote($remote_ip_info));
     return db_query($query);
 }
@@ -40 +43 @@
 SELECT `job`.`id`, `job`.`user_id`, `job`.`task_id`, `job`.`round_id`,
        `job`.`compiler_id`, `job`.`status`, `job`.`submit_time`,
-       `job`.`eval_message`, `job`.`score`, `job`.`file_contents`
+       `job`.`eval_message`, `job`.`score`, `job`.`file_contents`,
+       `job`.`remote_ip_info`
     FROM `ia_job` AS `job`
     WHERE `job`.`id` = (
@@ -83 +87 @@
     log_assert(is_whole_number($job_id));
     $field_list = "`job`.`id`, job.`user_id`, `job`.`compiler_id`, `job`.`status`,
-                   `job`.`submit_time`, `job`.`eval_message`, `job`.`score`, `job`.`eval_log`,
+                   `job`.`submit_time`, `job`.`eval_message`, `job`.`score`,
+                   `job`.`eval_log`, `job`.`remote_ip_info`,
                    OCTET_LENGTH(`job`.`file_contents`) AS `job_size`,
                    `user`.`username` AS `user_name`, `user`.`full_name` AS `user_fullname`,
@@ -128 +133 @@
     $score_end = getattr($filters, 'score_end');
     $eval_msg = getattr($filters, 'eval_msg');
+    $remote_ip_info = getattr($filters, 'remote_ip_info');
 
     $wheres = array("TRUE");
@@ -172 +178 @@
     if (!is_null($eval_msg)) {
         $wheres[] = sprintf("`job`.`eval_message` LIKE '%s%%'", db_escape($eval_msg));
+    }
+    if (!is_null($remote_ip_info)) {
+        // We allow remote_ip_info to contain % wildcards. This will make it a bit
+        // easier to search for IP classes.
+        $wheres[] = sprintf("`job`.`remote_ip_info` LIKE '%s'", db_escape($remote_ip_info));
     }
 
@@ -232 +243 @@
             `job`.`eval_message`,
             `job`.`eval_log`,
+            `job`.`remote_ip_info`,
             OCTET_LENGTH(`job`.`file_contents`) AS `job_size`,
             `user`.`username` AS `user_name`,

trunk/common/db/round.php

@@ -29 +29 @@
 // Create new round
 // Return success.
-function round_create($round, $round_params, $user_id) {
+function round_create($round, $round_params, $user_id, $remote_ip_info = null) {
     log_assert(is_user_id($user_id));
     log_assert_valid(round_validate($round));
@@ -45 +45 @@
         $replace = array("round_id" => $round['id']);
         textblock_copy_replace("template/newround", $round['page_name'],
-                $replace, "round: {$round['id']}", $user_id);
+                $replace, "round: {$round['id']}", $user_id, $remote_ip_info);
 
         _round_cache_add($round);

trunk/common/db/task.php

@@ -35 +35 @@
 
 // Create new task
-function task_create($task, $task_params) {
+function task_create($task, $task_params, $remote_ip_info = null) {
     log_assert_valid(task_validate($task));
     log_assert_valid(task_validate_parameters($task['type'], $task_params));
@@ -48 +48 @@
         $replace = array("task_id" => $task['id'], "task_title" => ucfirst($task['id']));
         textblock_copy_replace("template/newtask", $task['page_name'],
-                $replace, "task: {$task['id']}", $task['user_id']);
+                $replace, "task: {$task['id']}", $task['user_id'], $remote_ip_info);
 
         _task_cache_add($task);

trunk/common/db/textblock.php

@@ -15 +15 @@
 function textblock_add_revision(
         $name, $title, $content, $user_id, $security = "public",
-        $forum_topic = null, $timestamp = null, $creation_timestamp = null) {
+        $forum_topic = null, $timestamp = null, $creation_timestamp = null,
+        $remote_ip_info = null) {
     $name = normalize_page_name($name);
     $tb = array(
@@ -26 +27 @@
             'timestamp' => $timestamp,
             'creation_timestamp' => $creation_timestamp,
+            'remote_ip_info' => $remote_ip_info,
     );
     log_assert_valid(textblock_validate($tb));
@@ -59 +61 @@
     }
     $query = sprintf("INSERT INTO ia_textblock
-                        (name, `text`, `title`, `creation_timestamp`, `timestamp`, `user_id`, `security`, `forum_topic`)
-                      VALUES ('%s', '%s', '%s', '%s', '%s', '%s', '%s', %s)",
-                     db_escape($name), db_escape($content),
-                     db_escape($title), db_escape($creation_timestamp), 
-                     db_escape($timestamp), db_escape($user_id),
-                     db_escape($security),
-                     is_null($forum_topic) ? "NULL" : db_escape($forum_topic));
+            (name, `text`, `title`, `creation_timestamp`,
+                    `timestamp`, `user_id`, `security`, `forum_topic`,
+                    `remote_ip_info`)
+            VALUES ('%s', '%s', '%s', '%s', '%s', '%s', '%s', %s, %s)",
+            db_escape($name), db_escape($content), db_escape($title),
+            db_escape($creation_timestamp), db_escape($timestamp),
+            db_escape($user_id), db_escape($security), db_quote($forum_topic),
+            db_quote($remote_ip_info));
     return db_query($query);
 }
@@ -74 +77 @@
     // log_print_r($options);
 
-    $field_list = "`name`, `title`, `creation_timestamp`, `timestamp`, `security`, `user_id`, `forum_topic`";
+    $field_list = "`name`, `title`, `creation_timestamp`, `timestamp`, `security`, `user_id`,
+            `forum_topic`, `remote_ip_info`";
 
     // Select content.
@@ -212 +216 @@
         $compare = "REGEXP";
     }
-    $query = sprintf("SELECT `name`, `title`, `creation_timestamp`, `timestamp`, `user_id`, `security`, `forum_topic`
+    $query = sprintf("SELECT `name`, `title`, `creation_timestamp`, `timestamp`,
+                            `user_id`, `security`, `forum_topic`,
+                            `remote_ip_info`
                       FROM ia_textblock
                       WHERE `name` LIKE '%s' AND
@@ -289 +295 @@
 }
 
-function textblock_copy($old_name, $new_name) {
+function textblock_copy($old_name, $new_name, $user_id, $remote_ip_info) {
     $old_name = normalize_page_name($old_name);
     $new_name = normalize_page_name($new_name);
@@ -297 +303 @@
     $new_textblock = textblock_get_revision($old_name);
     $new_textblock['name'] = $new_name;
-    $new_textblock['user_id'] = identity_get_user_id();
+    $new_textblock['user_id'] = $user_id;
     textblock_add_revision($new_textblock['name'], $new_textblock['title'],
                            $new_textblock['text'], $new_textblock['user_id'],
                            $new_textblock['security'],
-                           $new_textblock['forum_topic'], null, null);
+                           $new_textblock['forum_topic'], null, null,
+                           $remote_ip_info);
 
     // Get a list of attachments.
@@ -309 +316 @@
     foreach ($files as $file) {
         // Copy in db and get new id
-        $new_id = attachment_insert($file['name'], $file['size'], $file['mime_type'], $new_name, identity_get_user_id());
+        $new_id = attachment_insert($file['name'], $file['size'],
+                $file['mime_type'], $new_name, $user_id, $remote_ip_info);
 
         // Copy on hard drive

trunk/common/db/user.php

@@ -150 +150 @@
     $replace = array("user_id" => $user['username']);
     textblock_copy_replace("template/newuser", IA_USER_TEXTBLOCK_PREFIX.$user['username'],
-                           $replace, "public", $new_user['id']);
+                           $replace, "public", $new_user['id'], null);
 
     // Create SMF user

trunk/common/job.php

@@ -78 +78 @@
         if (array_key_exists('round_id', $args)) {
             job_create($args['task_id'], $args['round_id'], $user['id'],
-                    $args['compiler_id'], $args['solution']);
+                    $args['compiler_id'], $args['solution'],
+                    getattr($args, 'remote_ip_info'));
         } else {
             $parent_rounds = task_get_parent_rounds($args['task_id']);
@@ -84 +85 @@
                 // some jobs just don't have a round
                 job_create($args['task_id'], '', $user['id'],
-                        $args['compiler_id'], $args['solution']);
+                        $args['compiler_id'], $args['solution'],
+                        getattr($args, 'remote_ip_info'));
             }
             else {
@@ -90 +92 @@
                     if (security_query($user, 'round-submit', round_get($round_id))) {
                         job_create($args['task_id'], $round_id, $user['id'],
-                                $args['compiler_id'], $args['solution']);
+                                $args['compiler_id'], $args['solution'],
+                                getattr($args, 'remote_ip_info'));
                     }
                 }

trunk/common/log.php

@@ -112 +112 @@
 
 // Use this for warning messages.
-function log_warn($message, $include_origin = false) {
+function log_warn($message, $include_origin = false, $backtrace_level = 0) {
     if ($include_origin) {
-        $message = format_message_backtrace($message);
+        $message = format_message_backtrace($message, $backtrace_level);
     }
     trigger_error_split($message, E_USER_WARNING);

trunk/common/security.php

@@ -103 +103 @@
         case 'round-register-view':
             return 'simple-view';
+
+        // View IP.
+        case 'attach-view-ip':
+        case 'textblock-view-ip':
+        case 'job-view-ip':
+            return 'sensitive-info';
 
         // Reversible edits access.
@@ -245 +251 @@
             }
 
+        case 'sensitive-info':
+            return ($usersec == 'admin' || $usersec == 'helper');
+
         // Reversible modifications.
         case 'simple-rev-edit':
@@ -410 +419 @@
             }
             return $can_view || $is_owner || $is_admin;
+
+        case 'sensitive-info':
+            return ($usersec == 'admin' || $usersec == 'helper');
 
         default:
@@ -466 +478 @@
             }
 
+        case 'sensitive-info':
+            return ($usersec == 'admin' || $usersec == 'helper');
+
         default:
             log_error('Invalid round action: '.$action);
@@ -520 +535 @@
     $can_view_score = ($job['round_public_eval'] == true) || $is_task_owner || $is_admin;
     $can_view_partial_feedback = $is_owner || $is_admin;
+    $can_view_sensitive_info = ($usersec == 'admin' || $usersec == 'helper');
 
     // Log query response.
@@ -550 +566 @@
             return $can_view_job && $can_view_partial_feedback;
 
+        case 'sensitive-info':
+            return $can_view_job && $can_view_sensitive_info;
+
         default:
             log_error('Invalid job action: '.$action);

trunk/common/textblock.php

@@ -149 +149 @@
 //
 // Use this like textblock_copy_replace('template/newtask', 'problema/capsuni');
-function textblock_copy_replace($srcprefix, $dstprefix, $replace, $security, $user_id)
-{
+function textblock_copy_replace($srcprefix, $dstprefix, $replace, $security,
+        $user_id, $remote_ip_info = null) {
     assert($srcprefix != $dstprefix);
     assert(is_textblock_security_descriptor($security));
@@ -174 +174 @@
                 $textblock['text'], $user_id, $textblock['security'],
                 $textblock['forum_topic'], null,
-                $first_textblock['creation_timestamp']);
+                $first_textblock['creation_timestamp'], $remote_ip_info);
     }
 }

trunk/junk/userpage-fix.php

@@ -24 +24 @@
             $replace = array("user_id" => $user['username']);
             textblock_copy_replace("template/newuser", $tbname, $replace,
-                    "public", $user['id']);
+                    "public", $user['id'], null);
         }
     }

trunk/scripts/init-blog-comments

@@ -38 +38 @@
         $new_page['timestamp'] = null;
         $new_page['user_id'] = 1; // update as "domino" :)
+        $new_page['remote_ip_info'] = getattr($post, 'remote_ip_info');
 
         // It worked
@@ -44 +45 @@
                                    $new_page['text'], $new_page['user_id'],
                                    $new_page['security'], $new_page['timestamp'],
-                                   $new_page['creation_timestamp']);
+                                   $new_page['creation_timestamp'],
+                                   $new_page['remote_ip_info']);
         } else {
             log_error('Eroare la validarea textblock-ului!');

trunk/scripts/link-task-forum

@@ -39 +39 @@
                                $new_page['text'], $new_page['user_id'],
                                $new_page['security'], $new_page['timestamp'],
-                               $new_page['creation_timestamp']);
+                               $new_page['creation_timestamp'],
+                               $new_page['remote_ip_info']);
     } else {
         log_error('Eroare la validarea textblock-ului!');

trunk/scripts/migrate-newsletters-to-html

@@ -74 +74 @@
     textblock_add_revision($textblock['name'], $textblock['title'],
             $new_text, $textblock['user_id'], $textblock['security'],
-            $textblock['forum_topic'], null, $textblock['creation_timestamp']);
+            $textblock['forum_topic'], null, $textblock['creation_timestamp'],
+            getattr($textblock. 'remote_ip_info'));
 }
 

trunk/scripts/textblock-add-topic-id

@@ -21 +21 @@
                                $page['user_id'], $page['security'],
                                $page["forum_topic"], $page['timestamp'],
-                               $page['creation_timestamp']);
+                               $page['creation_timestamp'],
+                               getattr($page, 'remote_ip_info'));
     } else {
         log_error('Eroare la procesarea ia_blog_forum!');
@@ -48 +49 @@
                                    $page['user_id'], $page['security'],
                                    $page["forum_topic"], $page['timestamp'],
-                                   $page['creation_timestamp']);
+                                   $page['creation_timestamp'],
+                                   getattr($page, 'remote_ip_info'));
         } else {
             log_error('Eroare la procesarea paginii ' . $page["name"] . '!');

trunk/www/controllers/account.php

@@ -108 +108 @@
                     // Attachment already exists, overwrite.
                     attachment_update($attach['id'], $file_name, $avatar_size,
-                                      $mime_type, $user_page, $user['id']);
+                                      $mime_type, $user_page, $user['id'],
+                                      remote_ip_info());
                 } else {
                     // New attachment. Insert.
                     attachment_insert($file_name, $avatar_size,
-                                      $mime_type, $user_page, $user['id']);
+                                      $mime_type, $user_page, $user['id'],
+                                      remote_ip_info());
                 }
 

trunk/www/controllers/account_validator.php

@@ -7 +7 @@
     $errors = validate_user_data($data, true, null);
 
-    if(!IA_DEVELOPMENT_MODE) {
+    if (!IA_DEVELOPMENT_MODE) {
         $resp = recaptcha_check_answer(IA_CAPTCHA_PRIVATE_KEY,
                                        $_SERVER["REMOTE_ADDR"],

trunk/www/controllers/attachment.php

@@ -178 +178 @@
                 // Attachment already exists, overwrite.
                 identity_require('attach-overwrite', $attach);
-                attachment_update($attach['id'], $file_att['name'], $file_att['size'],
-                                  $file_att['type'], $page_name, $identity_user['id']);
+                attachment_update($attach['id'], $file_att['name'],
+                        $file_att['size'], $file_att['type'], $page_name,
+                        $identity_user['id'], remote_ip_info());
                 $rewrite_count++;
             }
             else {
                 // New attachment. Insert.
-                attachment_insert($file_att['name'], $file_att['size'], $file_att['type'],
-                                  $page_name, $identity_user['id']);
+                attachment_insert($file_att['name'], $file_att['size'],
+                        $file_att['type'], $page_name, $identity_user['id'],
+                        remote_ip_info());
             }
 

trunk/www/controllers/job_filters.php

@@ -7 +7 @@
                                'job_id', 'time_begin', 'time_end', 'compiler',
                                'status', 'score_begin', 'score_end',
-                               'eval_msg', 'task_hidden');
+                               'eval_msg', 'task_hidden', 'remote_ip_info');
 
     $filters = array();

trunk/www/controllers/monitor.php

@@ -13 +13 @@
     $view['filters'] = job_get_filters();
     $view['user_name'] = getattr($identity_user, 'username');
+
     // First row.
     // FIXME: shouldn't this constant be in config.php? 

trunk/www/controllers/round.php

@@ -218 +218 @@
 
             // This should never fail.
-            log_assert(round_create(
-                        $round,
-                        $round_params,
-                        identity_get_user_id()
-            ));
+            log_assert(round_create($round, $round_params,
+                    identity_get_user_id(), remote_ip_info()));
             flash("O noua runda a fost creata, acum poti sa editezi detalii.");
             redirect(url_round_edit($round['id']));

trunk/www/controllers/submit.php

@@ -13 +13 @@
         $values = array(
             'task_id' => getattr($_POST, 'task_id'),
-            'compiler_id' => getattr($_POST, 'compiler_id')
+            'compiler_id' => getattr($_POST, 'compiler_id'),
+            'remote_ip_info' => remote_ip_info(),
         );
 

trunk/www/controllers/task.php

@@ -176 +176 @@
 
             // This should never fail.
-            log_assert(task_create($task, $task_params));
+            log_assert(task_create($task, $task_params, remote_ip_info()));
             flash("Un nou task a fost creeat, acum poti sa-l editezi");
             redirect(url_task_edit($task['id']));

trunk/www/controllers/textblock.php

@@ -144 +144 @@
                            getattr($identity_user, 'id'), $rev['security'],
                            $rev['forum_topic'], null,
-                           $rev['creation_timestamp']);
+                           $rev['creation_timestamp'],
+                           remote_ip_info());
     flash("Pagina a fost inlocuita cu revizia {$rev_num}");
     redirect(url_textblock($page_name));

trunk/www/controllers/textblock_copy.php

@@ -31 +31 @@
 
         if (!$errors) {
-            textblock_copy($page_name, $new_name);
+            textblock_copy($page_name, $new_name, identity_get_user_id(),
+                    remote_ip_info());
             flash("Pagina a fost copiata.");
             redirect(url_textblock($new_name));

trunk/www/controllers/textblock_edit.php

@@ -79 +79 @@
                                    $new_page['forum_topic'],
                                    $new_page['timestamp'],
-                                   $new_page['creation_timestamp']);
+                                   $new_page['creation_timestamp'],
+                                   remote_ip_info());
             if (identity_can('textblock-tag', $new_page)) {
                 tag_update("textblock", $new_page['name'], $values['tags']);

trunk/www/static/css/screen.css

@@ -88 +88 @@
     list-style-type: disc;
 }
-
-
 
 /* block quotes */

trunk/www/utilities.php

@@ -207 +207 @@
 }
 
+// Return information about the remote IP address. Useful for logging.
+// This isn't necessarily just an IP address. It might contain proxy
+// information when available.
+function remote_ip_info() {
+    $ip_address = getattr($_SERVER, 'REMOTE_ADDR');
+    if ($ip_address && !is_valid_ip_address($ip_address)) {
+        log_warn("Invalid IP address: {$ip_address}", true, 1);
+    }
+    // FIXME: Also validate XFF header.
+    if (isset($_SERVER['HTTP_X_FORWARDED_FOR'])) {
+        return getattr($_SERVER, 'REMOTE_ADDR')."; "
+                .$_SERVER['HTTP_X_FORWARDED_FOR'];
+    } else {
+        return getattr($_SERVER, 'REMOTE_ADDR');
+    }
+}
+
 ?>

trunk/www/views/changes.php

@@ -29 +29 @@
             "diff");
 $tstamp = format_date($rev['timestamp']);
-echo "$tstamp: $userlink a modificat $pagelink ($difflink).";
+if (identity_can('textblock-view-ip', $rev) && $rev['remote_ip_info']) {
+    $remote_ip = '('.$rev['remote_ip_info'].') ';
+} else {
+    $remote_ip = '';
+}
+echo "$tstamp: $userlink {$remote_ip}a modificat $pagelink ($difflink).";
 ?>
     </li>

trunk/www/views/job_detail.php

@@ -23 +23 @@
     <th class="task-id">Problema</th>
     <td class="task-id"><?= format_link(url_textblock($job['task_page_name']), $job['task_title']) ?></td>
-    <th class="score">Scor</th>
-    <td class="score"><?= html_escape(is_null($job['score']) ? "Ascuns" : $job['score']) ?></td>
-</tr>
-</tr>
-<tr>
-    <th class="compiler-id">Compilator</th>
-    <td class="compiler-id"><?= html_escape($job['compiler_id']) ?></td>
     <th class="status">Status</th>
     <td class="status"><strong><?= html_escape($job['status']) ?></strong></td>
@@ -35 +28 @@
 <tr>
     <th class="round-id">Runda</th>
-    <td class="round-id" colspan="<?= identity_can('job-view-source', $job) ? 1 : 3 ?>">
+    <td class="round-id">
     <?= format_link(url_textblock($job['round_page_name']), $job['round_title']) ?></td>
-<?php if (identity_can('job-view-source', $job)) { ?>
-    <th class="source">Sursa</th>
-    <td class="source"><?= format_link(url_job_view_source($job['id']), "Vezi sursa") ?></td>
+    <th class="compiler-id">Compilator</th>
+    <td class="compiler-id">
+        <?= html_escape($job['compiler_id']) ?>
+        <?php if (identity_can('job-view-source', $job)) { ?>
+            | <?= format_link(url_job_view_source($job['id']), "Vezi sursa") ?>
+        <?php } ?>
+    </td>
+</tr>
+<tr>
+    <th class="score">Scor</th>
+    <td class="score" colspan="<?= identity_can('job-view-ip', $job) ? 1 : 3 ?>">
+        <?= html_escape(is_null($job['score']) ? "Ascuns" : $job['score']) ?></td>
+<?php if (identity_can('job-view-ip', $job)) { ?>
+    <th class="ip">IP</th>
+    <td class="ip"><?= $job['remote_ip_info'] ? html_escape($job['remote_ip_info']) : '<em>lipseste</em>' ?></td>
 <?php } ?>
 </tr>

trunk/www/views/listattach.php

@@ -48 +48 @@
 }
 
+function format_ip($row) {
+    if ($row['remote_ip_info'] && identity_can('attach-view-ip', $row)) {
+        return html_escape($row['remote_ip_info']);
+    } else {
+        return 'N/A';
+    }
+}
+
 function format_operations($row) {
     global $page_name;
@@ -88 +96 @@
     ),
     array(
+        'title' => 'IP',
+        'rowform' => 'format_ip',
+    ),
+    array(
         'title' => 'Operatii',
         'rowform' => 'format_operations',

trunk/www/views/textblock_history.php

@@ -20 +20 @@
     $title = html_escape($row['title']);
     return "$title";
+}
+
+function format_ip($row) {
+    if ($row['remote_ip_info'] && identity_can('textblock-view-ip', $row)) {
+        return html_escape($row['remote_ip_info']);
+    } else {
+        return 'N/A';
+    }
 }
 
@@ -83 +91 @@
         'valform' => 'format_date',
     ),
-
+    array(
+        'title' => 'IP',
+        'rowform' => 'format_ip',
+    ),
     array(
         'title' => 'Operatii',