Created
May 29, 2018 00:09
-
-
Save Traumflug/74fd0b4c8968fd0184e503d221b13310 to your computer and use it in GitHub Desktop.
Patches for dokuwiki
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
From a1e9fbf517849a613da32ad299ab8a7890cbb64c Mon Sep 17 00:00:00 2001 | |
From: Markus Hitter <mah@jump-ing.de> | |
Date: Tue, 29 May 2018 01:21:21 +0200 | |
Subject: GDPR: remove permanent recording of IP addresses. | |
The simple message it: don't record personal data permanently | |
without user consent. GDPR considers IP addresses to be personal | |
data. As IP addresses are expendable, don't record them (instead | |
of asking for consent). | |
diff --git a/inc/changelog.php b/inc/changelog.php | |
index d77b018..9434f1d 100644 | |
--- a/inc/changelog.php | |
+++ b/inc/changelog.php | |
@@ -26,16 +26,32 @@ function parseChangelogLine($line) { | |
$line = rtrim($line, "\n"); | |
$tmp = explode("\t", $line); | |
if ($tmp!==false && count($tmp)>1) { | |
+ /* | |
+ * To comply with GDPR, IP addresses no longer get recorded. To keep | |
+ * compatibility with older records, we remove it there. The latter is | |
+ * a bit tricky, because we can't distinguish old and new records by | |
+ * the record length. | |
+ */ | |
+ if ( ! in_array($tmp[1], [ | |
+ DOKU_CHANGE_TYPE_CREATE, | |
+ DOKU_CHANGE_TYPE_EDIT, | |
+ DOKU_CHANGE_TYPE_MINOR_EDIT, | |
+ DOKU_CHANGE_TYPE_DELETE, | |
+ DOKU_CHANGE_TYPE_REVERT, | |
+ ])) { | |
+ unset($tmp[1]); | |
+ $tmp = array_values($tmp); | |
+ } | |
+ | |
$info = array(); | |
$info['date'] = (int)$tmp[0]; // unix timestamp | |
- $info['ip'] = $tmp[1]; // IPv4 address (127.0.0.1) | |
- $info['type'] = $tmp[2]; // log line type | |
- $info['id'] = $tmp[3]; // page id | |
- $info['user'] = $tmp[4]; // user name | |
- $info['sum'] = $tmp[5]; // edit summary (or action reason) | |
- $info['extra'] = $tmp[6]; // extra data (varies by line type) | |
- if(isset($tmp[7]) && $tmp[7] !== '') { //last item has line-end|| | |
- $info['sizechange'] = (int) $tmp[7]; | |
+ $info['type'] = $tmp[1]; // log line type | |
+ $info['id'] = $tmp[2]; // page id | |
+ $info['user'] = $tmp[3]; // user name | |
+ $info['sum'] = $tmp[4]; // edit summary (or action reason) | |
+ $info['extra'] = $tmp[5]; // extra data (varies by line type) | |
+ if(isset($tmp[6]) && $tmp[6] !== '') { //last item has line-end|| | |
+ $info['sizechange'] = (int) $tmp[6]; | |
} else { | |
$info['sizechange'] = null; | |
} | |
@@ -78,7 +94,6 @@ function addLogEntry($date, $id, $type=DOKU_CHANGE_TYPE_EDIT, $summary='', $extr | |
$wasRemoved = ($type===DOKU_CHANGE_TYPE_DELETE); | |
if(!$date) $date = time(); //use current time if none supplied | |
- $remote = (!$flagExternalEdit)?clientIP(true):'127.0.0.1'; | |
$user = (!$flagExternalEdit)?$INPUT->server->str('REMOTE_USER'):''; | |
if($sizechange === null) { | |
$sizechange = ''; | |
@@ -89,7 +104,6 @@ function addLogEntry($date, $id, $type=DOKU_CHANGE_TYPE_EDIT, $summary='', $extr | |
$strip = array("\t", "\n"); | |
$logline = array( | |
'date' => $date, | |
- 'ip' => $remote, | |
'type' => str_replace($strip, '', $type), | |
'id' => $id, | |
'user' => $user, | |
@@ -155,7 +169,6 @@ function addMediaLogEntry($date, $id, $type=DOKU_CHANGE_TYPE_EDIT, $summary='', | |
$id = cleanid($id); | |
if(!$date) $date = time(); //use current time if none supplied | |
- $remote = clientIP(true); | |
$user = $INPUT->server->str('REMOTE_USER'); | |
if($sizechange === null) { | |
$sizechange = ''; | |
@@ -166,7 +179,6 @@ function addMediaLogEntry($date, $id, $type=DOKU_CHANGE_TYPE_EDIT, $summary='', | |
$strip = array("\t", "\n"); | |
$logline = array( | |
'date' => $date, | |
- 'ip' => $remote, | |
'type' => str_replace($strip, '', $type), | |
'id' => $id, | |
'user' => $user, | |
@@ -447,13 +459,16 @@ abstract class ChangeLog { | |
* @param int $rev revision timestamp | |
* @return bool|array false or array with entries: | |
* - date: unix timestamp | |
- * - ip: IPv4 address (127.0.0.1) | |
+ * - ip**: IPv4 address (127.0.0.1) | |
* - type: log line type | |
* - id: page id | |
* - user: user name | |
* - sum: edit summary (or action reason) | |
* - extra: extra data (varies by line type) | |
* | |
+ * **) only present in old records, permanent recording of IP addresses | |
+ * was removed to meet GDPR demands. | |
+ * | |
* @author Ben Coburn <btcoburn@silicodon.net> | |
* @author Kate Arzamastseva <pshns@ukr.net> | |
*/ | |
diff --git a/inc/html.php b/inc/html.php | |
index 73ed8ca..5f60261 100644 | |
--- a/inc/html.php | |
+++ b/inc/html.php | |
@@ -405,7 +405,7 @@ function html_revisions($first=0, $media_id = false){ | |
if($revinfo['user']) { | |
$editor = $revinfo['user']; | |
} else { | |
- $editor = $revinfo['ip']; | |
+ $editor = '(unknown editor)'; | |
} | |
$sizechange = $revinfo['sizechange']; | |
} else { | |
@@ -542,11 +542,6 @@ function html_revisions($first=0, $media_id = false){ | |
$form->addElement(form_makeOpenTag('span', array('class' => 'user'))); | |
if($info['user']){ | |
$form->addElement('<bdi>'.editorinfo($info['user']).'</bdi>'); | |
- if(auth_ismanager()){ | |
- $form->addElement(' <bdo dir="ltr">('.$info['ip'].')</bdo>'); | |
- } | |
- }else{ | |
- $form->addElement('<bdo dir="ltr">'.$info['ip'].'</bdo>'); | |
} | |
$form->addElement(form_makeCloseTag('span')); | |
@@ -752,11 +747,6 @@ function html_recent($first = 0, $show_changes = 'both') { | |
$form->addElement(form_makeOpenTag('span', array('class' => 'user'))); | |
if($recent['user']) { | |
$form->addElement('<bdi>' . editorinfo($recent['user']) . '</bdi>'); | |
- if(auth_ismanager()) { | |
- $form->addElement(' <bdo dir="ltr">(' . $recent['ip'] . ')</bdo>'); | |
- } | |
- } else { | |
- $form->addElement('<bdo dir="ltr">' . $recent['ip'] . '</bdo>'); | |
} | |
$form->addElement(form_makeCloseTag('span')); | |
@@ -1045,9 +1035,6 @@ function html_diff_head($l_rev, $r_rev, $id = null, $media = false, $inline = fa | |
$l_info = $changelog->getRevisionInfo($l_rev); | |
if($l_info['user']){ | |
$l_user = '<bdi>'.editorinfo($l_info['user']).'</bdi>'; | |
- if(auth_ismanager()) $l_user .= ' <bdo dir="ltr">('.$l_info['ip'].')</bdo>'; | |
- } else { | |
- $l_user = '<bdo dir="ltr">'.$l_info['ip'].'</bdo>'; | |
} | |
$l_user = '<span class="user">'.$l_user.'</span>'; | |
$l_sum = ($l_info['sum']) ? '<span class="sum"><bdi>'.hsc($l_info['sum']).'</bdi></span>' : ''; | |
@@ -1063,9 +1050,6 @@ function html_diff_head($l_rev, $r_rev, $id = null, $media = false, $inline = fa | |
$r_info = $changelog->getRevisionInfo($r_rev); | |
if($r_info['user']){ | |
$r_user = '<bdi>'.editorinfo($r_info['user']).'</bdi>'; | |
- if(auth_ismanager()) $r_user .= ' <bdo dir="ltr">('.$r_info['ip'].')</bdo>'; | |
- } else { | |
- $r_user = '<bdo dir="ltr">'.$r_info['ip'].'</bdo>'; | |
} | |
$r_user = '<span class="user">'.$r_user.'</span>'; | |
$r_sum = ($r_info['sum']) ? '<span class="sum"><bdi>'.hsc($r_info['sum']).'</bdi></span>' : ''; | |
@@ -1079,9 +1063,6 @@ function html_diff_head($l_rev, $r_rev, $id = null, $media = false, $inline = fa | |
$_info = $changelog->getRevisionInfo($_rev); | |
if($_info['user']){ | |
$_user = '<bdi>'.editorinfo($_info['user']).'</bdi>'; | |
- if(auth_ismanager()) $_user .= ' <bdo dir="ltr">('.$_info['ip'].')</bdo>'; | |
- } else { | |
- $_user = '<bdo dir="ltr">'.$_info['ip'].'</bdo>'; | |
} | |
$_user = '<span class="user">'.$_user.'</span>'; | |
$_sum = ($_info['sum']) ? '<span class="sum"><bdi>'.hsc($_info['sum']).'</span></bdi>' : ''; |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment