Skip to content

Overriding logging function

minhaz edited this page Aug 16, 2014 · 3 revisions

In CSRFP, logs are added to log files in directory specified in config file. Separate log files are created for each month and logs are added in JSON format so that it can be easily parsed. However you can modify the logging functionality in different ways:

Method 1: Modify the library

you can directly modify ./libs/csrf/csrfprotector.php csrfprotector::logCSRFattack() function and write in your desirable method. However this is not recommended as you may break the library itself.

Method 2: inherit & override

you can create another class, inherit the csrfprotector library and create your own custom logging function. Here's a simple example to do this:

// say this is new_class.php created at ./libs/csrf/
include_once __DIR__ ."/csrfprotector.php";
class new_class extends csrfprotector 
{
    public static function logCSRFattack() {
        /* your code here */
    }
};

Now in your application use this code:

include_once __DIR__ ."/csrfp/libs/csrf/new_class.php";
new_class::init();

This will initiate the whole process with logging function as implemented in new_class