#99 Logging patch

Dale Blount

Patch to add ability to only allow super admin to view logs


  • Christian Boltz

    Christian Boltz - 2011-05-22

    Your patch hides the link to viewlog.php, but any domain admin can still type viewlog.php in his browser's address bar and view the log. You should add a permission check in viewlog.php to fix this.

    Additionally, our current development version is much different from 2.3.x because we switched to smarty templates. This means the template changes in your patch won't apply to SVN trunk. (Not a real problem, it would be quite easy for me to convert your patch to the smarty templates.)

    That said: is there a special reason why you want to hide the log from your domain admins? I have to admit that I don't see why this would make sense.

  • Dale Blount

    Dale Blount - 2011-05-23

    Hi. Sorry about the old patch, this was before I started using the SVN version.

    The reason I want to have the option to hide the logs is that it logs IPs of the superadmins giving possible targets to gain additional privileges.

    Yes, I know it's quite a long shot.

  • GingerDog

    GingerDog - 2012-04-19
    • status: open --> open-out-of-date
  • GingerDog

    GingerDog - 2012-04-19
    • status: open-out-of-date --> closed-out-of-date

Log in to post a comment.