From df0eeb8089a9a8c52f485b8028d06770169708a6 Mon Sep 17 00:00:00 2001 From: Joas Schilling Date: Thu, 24 Nov 2016 13:58:03 +0100 Subject: [PATCH] Don't log the user password in case something goes wrong Signed-off-by: Joas Schilling --- apps/admin_audit/lib/actions/action.php | 24 +++++++++++++++++------- apps/admin_audit/lib/actions/auth.php | 6 ++++-- 2 files changed, 21 insertions(+), 9 deletions(-) diff --git a/apps/admin_audit/lib/actions/action.php b/apps/admin_audit/lib/actions/action.php index 0525910f8d..2d03667586 100644 --- a/apps/admin_audit/lib/actions/action.php +++ b/apps/admin_audit/lib/actions/action.php @@ -41,18 +41,28 @@ class Action { * @param string $text * @param array $params * @param array $elements + * @param bool $obfuscateParameters */ public function log($text, array $params, - array $elements) { + array $elements, + $obfuscateParameters = false) { foreach($elements as $element) { if(!isset($params[$element])) { - $this->logger->critical( - sprintf( - '$params["'.$element.'"] was missing. Transferred value: %s', - print_r($params, true) - ) - ); + if ($obfuscateParameters) { + $this->logger->critical( + '$params["'.$element.'"] was missing.', + ['app' => 'admin_audit'] + ); + } else { + $this->logger->critical( + sprintf( + '$params["'.$element.'"] was missing. Transferred value: %s', + print_r($params, true) + ), + ['app' => 'admin_audit'] + ); + } return; } } diff --git a/apps/admin_audit/lib/actions/auth.php b/apps/admin_audit/lib/actions/auth.php index c035cf785f..405ea5e6d2 100644 --- a/apps/admin_audit/lib/actions/auth.php +++ b/apps/admin_audit/lib/actions/auth.php @@ -34,7 +34,8 @@ class Auth extends Action { $params, [ 'uid', - ] + ], + true ); } @@ -44,7 +45,8 @@ class Auth extends Action { $params, [ 'uid', - ] + ], + true ); }