ispCP - Board - Support
Debug mode only for admin user - Printable Version

+- ispCP - Board - Support (http://www.isp-control.net/forum)
+-- Forum: ispCP Omega Contributions Area (/forum-40.html)
+--- Forum: Enhancements (/forum-43.html)
+--- Thread: Debug mode only for admin user (/thread-2167.html)

Debug mode only for admin user - macbishop - 01-16-2008 09:26 AM

I think that is necessary change the function dump_gui_debug() in /var/www/ispcp/gui/include/debug.php in order that only the admin can use the debug mode into the panel.

Remember that...
Code:
$cfg['DUMP_GUI_DEBUG']==true;
... in /var/www/ispcp/gui/include/ispcp-lib.php to use this function
Code:
function dump_gui_debug()
{
    if (isset($_SESSION['user_logged']) && $_SESSION['user_logged']=='admin' || isset($_SESSION['logged_from']) && $_SESSION['logged_from'] == 'admin'){
        echo '<font color="#0000FF"><u>Content of <b>$_SESSION</b>:</u><br /></font>';
        echo '<pre>';
        echo htmlentities(print_r($_SESSION, true));
        echo '</pre>';
        echo '<font color="#0000FF"><u>Content of <b>$_POST</b>:</u><br /></font>';
        echo '<pre>';
        echo htmlentities(print_r($_POST,    true));
        echo '</pre>';
        echo '<font color="#0000FF"><u>Content of <b>$_GET</b>:</u><br /></font>';
        echo '<pre>';
        echo htmlentities(print_r($_GET,     true));
        echo '</pre>';
        echo '<font color="#0000FF"><u>Content of <b>$_COOKIE</b>:</u><br /></font>';
        echo '<pre>';
        echo htmlentities(print_r($_COOKIE,  true));
        echo '</pre>';
        echo '<font color="#0000FF"><u>Content of <b>$_FILES</b>:</u><br /></font>';
        echo '<pre>';
        echo htmlentities(print_r($_FILES,   true));
        echo '</pre>';
        echo '<font color="#0000FF"><u>Content of <b>$GLOBALS</b>:</u><br /></font>';
        echo '<pre>';
        echo htmlentities(print_r($GLOBALS,  true));
        echo '</pre>';
        echo '<font color="#0000FF"><u>Content of <b>$_SERVER</b>:</u><br /></font>';
        echo '<pre>';
        echo htmlentities(print_r($_SERVER,  true));
        echo '</pre>';
    }else{
        exit;
    }
}


RE: Debug mode only for admin user - raphael - 01-17-2008 08:37 AM

What would the use of that be? that var should only be enabled by developers or by testers (who obviously won't test something on a production server with real users).

And in case it is added I'd recommend to add an other option to disable the "only for admins" check. Why? some day there might be a bug which can't be spotted by admins but only by *real* users (admin level: user)

RE: Debug mode only for admin user - macbishop - 01-17-2008 09:21 AM

raphael Wrote:What would the use of that be?
In production case, if in some moment I want to see the variables for testing something, I don't want that the users or resellers can see.

raphael Wrote:And in case it is added I'd recommend to add an other option to disable the "only for admins" check.
On asume that the tester have knowledge and privileges to change 'admin' for 'user' or 'reseller' in the function. Also ist'n difficult to create a $cfg variable in /etc/ispcp/ispcp.conf and deploy in the function.

RE: Debug mode only for admin user - joximu - 01-17-2008 09:25 AM

So, it should be visible only for a certain session - or a certain remote IP???

RE: Debug mode only for admin user - macbishop - 01-17-2008 10:45 AM

joximu Wrote:So, it should be visible only for a certain session

For me only for admin logged or logged from.
Is my opinionSmile

joximu Wrote:or a certain remote IP

It's another viewpoint. and very valid if the tester have a static IP
Isn't difficult to resolve it with $_SERVER['REMOTE_ADDR']

If you want I can fix the code for that.Smile