ispCP - Board - Support - VHCS fork

ispCP - Board - Support - VHCS fork > ispCP Omega Contributions Area > Enhancements > Debug mode only for admin user
Full Version: Debug mode only for admin user
You're currently viewing a stripped down version of our content. View the full version with proper formatting.

macbishop

01-16-2008, 09:26 AM
I think that is necessary change the function dump_gui_debug() in /var/www/ispcp/gui/include/debug.php in order that only the admin can use the debug mode into the panel.

Remember that...
Code:
$cfg['DUMP_GUI_DEBUG']==true;
... in /var/www/ispcp/gui/include/ispcp-lib.php to use this function
Code:
function dump_gui_debug()
{
    if (isset($_SESSION['user_logged']) && $_SESSION['user_logged']=='admin' || isset($_SESSION['logged_from']) && $_SESSION['logged_from'] == 'admin'){
        echo '<font color="#0000FF"><u>Content of <b>$_SESSION</b>:</u><br /></font>';
        echo '<pre>';
        echo htmlentities(print_r($_SESSION, true));
        echo '</pre>';
        echo '<font color="#0000FF"><u>Content of <b>$_POST</b>:</u><br /></font>';
        echo '<pre>';
        echo htmlentities(print_r($_POST,    true));
        echo '</pre>';
        echo '<font color="#0000FF"><u>Content of <b>$_GET</b>:</u><br /></font>';
        echo '<pre>';
        echo htmlentities(print_r($_GET,     true));
        echo '</pre>';
        echo '<font color="#0000FF"><u>Content of <b>$_COOKIE</b>:</u><br /></font>';
        echo '<pre>';
        echo htmlentities(print_r($_COOKIE,  true));
        echo '</pre>';
        echo '<font color="#0000FF"><u>Content of <b>$_FILES</b>:</u><br /></font>';
        echo '<pre>';
        echo htmlentities(print_r($_FILES,   true));
        echo '</pre>';
        echo '<font color="#0000FF"><u>Content of <b>$GLOBALS</b>:</u><br /></font>';
        echo '<pre>';
        echo htmlentities(print_r($GLOBALS,  true));
        echo '</pre>';
        echo '<font color="#0000FF"><u>Content of <b>$_SERVER</b>:</u><br /></font>';
        echo '<pre>';
        echo htmlentities(print_r($_SERVER,  true));
        echo '</pre>';
    }else{
        exit;
    }
}

raphael

01-17-2008, 08:37 AM
What would the use of that be? that var should only be enabled by developers or by testers (who obviously won't test something on a production server with real users).

And in case it is added I'd recommend to add an other option to disable the "only for admins" check. Why? some day there might be a bug which can't be spotted by admins but only by *real* users (admin level: user)

macbishop

01-17-2008, 09:21 AM
raphael Wrote:What would the use of that be?
In production case, if in some moment I want to see the variables for testing something, I don't want that the users or resellers can see.

raphael Wrote:And in case it is added I'd recommend to add an other option to disable the "only for admins" check.
On asume that the tester have knowledge and privileges to change 'admin' for 'user' or 'reseller' in the function. Also ist'n difficult to create a $cfg variable in /etc/ispcp/ispcp.conf and deploy in the function.

joximu

01-17-2008, 09:25 AM
So, it should be visible only for a certain session - or a certain remote IP???

macbishop

01-17-2008, 10:45 AM
joximu Wrote:So, it should be visible only for a certain session

For me only for admin logged or logged from.
Is my opinionSmile

joximu Wrote:or a certain remote IP

It's another viewpoint. and very valid if the tester have a static IP
Isn't difficult to resolve it with $_SERVER['REMOTE_ADDR']

If you want I can fix the code for that.Smile
ispCP - Board - Support - VHCS fork > ispCP Omega Contributions Area > Enhancements > Debug mode only for admin user
Reference URL's