[REQ] Limit visibility of debug information

[rct2·com]

It would be very very simple to limit the debug information so that it is displayed to root admin only. This would greatly help security while trying to debug a problem on a 'live' board.

While it's good practice to test and debug on a pre-production install, sometimes bugs can only be discovered and properly diagnosed on a live board.

[mld11]

There is no set "Root Admin" group, unless you make it so every other usergroup with ACP access cannot Edit, Create, Move, Delete, Manage, etc. any administrator usergroup / user. But to display the debug information for a specific usergroup, you could do a simple template edit to check the usergroup id, example:

if ($this->memberData['member_group_id'] == '4') { //Replace 4 with the Root Admin group

//print out sql debug code here

}

Since I was in the mood, here is a step-by-step tutorial, enjoy. 1. Sign into your ACP. 2. Goto Look & Feel. 3. Select a skin drop down, and select Manage Templates & CSS. 4. Under Global Templates, open the file called globalTemplate. Find:

<if test="showdebuglevel:|:$this->memberData['member_id'] and $this->settings['debug_level']">

<li><img src='{$this->settings['img_url']}/stats_time.png' alt='{$this->lang->words['icon']}' /> {$stats['ex_time']} {$this->lang->words['stats_sec']}</li>

<li><img src='{$this->settings['img_url']}/stats_server.png' alt='{$this->lang->words['icon']}' /> {$stats['server_load']}</li>

<li><img src='{$this->settings['img_url']}/stats_database.png' alt='{$this->lang->words['icon']}' /> {$stats['queries']} <if test="sqldebuglink:|:IPS_SQL_DEBUG_MODE"><a href='{parse url="{$this->settings['query_string_safe']}&amp;debug=1" base="public"}'></if>{$this->lang->words['stats_queries']}<if test="closesqldebuglink:|:IPS_SQL_DEBUG_MODE"></a></if></li>

<li><img src='{$this->settings['img_url']}/stats_compression.png' alt='{$this->lang->words['icon']}' /> {$stats['gzip_status']}</li>

Replace with:

<if test="$this->memberData['member_group_id'] == '4'">

<if test="showdebuglevel:|:$this->memberData['member_id'] and $this->settings['debug_level']">

<li><img src='{$this->settings['img_url']}/stats_time.png' alt='{$this->lang->words['icon']}' /> {$stats['ex_time']} {$this->lang->words['stats_sec']}</li>

<li><img src='{$this->settings['img_url']}/stats_server.png' alt='{$this->lang->words['icon']}' /> {$stats['server_load']}</li>

<li><img src='{$this->settings['img_url']}/stats_database.png' alt='{$this->lang->words['icon']}' /> {$stats['queries']} <if test="sqldebuglink:|:IPS_SQL_DEBUG_MODE"><a href='{parse url="{$this->settings['query_string_safe']}&amp;debug=1" base="public"}'></if>{$this->lang->words['stats_queries']}<if test="closesqldebuglink:|:IPS_SQL_DEBUG_MODE"></a></if></li>

<li><img src='{$this->settings['img_url']}/stats_compression.png' alt='{$this->lang->words['icon']}' /> {$stats['gzip_status']}</li>

</if>

Now it will only be shown for the usergroup id you set. (Make sure to edit the 4 to the Root Admin group id!)


PS: This should be moved to IP.Board in Peer-to-Peer Technical Support.

[rct2·com]

Thanks.

Mine is a request that this should be built in as default. I seem to remember that it was put into RC1. If it can be achieved by a skin edit, that's fine. But I'd prefer for it NOT to be moved to Peer-to-Peer as it's a request for it to be standard feature.

Those edits do not hide the information I'm talking about by the way. I'm referring to all the Developer Mode debug information. It's very sensitive, revealing file paths for example.


Note to self: Stop referring to 'Root Admin' :)

[Wolfie]

You could just add a setting that will let you pick which groups can view it and make a slight change to the same template above so that you can choose/change multiple groups without having to edit the skin each time. :)

To control the small debug information (on the same bar as the skin/language selector)...
Find:

<if test="showdebuglevel:|:$this->memberData['member_id'] and $this->settings['debug_level']">

Replace with:

<if test="showdebuglevel:|:$this->memberData['member_id'] and $this->settings['debug_level'] and in_array( $this->memberData['member_group_id'], explode( ",", $this->settings['debug_groups'] ) ) ">

To limit the debug information that shows below the bar (when debug level is 2 or 3)... Find:

<!--DEBUG_STATS-->

Replace with:

<if test="in_array( $this->memberData['member_group_id'], explode( ",", $this->settings['debug_groups'] ) ) "><!--DEBUG_STATS--></if>

Edit: added setting file to use. Just import it and the above skin edits will work wonders for you. :)

settingGroup_general-debug_groups.xml

[rct2·com]

Hopefully .Wolfie, ( +1 :) ) your code will be incorporated into the product. I think it should be generally available and we should not be required to edit it in.

[Wolfie]

The only problem is that it wouldn't work for secondary groups. I'm not sure how to easily check/compare that part yet. The other alternative would be to limit it to those with ACP access.

[mld11]

Either that or limit it by member id's, then you don't have to worry about entire groups (primary or secondary).

[Wolfie]

Yeah, good luck on remembering each persons member ID that you want to include or remove. And you don't want to have it give you a massive list of members to pick and choose, especially if you have over 1,000 members...

[Andy Badwool]

Bump, this should be added to IPB!

[media]

yes it should be visible to only admin group....

I just realize that, I have changed my admin directory folder name but this debug is showing that to everyone... :) Not good...

I agree should be only available to admin group...

Thanks