summaryrefslogtreecommitdiff
path: root/app/Site.php
diff options
context:
space:
mode:
authorGreg Roach <greg@subaqua.co.uk>2020-05-14 15:17:03 +0100
committerGreg Roach <greg@subaqua.co.uk>2020-05-14 15:17:03 +0100
commit743d1d6315ac635e54507834e798b8f85d4219cb (patch)
tree7ba283bdbfa27e71264a751fda8a0398ea71396c /app/Site.php
parent9574834f892634dcd1a965fc9aa1e04b033cc2bc (diff)
downloadwebtrees-743d1d6315ac635e54507834e798b8f85d4219cb.tar.gz
webtrees-743d1d6315ac635e54507834e798b8f85d4219cb.tar.bz2
webtrees-743d1d6315ac635e54507834e798b8f85d4219cb.zip
Fix: #3242 - do not store sensitive data in the audit log
Diffstat (limited to 'app/Site.php')
-rw-r--r--app/Site.php10
1 files changed, 10 insertions, 0 deletions
diff --git a/app/Site.php b/app/Site.php
index 9b814e37a7..cbbb962fa7 100644
--- a/app/Site.php
+++ b/app/Site.php
@@ -21,6 +21,7 @@ namespace Fisharebest\Webtrees;
use Illuminate\Database\Capsule\Manager as DB;
+use function in_array;
use function mb_substr;
/**
@@ -28,6 +29,11 @@ use function mb_substr;
*/
class Site
{
+ // The following preferences contain sensitive data, and should not be logged.
+ private const SENSITIVE_PREFERENCES = [
+ 'SMTP_AUTH_PASS'
+ ];
+
/**
* Everything from the wt_site_setting table.
*
@@ -78,6 +84,10 @@ class Site
self::$preferences[$setting_name] = $setting_value;
+ if (in_array($setting_name, self::SENSITIVE_PREFERENCES, true)) {
+ $setting_value = '********';
+ }
+
Log::addConfigurationLog('Site preference "' . $setting_name . '" set to "' . $setting_value . '"', null);
}
}