HTML Logo by World Wide Web Consortium ( Click to learn more about our commitment to accessibility and standards.

Moving forward with Composr

ocPortal has been relaunched as Composr CMS, which is now in beta. ocPortal 9 will be superseded by Composr 10.

Head over to for our new site, and to our migration roadmap. Existing ocPortal member accounts have been mirrored.

Passwords may be logged to website statistics (#catalogues_508) - Comments

Login / Search

 [ Join | More ]
Title Passwords may be logged to website statistics
Description Passwords of users joining, or editing their passwords, may get logged into the database. Only staff can see this data, but it could cause problems if there is a data breach.

This problem will affect very few users, as the 'Maintain detailed logs' is off by default, and we already warn against using it because it uses a lot of database space.
Affects Users who have enabled 'Maintain detailed logs'
Fix In sources/site.php change:




unset($post2['password']); unset($post2['password_confirm']);

To purge all the logged post data, run this command in OcCLE:



Back to the top

Comments / View

1 guests and 0 members have just viewed this: None
Control functions:

Quick reply   Contract

Your name:
Your message: