From d6d582a541b90a089aab4155374a14f3eaf6d8c5 Mon Sep 17 00:00:00 2001
From: Ralf Becker <ralfbecker@outdoor-training.de>
Date: Mon, 10 May 2010 12:46:46 +0000
Subject: [PATCH] switching logging per default off and only outputting
 passwords in log-level 2, as documented

---
 phpgwapi/inc/class.egw_digest_auth.inc.php | 14 ++++++++++++--
 1 file changed, 12 insertions(+), 2 deletions(-)

diff --git a/phpgwapi/inc/class.egw_digest_auth.inc.php b/phpgwapi/inc/class.egw_digest_auth.inc.php
index eb4816c24e..6d1e570a01 100644
--- a/phpgwapi/inc/class.egw_digest_auth.inc.php
+++ b/phpgwapi/inc/class.egw_digest_auth.inc.php
@@ -43,7 +43,7 @@ class egw_digest_auth
 	 *  1 = no cleartext passwords
 	 *  2 = all
 	 */
-	const ERROR_LOG = 1;
+	const ERROR_LOG = 0;
 
 	/**
 	 * Callback to be used to create session via header include authenticated via basic or digest auth
@@ -104,7 +104,17 @@ class egw_digest_auth
 		}
 		if (substr($user_pw,0,7) == '{PLAIN}') $user_pw = substr($user_pw,7);
 
-		if (self::ERROR_LOG) error_log(__METHOD__."('$realm','$username','$user_pw') return true");
+		if (self::ERROR_LOG)
+		{
+			if (self::ERROR_LOG > 1)
+			{
+				error_log(__METHOD__."('$realm','$username','$user_pw') return true");
+			}
+			else
+			{
+				error_log(__METHOD__."('$realm','$username',\$user_pw) return true");
+			}
+		}
 		return true;
 	}