When calling logger->notice() don't use t()

Created on 11 January 2018, over 7 years ago

Updated 12 May 2025, 25 days ago

This module has

watchdog('user', t('Session closed for %name - Invalid IP. '.$ip2check, array('%name' => $user->name)));

but this should be

watchdog('user', 'Session closed for %name - Invalid IP: %ip_address', array('%name' => $user->name, '%ip_address' => $ip2check));

Note: Injection of HTML via header could be possible if an HTTP header for IP address is configured, but the output is filtered by filter_xss_admin() so should not be a XSS vulnerability.

🐛 Bug report

Status

Needs work

Version

4.0

Component

Code

Created by

🇺🇸United States mfb San Francisco

Live updates comments and jobs are added and updated live.

Incomplete comments

Comments & Activities

Not all content is available!

It's likely this issue predates Contrib.social: some issue and comment data are missing.

Comment 25 days ago →
🇦🇺Australia darvanen Sydney, Australia
Still a valid request in Drupal 8+ but will need work.

contrib.social Blog FAQ Discussions

Production build 0.71.5 2024