View Issue Details

IDProjectCategoryView StatusLast Update
0025446mantisbtuipublic2019-03-16 20:20
Reportercproensa Assigned Toatrol  
PrioritynormalSeverityminorReproducibilityhave not tried
Status closedResolutionfixed 
Product Version2.20.0 
Target Version2.20.0Fixed in Version2.20.0 
Summary0025446: 'show_queries_count' is a global setting, but 'show_memory_usage', 'show_timer' are not
Description

Seems like show_queries_count should have the same setting status than the other options: show_memory_usage, show_timer as they all affect the same behaviour in showing some info on the page.
Additionally, it's good to be able to set them individually, for example, only to some administrator users.
So i think show_queries_count could be taken outside of the global-only settings without harm.

Thoughts?

TagsNo tags attached.

Activities

atrol

atrol

2019-02-07 03:15

developer   ~0061431

PR https://github.com/mantisbt/mantisbt/pull/1460

vboctor

vboctor

2019-02-08 22:17

manager   ~0061458

I believe config options that are related to instrumentation and diagnostics should be required to be global, since they can expose information about the server, overwrite a critical file with a log file, etc. These should be controlled via IT admin / hoster via config_inc.php and not by MantisBT administrator. Of course, if both personas are the same person, then it is not an issue.

atrol

atrol

2019-02-09 15:11

developer   ~0061468

In general, I prefer config_get_global for such kind of settings, because of better performance and security.

As mentioned by @cproensa there is no reason to prevent setting show_queries_count in database as long as we allow settings like show_memory_usage, show_timer to be set in database.
I created the PR to harmonize the settings.

I think we should merge the PR and start the general discussion in #25460 (IMO something that could just be changed in 3.x)

vboctor

vboctor

2019-02-16 17:03

manager   ~0061508

@atrol I would rather move these diagnostics configs to global rather than moving them the other way around. See reasoning at 0025460:0061507.

cproensa

cproensa

2019-02-16 20:24

developer   ~0061509

I understand the reasons for #0025460. But also the settings referenced here don't have any impact on security, or side effects with application functionality, system files, etc.

I think the point here is: all of them should have the same treatment. I don't really mind if it's to use them as config-file only, or not.

atrol

atrol

2019-02-17 05:14

developer   ~0061512

I don't really mind if it's to use them as config-file only, or not.

Ok, so there is now PR https://github.com/mantisbt/mantisbt/pull/1466

Related Changesets

MantisBT: master 9be5a953

2019-02-16 23:50

atrol


Details Diff
Remove unused function helper_show_query_count

Issue 0025446
Affected Issues
0025446
mod - core/helper_api.php Diff File

MantisBT: master 3965532b

2019-02-17 00:08

atrol


Details Diff
Don't allow show_timer and show_memory_usage to be set in database

Harmonize options with treatment of show_queries_count

Fixes 0025446
Affected Issues
0025446
mod - config_defaults_inc.php Diff File
mod - core/layout_api.php Diff File