Make ConvertKit_API::create_log() protected

[slaFFik]

Is your feature request related to a problem? Please describe.

When the debugging needs to be enabled on a live site (don't ask, clients' sites), the API key is logged into a publicly available file.
That's because reconfiguring the whole site to make that log file outside of the server access is not possible - so the log file public.
So scrappers etc can accidentally see the API key.

Example of the record:

[2023-07-16T19:58:19.753138+00:00] ck-debug.INFO: GET, Request body: {"api_key":"abc1234567890def"} [] []

Describe the solution you'd like

In order to more or less easily modify the behavior without rewriting the implementation, I'd like to be able to parse the message that is sent - and prevent the API key leaking into the log.

The easiest solution - overload the ConvertKit_API::create_log() method in a parent class that extends the default ConvertKit_API. After that - do the easy search-replace to remove the API key.

Right now it's impossible because that method is private.

Can you please make it protected?

Describe alternatives you've considered

No response

Additional context

No response

[slaFFik]

Well, or one can create own Logger Handler, that will have a write() method that does the str_replace() or whatever. The __contruct() method of the ConvertKit_API class will need to be overloaded though.

But really, it would be much easier to just modify one single create_log() method than going ^ route.

[n7studios]

Thanks. I think this PR handles this better, by:

• adding a parameter to the constructor to define the log file destination,
• automatically mask the API Key and Secret before writing to the log file