--- a/includes/plugins.php	Wed Apr 09 22:45:51 2008 -0400
+++ b/includes/plugins.php	Thu Apr 10 07:58:56 2008 -0400
@@ -451,6 +451,16 @@
       }
     }
     
+    // log action
+    $time        = time();
+    $ip_db       = $db->escape($_SERVER['REMOTE_ADDR']);
+    $username_db = $db->escape($session->username);
+    $file_db     = $db->escape($filename);
+    $q = $db->sql_query('INSERT INTO '.table_prefix."logs(log_type, action, time_id, edit_summary, author, page_text) VALUES\n"
+                      . "  ('security', 'plugin_install', $time, '$ip_db', '$username_db', '$file_db');");
+    if ( !$q )
+      $db->_die();
+    
     // register plugin
     $version_db = $db->escape($dataset['version']);
     $filename_db = $db->escape($filename);
@@ -555,6 +565,16 @@
       }
     }
     
+    // log action
+    $time        = time();
+    $ip_db       = $db->escape($_SERVER['REMOTE_ADDR']);
+    $username_db = $db->escape($session->username);
+    $file_db     = $db->escape($filename);
+    $q = $db->sql_query('INSERT INTO '.table_prefix."logs(log_type, action, time_id, edit_summary, author, page_text) VALUES\n"
+                      . "  ('security', 'plugin_uninstall', $time, '$ip_db', '$username_db', '$file_db');");
+    if ( !$q )
+      $db->_die();
+    
     // deregister plugin
     $q = $db->sql_query('DELETE FROM ' . table_prefix . "plugins WHERE plugin_id = {$dataset['plugin id']};");
     if ( !$q )
@@ -766,6 +786,16 @@
       }
     }
     
+    // log action
+    $time        = time();
+    $ip_db       = $db->escape($_SERVER['REMOTE_ADDR']);
+    $username_db = $db->escape($session->username);
+    $file_db     = $db->escape($filename);
+    $q = $db->sql_query('INSERT INTO '.table_prefix."logs(log_type, action, time_id, edit_summary, author, page_text) VALUES\n"
+                      . "  ('security', 'plugin_upgrade', $time, '$ip_db', '$username_db', '$file_db');");
+    if ( !$q )
+      $db->_die();
+    
     // update version number
     $version = $db->escape($dataset['version']);
     $q = $db->sql_query('UPDATE ' . table_prefix . "plugins SET plugin_version = '$version' WHERE plugin_id = {$dataset['plugin id']};");

--- a/language/english/admin.json	Wed Apr 09 22:45:51 2008 -0400
+++ b/language/english/admin.json	Thu Apr 10 07:58:56 2008 -0400
@@ -874,6 +874,9 @@
       entry_magick_path: 'Changed path to ImageMagick executable',
       entry_plugin_disable: 'Disabled plugin: %plugin%',
       entry_plugin_enable: 'Enabled plugin:  %plugin%',
+      entry_plugin_install: 'Installed plugin:  %plugin%',
+      entry_plugin_uninstall: 'Uninstalled plugin:  %plugin%',
+      entry_plugin_upgrade: 'Upgraded plugin:  %plugin%',
       entry_seclog_unauth: 'Unauthorized attempt to call security log fetcher',
       entry_u_from_admin: 'User %username% demoted from Administrators group',
       entry_u_from_mod: 'User %username% demoted from Moderators group',

--- a/plugins/admin/PluginManager.php	Wed Apr 09 22:45:51 2008 -0400
+++ b/plugins/admin/PluginManager.php	Thu Apr 10 07:58:56 2008 -0400
@@ -215,6 +215,18 @@
                 );
                 break;
               }
+              
+              // log action
+              $time        = time();
+              $ip_db       = $db->escape($_SERVER['REMOTE_ADDR']);
+              $username_db = $db->escape($session->username);
+              $file_db     = $db->escape($request['plugin']);
+              // request['mode'] is TRUSTED - the case statement will only process if it is one of {enable,disable}.
+              $q = $db->sql_query('INSERT INTO '.table_prefix."logs(log_type, action, time_id, edit_summary, author, page_text) VALUES\n"
+                                . "  ('security', 'plugin_{$request['mode']}', $time, '$ip_db', '$username_db', '$file_db');");
+              if ( !$q )
+                $db->_die();
+              
               // perform update
               $q = $db->sql_query('UPDATE ' . table_prefix . "plugins SET plugin_flags = $flags_col WHERE plugin_id = {$dataset['plugin id']};");
               if ( !$q )

--- a/plugins/admin/SecurityLog.php	Wed Apr 09 22:45:51 2008 -0400
+++ b/plugins/admin/SecurityLog.php	Thu Apr 10 07:58:56 2008 -0400
@@ -164,6 +164,9 @@
     case "magick_path"     : $return .= $lang->get('acpsl_entry_magick_path')     ; break;
     case "plugin_disable"  : $return .= $lang->get('acpsl_entry_plugin_disable'   , array('plugin' => $r['page_text'])); break;
     case "plugin_enable"   : $return .= $lang->get('acpsl_entry_plugin_enable'    , array('plugin' => $r['page_text'])); break;
+    case "plugin_install"  : $return .= $lang->get('acpsl_entry_plugin_install'   , array('plugin' => $r['page_text'])); break;
+    case "plugin_uninstall": $return .= $lang->get('acpsl_entry_plugin_uninstall' , array('plugin' => $r['page_text'])); break;
+    case "plugin_upgrade"  : $return .= $lang->get('acpsl_entry_plugin_upgrade'   , array('plugin' => $r['page_text'])); break;
     case "seclog_unauth"   : $return .= $lang->get('acpsl_entry_seclog_unauth')   ; break;
     case "u_from_admin"    : $return .= $lang->get('acpsl_entry_u_from_admin'     , array('username' => $r['page_text'])); break;
     case "u_from_mod"      : $return .= $lang->get('acpsl_entry_u_from_mod'       , array('username' => $r['page_text'])); break;