webmaster access to all pm by link:
.../modules/pm/readpmsg.php?msg_id=NUMBER

Yep. On the other hand ordinary users can't read all PM as it was the case on the previous version (2.2.3).

if anything its a nice feature

No
i think there is some privacy issues in this bug/feature.
so make the sense:
i have 3-4 webmasters but dont want if they can read users pm.

Webmasters are supposed to have access to everything.

If you cant trust them maybe you should re-evaluate their positions.

If you dont want them to have full access create a new group without admin over PM. I call it the 2 minute fix.

agree with Biteronboard, change their access rights !

I agree that true Webmasters should have this control - perhaps you've elevated them to too high a rank. I like the idea of me being the one true webmaster of the sites I have, and I can appoint "Jr. Webmasters" with more restricted rights.

In any case, I don't think this 'tip' is very useful. You have to type in a lot of numbers to find each post, because if the users delete PMs all the time (mine do), the post is blank.

I have one site for my Jr. High students, and for legal reasons, it is stated that they do not have any right to expect privacy. If you wouldn't say it to someone's face, don't PM it. And I check up on this by going into phpMyAdmin, choosing the database xoops_priv_msgs, browsing it, sorting by msgid, then popping down to the latest page number. To see the whole msg then, I click "print view with full msg texts" at the bottom. A new page opens with a print dialog, cancel that, and there are the messages in order (it actually goes very fast now that I am used to the procedure). I figured this out without knowing a lick of PHP (keep wanting to learn, though). The blank message IDs (deleted messages) do not show up this way, either.

MT

huum it seems it must be explain more.
yes the webmaster must/can access to everything but NOT the privacy of users EASILY.
it is called PM so if users known the webmaster can access their owns in this EASY way they dont trust the site pm anymore.

webmaster access to everythings but not in the EASY way.
you can download the db and read all pms and login with any user id you like, do anything you like.
currentlly webmaster have not access to too many things like:
- login with the user id in the way user dont understand
- user passwords
these are all private and i think it MUST be private.
i dont want anyone even webmaster can read my pms EASILY by click on a link.