From 94f3b99ad09a09f0ca2ab61458024be1644f4ffa Mon Sep 17 00:00:00 2001
From: "Michael Kaufmann (d00p)" <d00p@froxlor.org>
Date: Thu, 11 Jun 2015 21:00:45 +0200
Subject: [PATCH] do not show error-trace / sensitive data when db-server is
 down or login credentials are wrong

Signed-off-by: Michael Kaufmann (d00p) <d00p@froxlor.org>
---
 lib/classes/database/class.Database.php | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/lib/classes/database/class.Database.php b/lib/classes/database/class.Database.php
index 7a5ccc81..7c39ecfb 100644
--- a/lib/classes/database/class.Database.php
+++ b/lib/classes/database/class.Database.php
@@ -365,6 +365,11 @@ class Database {
 			$error_trace = str_replace($sql['password'], 'DB_UNPRIV_PWD', $error_trace);
 			$error_trace = str_replace($sql_root[0]['password'], 'DB_ROOT_PWD', $error_trace);
 
+			if ($error->getCode() == 2003) {
+			    $error_message = "Unable to connect to database. Either the mysql-server is not running or your user/password is wrong.";
+			    $error_trace = "";
+			}
+
 			// clean up sensitive data
 			unset($sql);
 			unset($sql_root);