maketank/Froxlor
2
0
Fork 0
Code Pull Requests Releases Activity

don't rely on Database-functions for getting sql/sql_root data in error-reporting

Browse Source 
Signed-off-by: Michael Kaufmann (d00p) <d00p@froxlor.org>
This commit is contained in:
Michael Kaufmann (d00p)
2013-12-24 09:48:57 +01:00
parent 1ec41d0f77
commit 9fca6a7953
1 changed files with 17 additions and 11 deletions
Download Patch File Download Diff File Expand all files Collapse all files

28
lib/classes/database/class.Database.php
View File

@@ -328,25 +328,31 @@ class Database {
if ($showerror) { if ($showerror) {
Database::needSqlData(); // include userdata.inc.php
$sqldata = Database::getSqlData(); require FROXLOR_INSTALL_DIR."/lib/userdata.inc.php";
Database::needRoot(true);
Database::needSqlData(); // le format
$sqlrootdata = Database::getSqlData(); if (self::$_needroot == true
&& isset($sql['root_user'])
&& isset($sql['root_password'])
&& (!isset($sql_root) || !is_array($sql_root))
) {
$sql_root = array(0 => array('caption' => 'Default', 'host' => $sql['host'], 'user' => $sql['root_user'], 'password' => $sql['root_password']));
}
// hide username/password in messages // hide username/password in messages
$error_message = $error->getMessage(); $error_message = $error->getMessage();
$error_trace = $error->getTraceAsString(); $error_trace = $error->getTraceAsString();
// error-message // error-message
$error_message = str_replace($sqldata['passwd'], 'DB_UNPRIV_PWD', $error_message); $error_message = str_replace($sql['password'], 'DB_UNPRIV_PWD', $error_message);
$error_message = str_replace($sqlrootdata['passwd'], 'DB_ROOT_PWD', $error_message); $error_message = str_replace($sql_root[0]['password'], 'DB_ROOT_PWD', $error_message);
// error-trace // error-trace
$error_trace = str_replace($sqldata['passwd'], 'DB_UNPRIV_PWD', $error_trace); $error_trace = str_replace($sql['password'], 'DB_UNPRIV_PWD', $error_trace);
$error_trace = str_replace($sqlrootdata['passwd'], 'DB_ROOT_PWD', $error_trace); $error_trace = str_replace($sql_root[0]['password'], 'DB_ROOT_PWD', $error_trace);
// clean up sensitive data // clean up sensitive data
unset($sqldata); unset($sql);
unset($sqlrootdata); unset($sql_root);
if ((isset($theme) && $theme != '') if ((isset($theme) && $theme != '')
&& !isset($_SERVER['SHELL']) || (isset($_SERVER['SHELL']) && $_SERVER['SHELL'] == '') && !isset($_SERVER['SHELL']) || (isset($_SERVER['SHELL']) && $_SERVER['SHELL'] == '')