From 991762b1e83804b4c9d453bbcc1b44ea2b3227b2 Mon Sep 17 00:00:00 2001 From: =?utf8?q?Roland=20H=C3=A4der?= Date: Tue, 26 Feb 2013 22:28:33 +0000 Subject: [PATCH] Secure sensetive data --- inc/db/lib-mysql3.php | 18 ++++++++++++++++++ 1 file changed, 18 insertions(+) diff --git a/inc/db/lib-mysql3.php b/inc/db/lib-mysql3.php index e20b271d44..29c5541a77 100644 --- a/inc/db/lib-mysql3.php +++ b/inc/db/lib-mysql3.php @@ -355,6 +355,24 @@ function SQL_ERROR ($file, $line, $message) { // Remember plain error in last_sql_error $GLOBALS['last_sql_error'] = mysql_error(); + // Is login set? + if (isset($GLOBALS['mysql']['login'])) { + // Secure login name in message + $message = str_replace($GLOBALS['mysql']['login'], '***', $message); + } // END - if + + // Is database password set? + if (isset($GLOBALS['mysql']['password'])) { + // Secure password in message + $message = str_replace($GLOBALS['mysql']['password'], '***', $message); + } // END - if + + // Is database name set? + if (isset($GLOBALS['mysql']['dbase'])) { + // Secure database name in message + $message = str_replace($GLOBALS['mysql']['dbase'], '***', $message); + } // END - if + // Is there installation phase? if (isInstallationPhase()) { /* -- 2.39.5