kashire/lainchan
4
0
Fork 0
Code Issues 1 Pull Requests Releases Wiki Activity

SECURITY: Remove $config[db][password] when $config[debug] is TRUE

Browse Source
This commit is contained in:
Fredrick Brennan 2014-05-19 13:39:30 -04:00 committed by czaks
parent c878b308bf
commit f6e97b6e73
1 changed files with 12 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
inc/display.php
View File

@ -109,6 +109,18 @@ function error($message, $priority = true, $debug_stuff = false) {
)));
}
$pw = $config['db']['password'];
$debug_callback = function(&$item) use (&$debug_callback, $pw) {
global $config;
if (is_array($item)) {
$item = array_filter($item, $debug_callback);
}
return ($item !== $pw || !$pw);
};
$debug_stuff = array_filter($debug_stuff, $debug_callback);
die(Element('page.html', array(
'config' => $config,
'title' => _('Error'),