View Issue Details
| ID | Project | Category | View Status | Date Submitted | Last Update |
|---|---|---|---|---|---|
| 0004949 | OXID eShop (all versions) | 4.01. Database handling | public | 2013-02-20 16:43 | 2013-02-20 16:46 |
| Reporter | ldierks | Assigned To | |||
| Priority | immediate | Severity | crash | Reproducibility | random |
| Status | resolved | Resolution | duplicate | ||
| Product Version | 4.7.3 / 5.0.3 revision 54408 | ||||
| Summary | 0004949: ADODB_Exception reveals ALL database access codes | ||||
| Description | I had the ADODB_Exception from time to time in different shop integrations. This time I recognized that it contains the whole access keys to the DB in the stack trace: 2013-02-20 16:20:58exception 'ADODB_Exception' with message 'mysql error: [0: ] in CONNECT(mysql5.webfrisch.kunden-webseiten.de, 'db363558_35', '****', db363558_35) ' in /kunden/363558_49084/webseiten/live/printitall/core/adodblite/adodb-exceptions.inc.php:84 Stack trace: #0 /kunden/363558_49084/webseiten/live/printitall/core/adodblite/adodbSQL_drivers/mysql/mysql_driver.inc(61): adodb_throw('mysql', 'CONNECT', 0, '', 'mysql5.webfrisc...', 'db363558_35', Object(object_ADOConnection)) #1 /kunden/363558_49084/webseiten/live/printitall/core/adodblite/adodb-perf.inc.php(84): mysql_driver_ADOConnection->_connect('mysql5.webfrisc...', 'db363558_35', [HERE THE PASSWORD], 'db363558_35', false, true) #2 /kunden/363558_49084/webseiten/live/printitall/core/adodblite/adodb.inc.php(313): adodb_log_sql(Object(object_ADOConnection), 'SET @@session.s...', false) #3 /kunden/363558_49084/webseiten/live/printitall/core/oxdb.php(310): ADOConnection->Execute('SET @@session.s...') #4 /kunden/363558_49084/webseiten/live/printitall/core/oxdb.php(441): oxDb->_setUp(Object(object_ADOConnection)) #5 /kunden/363558_49084/webseiten/live/printitall/core/oxdb.php(495): oxDb->_getDbInstance() #6 /kunden/363558_49084/webseiten/live/printitall/core/oxconfig.php(603): oxDb::getDb() #7 /kunden/363558_49084/webseiten/live/printitall/core/oxconfig.php(422): oxConfig->_loadVarsFromDb('oxbaseshop') #8 /kunden/363558_49084/webseiten/live/printitall/core/oxconfig.php(352): oxConfig->init() #9 /kunden/363558_49084/webseiten/live/printitall/core/oxconfig.php(2008): oxConfig->getConfigParam('blProductive') #10 /kunden/363558_49084/webseiten/live/printitall/core/oxshopcontrol.php(602): oxConfig->isProductiveMode() 0000011 /kunden/363558_49084/webseiten/live/printitall/core/oxshopcontrol.php(123): oxShopControl->_runOnce() 0000012 /kunden/363558_49084/webseiten/live/printitall/core/oxid.php(40): oxShopControl->start() 0000013 /kunden/363558_49084/webseiten/live/printitall/index.php(28): Oxid::run() 0000014 {main} I think this is e very critical issue as the Exception is printed in the Browser and visible to everyone! | ||||
| Steps To Reproduce | Provoke an ADODB_Exception. | ||||
| Tags | No tags attached. | ||||
| Theme | Both | ||||
| Browser | All | ||||
| PHP Version | any | ||||
| Database Version | any | ||||
| duplicate of | 0003655 | resolved | aurimas.gladutis | ADODB_Exception: Stack trace shows user/pass for database connection |
