Security: Fixed leaking database password when can't connect

This fixes this: https://otland.net/threads/myaac-leaking-user-database-password.266095/ Instead now, the error will be logged.
2025-04-26 17:29:21 +02:00 · 2019-12-03 00:36:57 +01:00 · 2019-12-03 00:36:57 +01:00 · a55ec208aa
commit a55ec208aa
parent 1970a00bb6
1 changed files with 6 additions and 8 deletions
--- a/system/database.php
+++ b/system/database.php
@ -110,12 +110,10 @@ defined('MYAAC') or die('Direct access not allowed!');
 			return; // installer will take care of this
 		}

-		die('ERROR: Cannot connect to MySQL database.<br/>' .
-			'Possible reasons:' .
-			'<ul>' .
-				'<li>MySQL is not configured propertly in <i>config.lua</i>.</li>' .
-				'<li>MySQL server is not running.</li>' .
-			'</ul>' . $error);
+		throw new SensitiveException('ERROR: Cannot connect to MySQL database.' . PHP_EOL .
+			'Possible reasons:' . PHP_EOL .
+				'    * MySQL is not configured propertly in config.lua.' . PHP_EOL .
+				'    * MySQL server is not running.' . PHP_EOL .
+			$error->getMessage());

-	}
-?>
+	}