php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login

go to bug id or search bugs for

Bug #46275 Your database login-data is displayed when a PDO-driver isn't available.
Submitted: 2008-10-11 09:13 UTC Modified: 2008-10-11 10:18 UTC
Votes:1
Avg. Score:5.0 ± 0.0
Reproduced:1 of 1 (100.0%)
Same Version:1 (100.0%)
Same OS:1 (100.0%)
From: info at jonathanhogervorst dot com Assigned:
Status: Not a bug Package: PDO related
PHP Version: 5.2.6 OS: CentOS 4.5
Private report: No CVE-ID: None
View Developer Edit
Welcome back! If you're the original bug submitter, here's where you can edit the bug or add additional notes.
If you forgot your password, you can retrieve your password here.
Password:
Status:
Package:
Bug Type:
Summary:
From: info at jonathanhogervorst dot com
New email:
PHP Version: OS:

 

 [2008-10-11 09:13 UTC] info at jonathanhogervorst dot com 
Description:
------------
I'm using PDO to connect to a MySQL-database. I moved my website to a  
new server, and when I opened the site I saw an error saying that the 
MySQL-plugin for PDO wasn't installed. In the error-text was my MySQL 
login-data displayed.

Reproduce code:
---------------
Run this code on a server without the MySQL-plugin for PDO:
<?php
$db = new PDO('mysql:host=host;dbname=db', 'usr', 'pass');
?>

Expected result:
----------------
A PDO-object in $db.

Actual result:
--------------
Fatal error: Uncaught exception 'PDOException' with message 'could 
not find driver' in /home/***/domains/***/public_html/db.php:2 Stack 
trace: #0 /home/***/domains/***/public_html/***.php(2): PDO-
>__construct('mysql:host=host...', 'usr', 'pass') #1 {main} thrown in 
/home/***/domains/***/public_html/db.php on line 2

Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2008-10-11 10:18 UTC] tony2001@php.net 
php.ini-dist :

; Print out errors (as a part of the output).  For production web sites,
; you're strongly encouraged to turn this feature off, and use error logging
; instead (see below).  Keeping display_errors enabled on a production web site
; may reveal security information to end users, such as file paths on your Web
; server, your database schema or other information.

http://php.net/manual/en/errorfunc.configuration.php

Note: This is a feature to support your development and should never be used on production systems (e.g. systems connected to the internet).
 
PHP Copyright © 2001-2025 The PHP Group
All rights reserved. 		Last updated: Sun Oct 26 05:00:01 2025 UTC