You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
BugFor errors / faults / flaws / inconsistencies etc.CriticalIndicates the severity of an issue is very critical and the issue has a very high priority.wontfixIf you can reproduce this issue, please reopen the issue or create a new one describing it.
If the MySQL Server is unavailable, Piwik's Zend PDO Class throws not only an error, it reveals Host, Username, Password, Port and Database.
This can be seen as severe security bug. At least the Password should be masked.
I've attached the page content below (all sensitive data has been replaced by XXXXXX)
PDO::__construct(): [2002] No such file or directory (trying to connect via unix:///var/run/mysqld/mysqld.sock)
in '/var/www/libs/Zend/Db/Adapter/Pdo/Abstract.php' at the line 129
#0 Piwik_ErrorHandler(2, PDO::__construct(): [2002] No such file or directory (trying to connect via unix:///var/run/mysqld/mysqld.sock), /var/www/libs/Zend/Db/Adapter/Pdo/Abstract.php, 129, Array ([dsn] => mysql:host=XXXXXXXXX;dbname=XXXXXXXXXX;port=3306,[q] => ))
#1 PDO->__construct(mysql:host=XXXXXXXXX;dbname=XXXXXXXXX;port=3306, XXXXXXXXX, XXXXXXXXX, Array ([1002] => SET NAMES 'utf8')) called at [/var/www/libs/Zend/Db/Adapter/Pdo/Abstract.php:129]
#2 Zend_Db_Adapter_Pdo_Abstract->_connect() called at [/var/www/libs/Zend/Db/Adapter/Pdo/Mysql.php:96]
#3 Zend_Db_Adapter_Pdo_Mysql->_connect() called at [/var/www/core/Db/Adapter/Pdo/Mysql.php:31]
#4 Piwik_Db_Adapter_Pdo_Mysql->getConnection() called at [/var/www/core/Db/Adapter.php:49]
#5 Piwik_Db_Adapter::factory(PDO_MYSQL, Array ([host] => XXXXXXXXX,[username] => XXXXXXXXX,[password] => XXXXXXXXXXX,[dbname] => XXXXXXXXX,[port] => 3306,[charset] => utf8,[profiler] => 0)) called at [/var/www/core/Piwik.php:1444]
#6 Piwik::createDatabaseObject() called at [/var/www/core/FrontController.php:217]
#7 Piwik_FrontController->init() called at [/var/www/index.php:59]
The text was updated successfully, but these errors were encountered:
I don't think you can blame Piwik for this. You shouldn't enable printing PHP errors in a production environment, let alone backtraces. Log them instead to a file or via syslog.
I'm not going to blame piwik for this. I've just tested this on mostly default setups.
Indeed, you're right to remark that logging shouldn't be done onsite, but as said, this is a really default behaviour across different distributions.
I wouldn't see this bug as closed.
Sorry for writing twice, but I've recently disabled this by settiing php's display_errors to Off.
This does NOT take any effect. Data is revealed as before.
I agree that this is an issue users might have with many hosting companies who leave display_errors = On. Piwik should recommend disabling errors during install maybe.
No. This exception is normally caught, and the user redirected to the installer. It sounds like you either have xdebug and/or disabled Piwik's Installation plugin.
Note: there's a buggy version of xdebug that would print a stacktrace even if the exception is caught.
BugFor errors / faults / flaws / inconsistencies etc.CriticalIndicates the severity of an issue is very critical and the issue has a very high priority.wontfixIf you can reproduce this issue, please reopen the issue or create a new one describing it.
If the MySQL Server is unavailable, Piwik's Zend PDO Class throws not only an error, it reveals Host, Username, Password, Port and Database.
This can be seen as severe security bug. At least the Password should be masked.
I've attached the page content below (all sensitive data has been replaced by XXXXXX)
The text was updated successfully, but these errors were encountered: