Marc Delisle schrieb:
Michal Čihař a écrit :
Hi all
I just noticed, that new class uses trigger_error. Should we use this function? We got security report about path disclosures and this introduces another way to disclose path information.
Yes, let's stay prudent on this.
Marc
But finding errors especially in classes/objects without this make it really hard sometimes!
If trigger_error() is a problem on a system than every error is a problem on this system.
If PMA would not give out any errors it just need to set his own error_handler.
I do not fully understand what is the problem with trigger_error or what makes the problems with trigger_error bigger than normal errors?
The real problem is displaying errors to the client, not triggering an error - so this is a system setting not an application setting.
The only way to handle this is that PMA uses his own error handler.
Or did i understand something completely wrong?