[Phpmyadmin-devel] Re: [Phpmyadmin-users] bugs recently published on securityfocusare true?

Michal Cihar nijel at users.sourceforge.net
Wed Jun 18 13:24:03 CEST 2003


On Wednesday 18 of June 2003 22:14, Garvin Hicking wrote:
> Regarding the directory disclore issue: The author means that PHP will
> print out the 'missing variable in file /ddd/xxx/eee/bla.php' and thereby
> showing the path. I guess we can only hide that part by pointing out to not
> letting PHP print out errors on a webpage in production environments. On
> our side, we can only reduce the PHP error output, I guess?

We should avoid any php error message, and end with our error when something 
needed is not defined (eg. db/table...)

-- 
Regards
	Michal Cihar
	nijel at users dot sourceforge dot net
	http://cihar.liten.cz





More information about the Developers mailing list