Fixed database credentials being exposed in logged exceptions

diff --git a/wcfsetup/install/files/lib/system/exception/LoggedException.class.php b/wcfsetup/install/files/lib/system/exception/LoggedException.class.php
index 5128b792988f3d78c46ef29894ebc33925fc4872..ed61d70682b78fa66a99472bfb17c49fb2de42d8 100644 (file)
--- a/wcfsetup/install/files/lib/system/exception/LoggedException.class.php
+++ b/wcfsetup/install/files/lib/system/exception/LoggedException.class.php
@@ -53,6 +53,16 @@ class LoggedException extends \Exception {
                return $this->exceptionID;
        }
        
+       /**
+        * Removes database password from stack trace.
+        * @see \Exception::getTraceAsString()
+        */
+       public function __getTraceAsString() {
+               $e = ($this->getPrevious() ?: $this);
+               $string = preg_replace('/Database->__construct\(.*\)/', 'Database->__construct(...)', $e->getTraceAsString());
+               return $string;
+       }
+       
        /**
         * Writes an error to log file.
         */
@@ -88,7 +98,7 @@ class LoggedException extends \Exception {
                        'Request URI: '.(isset($_SERVER['REQUEST_URI']) ? $_SERVER['REQUEST_URI'] : '')."\n".
                        'Referrer: '.(isset($_SERVER['HTTP_REFERER']) ? $_SERVER['HTTP_REFERER'] : '')."\n".
                        'User-Agent: '.(isset($_SERVER['HTTP_USER_AGENT']) ? $_SERVER['HTTP_USER_AGENT'] : '')."\n".
-                       "Stacktrace: \n  ".implode("\n  ", explode("\n", $e->getTraceAsString()))."\n";
+                       "Stacktrace: \n  ".implode("\n  ", explode("\n", $this->__getTraceAsString()))."\n";
                
                // calculate Exception-ID
                $this->exceptionID = StringUtil::getHash($message);

diff --git a/wcfsetup/install/files/lib/system/exception/SystemException.class.php b/wcfsetup/install/files/lib/system/exception/SystemException.class.php
index 15229827b7edd686b3b5b1476350c45f2b5b1eb7..18d5824b1b4baf55790e508b631ec744304e353b 100644 (file)
--- a/wcfsetup/install/files/lib/system/exception/SystemException.class.php
+++ b/wcfsetup/install/files/lib/system/exception/SystemException.class.php
@@ -55,17 +55,6 @@ class SystemException extends LoggedException implements IPrintableException {
                return $this->description;
        }
        
-       /**
-        * Removes database password from stack trace.
-        * @see \Exception::getTraceAsString()
-        */
-       public function __getTraceAsString() {
-               $e = ($this->getPrevious() ?: $this);
-               $string = preg_replace('/Database->__construct\(.*\)/', 'Database->__construct(...)', $e->getTraceAsString());
-               $string = preg_replace('/mysqli->mysqli\(.*\)/', 'mysqli->mysqli(...)', $string);
-               return $string;
-       }
-       
        /**
         * @see wcf\system\exception\IPrintableException::show()
         */