function getMinorVersion(): string {
return preg_replace('/^(\d+\.\d+)\..*$/', '\\1', WCF_VERSION);
}
+
+ #[Attribute(\Attribute::TARGET_PARAMETER)]
+ class SensitiveArgument
+ {
+ }
}
namespace wcf\functions\exception {
if (!isset($item['class'])) $item['class'] = '';
if (!isset($item['type'])) $item['type'] = '';
if (!isset($item['args'])) $item['args'] = [];
-
- // strip database credentials
- if (preg_match('~\\\\?wcf\\\\system\\\\database\\\\[a-zA-Z]*Database~', $item['class']) || $item['class'] === 'PDO') {
- if ($item['function'] === '__construct') {
- $item['args'] = array_map(function () {
- return '[redacted]';
- }, $item['args']);
+
+ if (!empty($item['args'])) {
+ if ($item['class']) {
+ $function = new \ReflectionMethod($item['class'], $item['function']);
+ }
+ else {
+ $function = new \ReflectionFunction($item['function']);
+ }
+
+ $parameters = $function->getParameters();
+ $i = 0;
+ foreach ($parameters as $parameter) {
+ $isSensitive = false;
+ if (
+ \method_exists($parameter, 'getAttributes')
+ && !empty($parameter->getAttributes(\wcf\SensitiveArgument::class))
+ ) {
+ $isSensitive = true;
+ }
+ if (\preg_match(
+ '/(?:^(?:password|passphrase|secret)|(?:Password|Passphrase|Secret))/',
+ $parameter->getName()
+ )) {
+ $isSensitive = true;
+ }
+
+ if ($isSensitive && isset($item['args'][$i])) {
+ $item['args'][$i] = '[redacted]';
+ }
+ $i++;
+ }
+
+ // strip database credentials
+ if (
+ preg_match('~\\\\?wcf\\\\system\\\\database\\\\[a-zA-Z]*Database~', $item['class'])
+ || $item['class'] === 'PDO'
+ ) {
+ if ($item['function'] === '__construct') {
+ $item['args'] = array_map(function () {
+ return '[redacted]';
+ }, $item['args']);
+ }
}
}
projects / GitHub / WoltLab / WCF.git / blobdiff