diff options
| author | Andreas Gohr <andi@splitbrain.org> | 2008-07-15 23:16:16 +0200 |
|---|---|---|
| committer | Andreas Gohr <andi@splitbrain.org> | 2008-07-15 23:16:16 +0200 |
| commit | 24297a695f52a061e471dbeacae874acda5a0e68 (patch) | |
| tree | a0e67f4e30b790259ed39b821f4a6b4cd3cc5154 /inc/infoutils.php | |
| parent | 2aca132fb57287777cab810c62678c1f1f46bd64 (diff) | |
| download | rpg-24297a695f52a061e471dbeacae874acda5a0e68.tar.gz rpg-24297a695f52a061e471dbeacae874acda5a0e68.tar.bz2 | |
remove sensitive data from debug output more aggressively
This patch adds a new function that is used to remove sensitive data from
the debug output in a broader way. It will remove some innocent data but
should make sure most passwords and similar data can not be accessed even
when stored in some plugin's configuration data.
Disabling the debug option is still highly recommended.
darcs-hash:20080715211616-7ad00-19334e56d3910bcaa04147c4c59e0c59571764f3.gz
Diffstat (limited to 'inc/infoutils.php')
| -rw-r--r-- | inc/infoutils.php | 17 |
1 files changed, 17 insertions, 0 deletions
diff --git a/inc/infoutils.php b/inc/infoutils.php index 1fc55702e..18de75c28 100644 --- a/inc/infoutils.php +++ b/inc/infoutils.php @@ -316,3 +316,20 @@ function dbg_backtrace(){ return implode("\n", $calls); } +/** + * Remove all data from an array where the key seems to point to sensitive data + * + * This is used to remove passwords, mail addresses and similar data from the + * debug output + * + * @author Andreas Gohr <andi@splitbrain.org> + */ +function debug_guard(&$data){ + foreach($data as $key => $value){ + if(preg_match('/(notify|pass|auth|secret|ftp|userinfo|token|buid|mail|proxy)/i',$key)){ + $data[$key] = '***'; + continue; + } + if(is_array($value)) debug_guard($data[$key]); + } +} |