php-activerecord icon indicating copy to clipboard operation
php-activerecord copied to clipboard
verified publisher icon jpfuentes2

Adding handling of PDOException

Open igorsantos07 opened this issue 12 years ago • 1 comments

Adding threatment of PDOException as well to DatabaseException. closes #337

igorsantos07 avatar Jun 12 '13 18:06 igorsantos07

:+1:

The previous behavior is a security risk, since directly passing the PDOException to Exception::__construct() causes the __toString() to be implicitly called. The Exception->__toString() method includes the full stack trace, which will include the database credentials in the call to new PDO() in Connection->__construct(). If you use a service like Airbake to collect exceptions, that means you'll be transmitting database credentials to a third party.

MasonM avatar Jan 08 '16 17:01 MasonM