It's not just database.php credentials issue, debugger "code and context" can output any code excerpt. For example, you may have API_KEY just above some code that produce PHP notice, and debugger will show your key.
Proposal: - add notice in docs and cake "core.php" config - enable "code and context" only for dev host (127.0.0.1) or remove it (not very useful) - stop arguing and be polite :) On Jun 23, 8:47 pm, AD7six <[email protected]> wrote: > On Jun 23, 7:41 pm, Miles J <[email protected]> wrote: > > > What are you talking about, stop trolling. I know that was incorrect, > > but that's my point. How are developers supposed to know *which* is > > the correct way until they encounter the problem? Its not stated in > > the docs, and a new Cake developer isn't going to know any better. > > Database credentials, regardless of who's fault it is, should *never* > > be displayed in plain text, who's smart idea was that? > > yours -- Our newest site for the community: CakePHP Video Tutorials http://tv.cakephp.org Check out the new CakePHP Questions site http://ask.cakephp.org and help others with their CakePHP related questions. To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/cake-php
