Commit: ebd08f754ee0d27268e8df0076bbc24a39a57e40 Author: Kalle Sommer Nielsen <[email protected]> Mon, 24 Jul 2017 20:23:55 +0200 Parents: b6f8cdfef8170c0d1c0d16c413862cac94ad4512 Branches: master
Link: http://git.php.net/?p=web/bugs.git;a=commitdiff;h=ebd08f754ee0d27268e8df0076bbc24a39a57e40 Log: Attempt at hiding some of our special _ENV vars on bugs Changed paths: M www/admin/index.php Diff: diff --git a/www/admin/index.php b/www/admin/index.php index 808984f..76d5103 100644 --- a/www/admin/index.php +++ b/www/admin/index.php @@ -14,7 +14,20 @@ $actions = array('list_lists', 'list_responses', 'phpinfo'); $action = !empty($_GET['action']) && in_array($_GET['action'], $actions) ? $_GET['action'] : 'list_lists'; if ($action === 'phpinfo') { + ob_start(); phpinfo(); + + $phpinfo = ob_get_clean(); + + // Attempt to hide certain ENV vars + $vars = array( + $_ENV['AUTH_TOKEN'], + $_ENV['USER_TOKEN'], + $_ENV['USER_PWD_SALT'] + ); + + echo str_replace($vars, '<hidden>', $phpinfo); + exit; } -- PHP Webmaster List Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
