wez Sat Sep 24 11:51:17 2005 EDT
Modified files:
/phpdoc/en/reference/pdo reference.xml
Log:
a note about catching exceptions and the dangers of not doing so on a
production site.
http://cvs.php.net/diff.php/phpdoc/en/reference/pdo/reference.xml?r1=1.40&r2=1.41&ty=u
Index: phpdoc/en/reference/pdo/reference.xml
diff -u phpdoc/en/reference/pdo/reference.xml:1.40
phpdoc/en/reference/pdo/reference.xml:1.41
--- phpdoc/en/reference/pdo/reference.xml:1.40 Tue Sep 20 04:22:28 2005
+++ phpdoc/en/reference/pdo/reference.xml Sat Sep 24 11:51:16 2005
@@ -1,5 +1,5 @@
<?xml version='1.0' encoding='iso-8859-1'?>
-<!-- $Revision: 1.40 $ -->
+<!-- $Revision: 1.41 $ -->
<!-- Purpose: database.abstract -->
<!-- Membership: pecl, bundled -->
<!-- State:experimental -->
@@ -271,6 +271,17 @@
</programlisting>
</example>
</para>
+ <warning>
+ <para>
+ If your application does not catch the exception thrown from the PDO
+ constructor, the default action taken by the zend engine is to terminate
+ the script and display a back trace. This back trace will likely reveal
+ the full database connection details, including the username and
+ password. It is your responsibility to catch this exception, either
+ explicitly (via a <literal>catch</literal> statement) or implicitly via
+ <function>set_exception_handler</function>.
+ </para>
+ </warning>
<para>
Upon successful connection to the database, an instance of the PDO class
is returned to your script. The connection remains active for the
