Security issues - Exists in all versions Opencart 1.x 2.x 3.x

Security issues !!!

Sorry for my bad English.

I try to turn off MySQL (simulator for the server's SQL hosting death / temporary interruptions) and just let each Apache run, then I see Opencart show all the connection information (result as same when I visit the store page and the admin page).
- SQL server
- Username
- Password
- Database Name
- SQL Port



Does someone have an opinion ?. @straightlight

You need to switch off displaying of PHP errors. There are 3 steps to do this for OpenCart 3.0.

1. In the admin goto System -> Settings -> Edit -> Server (tab) and and change Display Errors to No. Then save.

2. To switch off the framework errors. Change $_['error_display'] to false in system\config\default.php. Or add to system\config\catalog.php and system\config\admin.php

3. Next you need to set the PHP ini setting display_errors to Off. Who you do this will depend on your host. It could be adding to your php.ini file in the OpenCart and admin folders. Or you may need to add to your .htaccess file in the OpenCart folder. Or you may need to do something else depending on your hosting.

You will also want to check the location of the PHP error log and make sure it is set to log to somewhere that is publicly accessible. The error_log and/or log_errors PHP ini setting are what you need to change for this.