OpenCart Community

Posted: **Tue Apr 04, 2017 10:34 pm**

Hello,
The MySQL on my hosting company went down. During this time, accessing the front end of my site was showing below error and was listing the user id and password for my website's database. This is a big flaw. I think the code should catch the error and return more user friendly message on the front end. The technical details and trace logs can be sent to Systems-> Error Logs.in the Admin section of the site.

prntscr.com/esawcp

Posted: **Tue Apr 04, 2017 10:48 pm**

that's a real Problem, and the possibly only way, to prevent it, would be, to have
a top hoster, in order to avoid, a DB to ever be out of service.
Ernie

Posted: **Tue Apr 04, 2017 11:20 pm**

Hello,
No matter if you have the best hosting company in the world, the outage would happen once in a while. I think the code should be smart to NOT show user id / password or other details that could compromise the security.

Somebody please help me with some fix / solution / work around.

Posted: **Wed Apr 05, 2017 6:34 am**

well, I assume, it's a Server Information.
Ernie

Posted: **Wed Apr 05, 2017 2:37 pm**

https://github.com/opencart/opencart/issues/5027

Posted: **Wed Apr 05, 2017 4:02 pm**

Thanks artcore !!

I have added following code in - system/library/db/mysqli.php

if ($this->connection->connect_error) {
die('Unable to connect to database');
}

Posted: **Wed Apr 05, 2017 4:57 pm**

Or 'something went wrong, please contact the webmaster'. No one needs to know details

OpenCart Community

Security compromised when MySQL is down.

Security compromised when MySQL is down.

Re: Security compromised when MySQL is down.

Re: Security compromised when MySQL is down.

Re: Security compromised when MySQL is down.

Re: Security compromised when MySQL is down.

Re: Security compromised when MySQL is down.

Re: Security compromised when MySQL is down.