Portal Forums Calendar Active Threads
Previous Thread
Next Thread
Print Thread
Hop To
Hide MySQL Errors
#178967 02/21/2007 1:10 PM
Joined: Jun 2006
Posts: 73
C
cdavis
Offline
journeyman
cdavis
journeyman
C Offline
Joined: Jun 2006
Posts: 73
I'm running a security audit on my server. When UBB displays a MySQL Error, the security firm considers it a vulnerability because path and table information are displayed. How can I turn off the MySQL errors like the one below?

Code
Script: /Library/Tenon/WebServer/WebSites/www.realtree.com/forums/showmembers.php
Line#: 200
SQL Error: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '-25, 25' at line 9
SQL Error #: 1064
Query: SELECT U_Username,U_Registered,U_Extra1,U_Homepage,U_TotalPosts,U_Status,U_Number,U_Picture,U_PicWidth,U_PicHeight FROM w3t_Users WHERE U_Approved = 'yes' AND U_Number <> 1 AND U_Banned = '0' AND (U_CoppaUser <> '1' OR U_CoppaUser IS NULL) ORDER BY U_Username ASC LIMIT -25, 25

Re: Hide MySQL Errors
cdavis #178979 02/21/2007 5:11 PM
Joined: Jun 2006
Posts: 1,344
NY
G
gliderdad Offline
veteran
gliderdad
veteran
G Offline
Joined: Jun 2006
Posts: 1,344
NY
In CP under primary setting-->logging tab you will see display SQL errors wink
Re: Hide MySQL Errors
gliderdad #178985 02/21/2007 5:56 PM
Joined: Jun 2006
Posts: 73
C
cdavis
Offline
journeyman
cdavis
journeyman
C Offline
Joined: Jun 2006
Posts: 73
I don't have that option with 6.5.5. Here's what I see under Primary Settings > Logging:

Log MySQL Errors?
MySQL Error Log Storage Directory:
Log Control Panel Activity?
Control Panel Log Storage Directory:
Maximum Control Panel Log Size:
Maximum Number of Archived Logs:
Re: Hide MySQL Errors
cdavis #178993 02/21/2007 6:11 PM
Joined: Jun 2006
Posts: 16,300
Likes: 116
Portland, OR; USA
Gizmo Online: Tapedshut
UBB.threads Developer
Gizmo
UBB.threads Developer
Online: Tapedshut
Joined: Jun 2006
Posts: 16,300
Likes: 116
Portland, OR; USA
I believe these are suppressed to only show to admin's in more recent versions.

I am a Web Development Contractor, I do not work for UBBCentral. I have provided free User to User Support since the beginning of these support forums.
Do you need Forum Install or Upgrade Services?
Forums: A Gardeners Forum, Scouters World
UBB.threads: UBBWiki, UBB Styles, UBB.Sitemaps
Longtime Supporter & Resident Post-A-Holic
VNC Web Services: Code Modifications, Upgrades, Styling, Coding Services, Disaster Recovery, and more!
Re: Hide MySQL Errors
cdavis #178996 02/21/2007 6:22 PM
Joined: Jun 2006
Posts: 73
C
cdavis
Offline
journeyman
cdavis
journeyman
C Offline
Joined: Jun 2006
Posts: 73
I found it in the mysql.inc.php file:

// IF YOU SET THE VARIABLE BELOW TO 1 IT WILL SHOW THE SQL ERRORS TO ALL
// USERS. USEFUL IF YOU CANNOT LOG IN AND NEED TO SEE THE SQL ERRORS
$showerror = 0;

Link Copied to Clipboard
ShoutChat
Comment Guidelines: Do post respectful and insightful comments. Don't flame, hate, spam.
Recent Topics
Version 7.7.5 Images suddenly not displaying
by Stovebolt - 05/04/2024 11:19 AM
Bots
by Outdoorking - 04/13/2024 5:08 PM
Can you add html to language files?
by Baldeagle - 04/07/2024 2:41 PM
Do I need to rebuild my database?
by Baldeagle - 04/07/2024 2:58 AM
This is not a bug, but a suggestion
by Baldeagle - 04/05/2024 11:25 PM
Who's Online Now
3 members (Stovebolt, ahmed047, Gizmo), 931 guests, and 151 robots.
Key: Admin, Global Mod, Mod
Random Gallery Image
Latest Gallery Images
Los Angeles
Los Angeles
by isaac, August 6
3D Creations
3D Creations
by JAISP, December 30
Artistic structures
Artistic structures
by isaac, August 29
Stones
Stones
by isaac, August 19
Forum Rules · Mark All Read Contact Us · Forum Help · UBBCentral
Powered by UBB.threads™ PHP Forum Software 8.0.0
(Preview build 20240501)