[GH-ISSUE #16] Error handling #16

New issue

Closed

opened 2026-02-26 01:34:56 +03:00 by kerem · 1 comment

kerem commented 2026-02-26 01:34:56 +03:00

Owner

Copy link

Originally created by @kwilliams on GitHub (Nov 6, 2013).
Original GitHub issue: https://github.com/JLiscom/OpenNote/issues/16

The demo has a nasty information disclosure problem:

Fatal error: Uncaught exception 'PDOException' with message 'SQLSTATE[42000] [1044] Access denied for user 'starlgco_Note'@'localhost' to database 'starlgco_OpenNote'' in /home4/starlgco/public_html/apps/OpenNote/OpenNote/modules/core/Common.php:50 Stack trace: #0 /home4/starlgco/public_html/apps/OpenNote/OpenNote/modules/core/Common.php(50): PDO->__construct('mysql:host=loca...', 'starlgco_Note', 'Kt,Lp5D]UhUW') #1 /home4/starlgco/public_html/apps/OpenNote/OpenNote/modules/core/Common.php(82): Core::mysqlConnect() #2 /home4/starlgco/public_html/apps/OpenNote/OpenNote/modules/login/Authenticater.php(17): Core::query('SELECT COUNT(*)...', Array) #3 /home4/starlgco/public_html/apps/OpenNote/OpenNote/modules/login/ajax.php(14): Authenticater::checkAvailability('test123') #4 {main} thrown in /home4/starlgco/public_html/apps/OpenNote/OpenNote/modules/core/Common.php on line 50

Originally created by @kwilliams on GitHub (Nov 6, 2013). Original GitHub issue: https://github.com/JLiscom/OpenNote/issues/16 The demo has a nasty information disclosure problem: ``` Fatal error: Uncaught exception 'PDOException' with message 'SQLSTATE[42000] [1044] Access denied for user 'starlgco_Note'@'localhost' to database 'starlgco_OpenNote'' in /home4/starlgco/public_html/apps/OpenNote/OpenNote/modules/core/Common.php:50 Stack trace: #0 /home4/starlgco/public_html/apps/OpenNote/OpenNote/modules/core/Common.php(50): PDO->__construct('mysql:host=loca...', 'starlgco_Note', 'Kt,Lp5D]UhUW') #1 /home4/starlgco/public_html/apps/OpenNote/OpenNote/modules/core/Common.php(82): Core::mysqlConnect() #2 /home4/starlgco/public_html/apps/OpenNote/OpenNote/modules/login/Authenticater.php(17): Core::query('SELECT COUNT(*)...', Array) #3 /home4/starlgco/public_html/apps/OpenNote/OpenNote/modules/login/ajax.php(14): Authenticater::checkAvailability('test123') #4 {main} thrown in /home4/starlgco/public_html/apps/OpenNote/OpenNote/modules/core/Common.php on line 50 ```

kerem 2026-02-26 01:34:56 +03:00

• closed this issue
• added the
  bug
  label

kerem commented 2026-02-26 01:34:56 +03:00

Author

Owner

Copy link

@JLiscom commented on GitHub (Nov 6, 2013):

Tell me something I dont know

<!-- gh-comment-id:27842414 --> @JLiscom commented on GitHub (Nov 6, 2013): Tell me something I dont know

Sign in to join this conversation.

No Branch/Tag specified

Branches Tags

master

dependabot/npm_and_yarn/minimist-and-mkdirp-1.2.8

dependabot/npm_and_yarn/debug-2.6.9

dependabot/npm_and_yarn/json5-and-loader-utils-and-webpack-1.0.2

dependabot/npm_and_yarn/express-4.18.2

dependabot/npm_and_yarn/qs-and-express-6.5.3

dependabot/npm_and_yarn/loader-utils-1.4.2

dependabot/npm_and_yarn/minimatch-and-grunt-and-grunt-cli--removed

dependabot/npm_and_yarn/bootstrap-3.4.1

dependabot/npm_and_yarn/angular-1.8.3

dependabot/npm_and_yarn/grunt-1.5.3

dependabot/npm_and_yarn/marked-4.0.10

dependabot/npm_and_yarn/codemirror-5.58.2

dependabot/npm_and_yarn/angular-1.8.0

dependabot/npm_and_yarn/jquery-3.5.0

gh-pages

Fox-Working

18.03.00

18.03.00-Alpha

17.02.01

17.02

15.07

14.07.02

14.07.01

14.07.00

13.10.0

Labels

Clear labels   

bug

  

enhancement

  

pull-request

Mirrored from GitHub Pull Request

  

question

  

wontfix

No labels

bug

enhancement

pull-request

question

wontfix

Milestone

Clear milestone

No items

No milestone

Projects

Clear projects

No items

No project

Assignees

Clear assignees

No assignees

1 participant

Notifications

Subscribe

Due date

The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference

starred/OpenNote-JLiscom#16

No description provided.