diff options
| author | Meik Sievertsen <acydburn@phpbb.com> | 2005-12-15 13:52:27 +0000 |
|---|---|---|
| committer | Meik Sievertsen <acydburn@phpbb.com> | 2005-12-15 13:52:27 +0000 |
| commit | d1601260863a3195ddedabf2a8395d2f0d732b1e (patch) | |
| tree | 5e4dcdbd50292d170044c3ccb5921e00d4cdc548 /phpBB/includes/db | |
| parent | 7657767590c72c47b482398e3c1935553d45f9bc (diff) | |
| download | forums-d1601260863a3195ddedabf2a8395d2f0d732b1e.tar forums-d1601260863a3195ddedabf2a8395d2f0d732b1e.tar.gz forums-d1601260863a3195ddedabf2a8395d2f0d732b1e.tar.bz2 forums-d1601260863a3195ddedabf2a8395d2f0d732b1e.tar.xz forums-d1601260863a3195ddedabf2a8395d2f0d732b1e.zip | |
- show complete sql error message + path to administrators only (idea from post to bugtraq about SMF)
git-svn-id: file:///svn/phpbb/trunk@5338 89ea8834-ac86-4346-8a33-228a782c2dd0
Diffstat (limited to 'phpBB/includes/db')
| -rw-r--r-- | phpBB/includes/db/dbal.php | 18 |
1 files changed, 15 insertions, 3 deletions
diff --git a/phpBB/includes/db/dbal.php b/phpBB/includes/db/dbal.php index 5555bf09ea..c02f6d4e92 100644 --- a/phpBB/includes/db/dbal.php +++ b/phpBB/includes/db/dbal.php @@ -192,14 +192,26 @@ class dbal */ function sql_error($sql = '') { + global $auth, $user; + $error = $this->_sql_error(); if (!$this->return_on_error) { - $this_page = (isset($_SERVER['PHP_SELF']) && !empty($_SERVER['PHP_SELF'])) ? $_SERVER['PHP_SELF'] : $_ENV['PHP_SELF']; - $this_page .= '&' . ((isset($_SERVER['QUERY_STRING']) && !empty($_SERVER['QUERY_STRING'])) ? $_SERVER['QUERY_STRING'] : (isset($_ENV['QUERY_STRING']) ? $_ENV['QUERY_STRING'] : '')); + $message = '<u>SQL ERROR</u> [ ' . SQL_LAYER . ' ]<br /><br />' . $error['message'] . ' [' . $error['code'] . ']; + + // Show complete SQL error and path to administrators only + if ($auth->acl_get('a_')) + { + $this_page = (isset($_SERVER['PHP_SELF']) && !empty($_SERVER['PHP_SELF'])) ? $_SERVER['PHP_SELF'] : $_ENV['PHP_SELF']; + $this_page .= '&' . ((isset($_SERVER['QUERY_STRING']) && !empty($_SERVER['QUERY_STRING'])) ? $_SERVER['QUERY_STRING'] : (isset($_ENV['QUERY_STRING']) ? $_ENV['QUERY_STRING'] : '')); - $message = '<u>SQL ERROR</u> [ ' . SQL_LAYER . ' ]<br /><br />' . $error['message'] . ' [' . $error['code'] . ']<br /><br /><u>CALLING PAGE</u><br /><br />' . htmlspecialchars($this_page) . (($sql != '') ? '<br /><br /><u>SQL</u><br /><br />' . $sql : '') . '<br />'; + $message .= '<br /><br /><u>CALLING PAGE</u><br /><br />' . htmlspecialchars($this_page) . (($sql != '') ? '<br /><br /><u>SQL</u><br /><br />' . $sql : '') . '<br />'; + } + else + { + $message .= '<br /><br />' . $user->lang['SQL_ERROR_OCCURRED']; + } if ($this->transaction) { |