Technical Support Forums

Free, outstanding support from WebAssist and your colleagues

› WebAssist Forums › PowerGallery › PowerGallery General / Announcements › Security Issues

Security Issues

Thread began 5/24/2010 12:56 am by tyler815351411 | Last modified 9/06/2011 12:34 pm by tyler815351411 | 3354 views | 9 replies

5/27/2010 11:27 amEric Mittman

Thanks for getting back with that. I'm not an expert at reviewing these types of reports but from what I can see the issues it is referring to are MySQL errors. It looks like these are being considered errors based on the assumption that divulging the type and version of you database server can present a vulnerability for the site. I'm not so sure that I agree with this assumption but that is what it is saying.

Since the report seems to only be referring to MySQL errors that are occurring you could overcome this by removing the mysql_error() from within the die statements after the queries. You should make a backup of the site first, then update it by doing a site wide find and replace for the following values:

find:

php:

die(mysql_error())

replace with:

php:

die()

Making this change will cause the page to stop processing at this point and not return any type of error if an error occurs.

Build websites with a little help from your friends

Your friends over here at WebAssist! These Dreamweaver extensions will assist you in building unlimited, custom websites.

Build websites from already-built web applications

These out-of-the-box solutions provide you proven, tested applications that can be up and running now. Build a store, a gallery, or a web-based email solution.