Quote from: Digitalcay Limited on October 21, 2022, 02:05:06 PM

You're not that smart. We've explained to you what debug.logs do.
Even for apps I create on environments (non-related to osclass) for other things will sometimes be logging sensitive data like signatures, keys, passwords, emails, usernames etc. It's not just for OsClass.

Again you are calling me names. No other script that i know logs passwords in plain text file. Even Osclass 3.9, Osclass 5.x, doesn't do that.

I don't need any explaination from you. Just let the developer (that i respect) to solve this. No such detailed information (unneeded) should be recorded EVER.

I am not calling you names but whatever. I repeat if you need explanations do not post on support forums. It's a public forum that anybody can try help but if you can't take help from other members then it shouldnt be posted here. You don't seam to know the difference between a support forum and private ticketing system.

Let me explain easily.

Developer only support --> Submit a ticket
Community help (anybody) --> Support forums
dsf = don't like support from anybody but developer
Solution = submit private ticket
Understand?

Best of luck!

It's a public forum that anybody can try help but if you can't take help from other members then it shouldnt be posted here. You don't seam to know the difference between a support forum and private ticketing system.

This is a security issue, it should be posted so people know and fix it. And webmasters protect themselves. Because disabling debug is not enough, you must also delete the debug.log (nobody does that).

I have nothing else to say or reply, i'm dissapointed from all that.

I just hope the developer is a reasonable guy that loves his business, and will handle that better in future releases.

Quote from: Digitalcay Limited on October 21, 2022, 02:15:41 PM

It's a public forum that anybody can try help but if you can't take help from other members then it shouldnt be posted here. You don't seam to know the difference between a support forum and private ticketing system.

This is a security issue, it should be posted so people know and fix it. And webmasters protect themselves. Because disabling debug is not enough, you must also delete the debug.log (nobody does that).

I have nothing else to say or reply, i'm dissapointed from all that.

I just hope the developer is a reasonable guy that loves his business, and will handle that better in future releases.

Alright, best of luck with the fix.

@dsf The name-calling was a result of your arrogant attitude towards everyone that tried to help you.
Your initial issue was related to the PHP Fatal error, then you escalated it to something else that frankly needs a separate topic.

You keep asking for answers from the developer (arrogantly dissing everyone else), yet he gave you an answer:

@dsf
For me it works, generated if you set osclass to save logs into file.

Like it?!

And yet, we are the bad guys...
Good luck!

  tested it on subdomain to crash db with debug.log on but it only returns error db username and user is using password (yes)... No password shown in my log file..
In apache error maybe but that is not visible to users....

If it would return password, it would by mysqli vulnerability. I am not sure why osclass should filter logs from PHP libraries...