This is a static dump of issues in the old "Flyspray" bugtracker for DokuWiki. Bugs and feature requests
are now tracked at the issue tracker at Github.
Closed
Fixed
FS#108 deubg Command shows sensitive data
Security
2005-01-31kb
By appending ?do=debug to a page in DokuWik, you can view a few important data arrays for debuging. However when auth_mysql is turned on, the mysql login/password is displayed in the $conf[] array.
Considering ?do=debug just print_r's $conf[] it might be better to limit the debug command to those with admin rights on the wiki.
2005-02-01andi
You're right! This will be fixed in the next release. Users using MySQL auth or any other auth method which stores sensitive data in the conf array should remove the following lines from doku.php to disable the debug function: