From f5ccede031b2297c07e8cb77f92684e754b0c689 Mon Sep 17 00:00:00 2001 From: Miles Lott Date: Fri, 21 Dec 2001 22:38:03 +0000 Subject: [PATCH] Do not print passwords to the page --- setup/config.php | 10 +++++++++- 1 file changed, 9 insertions(+), 1 deletion(-) diff --git a/setup/config.php b/setup/config.php index 327dd5d1fa..6079ee16fa 100644 --- a/setup/config.php +++ b/setup/config.php @@ -193,7 +193,15 @@ break; case 'value': $newval = ereg_replace(' ','_',$newval); - $t->set_var($value,$current_config[$newval]); + /* Don't show passwords in the form */ + if(ereg('passwd',$value) || ereg('password',$value) || ereg('root_pw',$value)) + { + $t->set_var($value,''); + } + else + { + $t->set_var($value,$current_config[$newval]); + } break; case 'selected': $configs = array();