You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
When I set debug mode to ON in the Joomla configuration then in front end I can see the real database table names. Example:
SELECT data
FROM t7h4l1_session
WHERE session_id = ?
In my opinion the prefix of the database table name is a private secret which shouldn't be published. I know that in all joomla documentations there is always a warning to never activate the debug mode on productive sites. Unfortunately it could happen by mistake.
Shouldn't the database table prefix be masked in the debug output by replacing the real prefix with #__ ?
reacted with thumbs up emoji reacted with thumbs down emoji reacted with laugh emoji reacted with hooray emoji reacted with confused emoji reacted with heart emoji reacted with rocket emoji reacted with eyes emoji
-
Hi all.
When I set debug mode to ON in the Joomla configuration then in front end I can see the real database table names. Example:
In my opinion the prefix of the database table name is a private secret which shouldn't be published. I know that in all joomla documentations there is always a warning to never activate the debug mode on productive sites. Unfortunately it could happen by mistake.
Shouldn't the database table prefix be masked in the debug output by replacing the real prefix with
#__?Beta Was this translation helpful? Give feedback.
All reactions