bad error message on invalid database password
Closed this issue · 5 comments
if you try installing SS with an invalid database password in .env , you will just get a generic 500 error page that doesn't even leave any errorlogs behind! that's kinda shitty. at the very least it should complain in the php error logs that the db password is invalid.
If you change the environment type to development then you'll see errors. You should see errors in logs.
Logs should not be exposed to the front end by default.
Pretty sure I tried "dev" instead of "development", but regardless of the env type, the errors should have been send to the php error logs! They weren't. So I still suspect there's a bug here, even if the bug is only "error message not sent to error log when it should have been"
You should see errors in logs.
Yeah, problem is, it wasn't there.
If you would like to provide some replication info (environment, PHP version, framework version, etc) that would be helpful to investigate the problem and see if the issue is reproducible.
Dang, don't know what changed but i am unable to reproduce it, correctly getting errors like
2022/07/17 00:40:40 [error] 45401#45401: *12 FastCGI sent in stderr: "PHP message: PHP Warning: mysqli::real_connect(): (HY000/1045): Access denied for user 'fake'@'84.49.158.188' (using password: YES) in /srv/http/ss/www/test/vendor/silverstripe/framework/src/ORM/Connect/MySQLiConnector.php on line 119" while reading response header from upstream, client: 127.0.0.1, server: ss.lan, request: "GET / HTTP/1.1", upstream: "fastcgi://unix:/var/run/php/php7.4-fpm.sock:", host: "ss.lan:81"
even with SS_ENVIRONMENT_TYPE="live"
! ok ignore the below, lets keep it closed.
# SSL configuration
#
# listen 443 ssl default_server;
# listen [::]:443 ssl default_server;
#
# Note: You should disable gzip for SSL traffic.
# See: https://bugs.debian.org/773332
#
# Read up on ssl_ciphers to ensure a secure configuration.
# See: https://bugs.debian.org/765782
#
# Self signed certs generated by the ssl-cert package
# Don't use them in a production server!
#
# include snippets/snakeoil.conf;
root /srv/http/ss/www/test/public;
autoindex on;
client_max_body_size 20M;
# Add index.php to the list if you are using PHP
index index.php index.txt index.html index.htm index.php index.nginx-debian.html;
server_name ss.lan;
location / {
# First attempt to serve request as file, then
# as directory, then fall back to displaying a 404.
try_files $uri $uri/ =404;
}
# pass PHP scripts to FastCGI server
#
location ~ \.php$ {
include snippets/fastcgi-php.conf;
#
# # With php-fpm (or other unix sockets):
fastcgi_pass unix:/var/run/php/php7.4-fpm.sock;
# # With php-cgi (or other tcp sockets):
# fastcgi_pass 127.0.0.1:9000;
}
# deny access to .htaccess files, if Apache's document root
# concurs with nginx's one
#
#location ~ /\.ht {
# deny all;
#}
}
3: in /srv/http/ss.lan/www run `composer create-project silverstripe/installer test` and create the file .env:
SS_DATABASE_CLASS="MySQLDatabase"
SS_DATABASE_NAME="fake"
SS_DATABASE_SERVER="localhost"
SS_DATABASE_USERNAME="fake"
SS_DATABASE_PASSWORD="fake"
SS_DEFAULT_ADMIN_USERNAME="fake"
SS_DEFAULT_ADMIN_PASSWORD="fake"
SS_ENVIRONMENT_TYPE="dev"
</strike>
Ok. Glad you got to the bottom of it.