How to prevent password dumping on PDO error

Question

I have a too many hosts PDO exception in my MySQL database:

 exception 'PDOException' with message 'SQLSTATE[HY000] [1129] Host 
'[IP ADDRESS]' is blocked because of many connection errors; unblock 
 with 'mysqladmin flush-hosts'' in /var/www/libs/Database.php:15

I understand this error, but the real problem is in the stack trace which dumps the database name, login and password into the console:

Stack trace:
#0 /var/www/libs/Database.php(15): PDO->__construct('mysql:host=conf...', 
'[db name]', '[db password]...', Array)

As this is an AJAX request, it dumps into the console browser, which is obviously a problem.

How can I avoid this happening? Have I configured PHP incorrectly?

Answer 1

As this is an AJAX request, it dumps into the console browser

Of course, PHP (like other server-side languages) is executed in another computer and does not have access to your browser's console. Most likely, neither your PHP nor your JavaScript are designed to handle error conditions gracefully. Some tips:

• Always set display_errors to false in your production box. Make sure that error messages are logged instead.

• Tweak your server-side code so it generates valid output even when the DB is down. For instance, if the script is supposed to generate JSON it should send JSON data even on error. To do so:

  • Capture the PDOException
  • Log the error details

  • Send JSON data informing that there was an error, e.g.:

    {"status": "error", "info": "Database is down"}
    

• Tweak your client-side code to handle any kind of error in the AJAX response, including proper JSON with status=error and lack of proper JSON.