From 7b5b4e79fb8feccd8cdfb90be5ca8ddeb12c90e6 Mon Sep 17 00:00:00 2001
From: Urban Müller
Date: Mon, 6 Nov 2017 14:35:33 +0100
Subject: correctly hide passwords in var_export format

---
 it.class | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/it.class b/it.class
index f1ea26f..52b554d 100644
--- a/it.class
+++ b/it.class
@@ -260,7 +260,7 @@ static function error($p = array())
 				$body .= $_FILES      ? "\$_FILES:  " . var_export($_FILES, true) . "\n\n" : "";
 				$body .= "Processes:\n" . it::exec('ps auxf | egrep -v "rotatelogs|getbanner|logaction|httpd|systemd|sd-pam"|egrep "^www|^cron"') . "\n";
 				$body .= $stackframes ? "Stack: "     . print_r($stackframes, true) . "\n\n" : "";
-				$body  = it::replace(array('(pw|passw|password|secret)(\] => |=)[^&\s]*' => '$1$2********'), $body, array('utf8' => false));
+				$body  = it::replace(array('(pw|passw|password|secret)(\' => |\] => |=)[^&\s]*' => '$1$2********'), $body, array('utf8' => false));
 			}
 
 			it::mail(array('To' => $p['to'], 'Subject' => "Alert: " . substr($p['title'], 0, 160), 'Body' => $body, 'Cc' => $GLOBALS['it_defaultconfig']['error_cc'], 'forcemail' => !it::is_devel()));
-- 
cgit v1.2.3