phpinfo shows admin password !

[decafranky]

Hi,

I have upgraded Apache from 1.x to 2.0.58, and PHP 4.x to 5.1.4 on a test machine.

Works fine ... except running phpinfo(); shows the table "PHP VARIABLES" with critical information like:
PHP_AUTH_USER: admin
PHP_AUTH_PW: [admin password in text here !]

Why is PHP5 showing this critical information and how to disable this?

Franky

 

[nobaloney]

No one else has posted, so even though I don't have specific information, I thought I'd give you a place to look.

I believe there's a setting or settings in php.ini to control what phpinfo exposes to the world.

Jeff

 

[xemaps]

seems like you protected your dir with .htaccess or access with AUTH
then sure you can see the variables yourself entered on login
you can disable them, like jeff said.