I was trying to implement IP logging for bots that try to register for my Q2A site (I use WP integration, so any attempted registration is a sign of a bot, I think), and I noticed that when Q2A throws a fatal error, it also displays a stack trace, showing the file paths of my Q2A install; I wonder if that is really wise since it may give an intruder useful information about my setup. Is there a way to stop it from displaying a stack trace?
What I've done for now is have the Admin Plus plugin override qa_fatal_error():
function qa_fatal_error( $message ) {
$message .= ' ('.$_SERVER['REMOTE_ADDR'].')';
echo 'Question2Answer fatal error:<P><FONT COLOR="red">'.qa_html($message, true).'</FONT></P>';
echo '<P><FONT COLOR="red">Your IP address has been logged.</FONT></P>';
@error_log('PHP Question2Answer fatal error: '.$message);
}
which also logs the IP address to the PHP logs.
