Log only parameterized SQL statements without any values

[ssoroka]

I'm logging this as a bug because it's a security problem.

Description

This was mentioned in #4858, but that issue was closed.

When logging SQL, Gorm logs the full SQL which is generally considered a bad practice. eg

SELECT * FROM `users` WHERE email = "foo@example.com" ORDER BY `users`.`id` LIMIT 1

This causes problems by leaking sensitive fields into the logs, especially when doing inserts and updates. A parameterized version of the query that's always safe to log would be:

SELECT * FROM `users` WHERE email = ? ORDER BY `users`.`id` LIMIT 1

A custom logger here isn't enough, because it doesn't expose the parameterized sql, just the final result with values, and parsing the log line to filter it is both expensive and unrealistic

This would involve changing the Execute function in callbacks.go from

	if stmt.SQL.Len() > 0 {
		db.Logger.Trace(stmt.Context, curTime, func() (string, int64) {
			return db.Dialector.Explain(stmt.SQL.String(), stmt.Vars...), db.RowsAffected
		}, db.Error)
	}

to

	if stmt.SQL.Len() > 0 {
		db.Logger.Trace(stmt.Context, curTime, func() (string, int64) {
			return stmt.SQL.String(), db.RowsAffected
		}, db.Error)
	}

[github-actions]

The issue has been automatically marked as stale as it missing playground pull request link, which is important to help others understand your issue effectively and make sure the issue hasn't been fixed on latest master, checkout https://github.com/go-gorm/playground for details. it will be closed in 30 days if no further activity occurs. if you are asking question, please use the Question template, most likely your question already answered https://github.com/go-gorm/gorm/issues or described in the document https://gorm.io ✨ Search Before Asking ✨

[ssoroka]

not completed.

[dorsha]

I think this should remain open, this is a major security problem, since it exposed PII.. and there is no way to work with logs in production.