Display only exception messages during booting

By not letting PHP render the stack trace, we prevent displaying
sensitive information (such as the database credentials). Instead,
we display a simple line with the exception message.

In the console, the full exception can still be shown, as that is
a tool only for forum admins anyway.

Fixes #1421.

framework/core/src/Http/Server.php

@@ -31,7 +31,7 @@ class Server
 
     public function listen()
     {
-        $app = $this->site->bootApp();
+        $app = $this->safelyBootApp();
 
         $runner = new RequestHandlerRunner(
             $app->getRequestHandler(),
@@ -45,4 +45,18 @@ class Server
         );
         $runner->run();
     }
+
+    /**
+     * Try to boot Flarum, and prevent exceptions from exposing sensitive info.
+     *
+     * @return \Flarum\Foundation\AppInterface
+     */
+    private function safelyBootApp()
+    {
+        try {
+            return $this->site->bootApp();
+        } catch (Throwable $e) {
+            exit('Error booting Flarum: '.$e->getMessage());
+        }
+    }
 }