diags.php, suppress API keys in output

[scomx]

Hi Ken,
diags.php is a great check-up and debug tool but I'm not sure if showing API keys in the settings printout is a good idea? While hijacked API keys may not be a major issue (or an issue at all) I still believe these should be treated as sensitive/personal information.

Thanks for your awesome work on CU-HWS.

[ktrue]

I considered suppressing all API keys in addition to the ones that are currently suppressed, but decided against that as a helpful remote debugging aid when problems arise due to lack of data from DarkSky, WU/TWC or metar. Those keys connect to 'free' sources of data, and are easily changed if needed (if someone captures/misuses that key). The suppressed items of password to easyweathersetup.php and user/password to a mySQL database must be hidden to prevent miscreants from assuming control of the website. The diagnostic advantage for the API keys to remain shown outweigh (IMHO) the disadvantages of not having them shown for remote user assistance.

Thanks for you kind words about the CU-HWS .. it's still a work in progress :)