Trying to create an account for this website and it errored with a debug message that shows the mysql database name, username, and password. That seems bad.

@fuzzbomb That's what I call transparency!

Oh...it also exposes the usernames, passwords, and tokens for their SMTP relay, Shopify, and Sendspace accounts. Yikes. I emailed them, let's see if they respond.

@cR0w https://drumart.com

@fuzzbomb uh what? like a SQL injection?

@adisonverlice It looks like just a PHP error? Seems to use a framework called Symfony.

@cR0w Like the more you read the worse it gets.

@cR0w Yeah big yikes if it's a Shopify issue.

@cR0w I just happen to know someone who recently set up a local business and uses the point-and-click no knowledge needed Shopify tools and it doesn't look like this at all.
My guess is this site manually integrated Shopify into their own site with whatever code Shopify provides for that.