/
error_api.php
399 lines (339 loc) · 11.9 KB
/
error_api.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
<?php
# Mantis - a php based bugtracking system
# Mantis is free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation, either version 2 of the License, or
# (at your option) any later version.
#
# Mantis is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with Mantis. If not, see <http://www.gnu.org/licenses/>.
/**
* @package CoreAPI
* @subpackage ErrorAPI
* @copyright Copyright (C) 2000 - 2002 Kenzaburo Ito - kenito@300baud.org
* @copyright Copyright (C) 2002 - 2009 Mantis Team - mantisbt-dev@lists.sourceforge.net
* @link http://www.mantisbt.org
*/
# Error API
# set up error_handler() as the new default error handling function
set_error_handler( 'error_handler' );
# ########################################
# SECURITY NOTE: these globals are initialized here to prevent them
# being spoofed if register_globals is turned on
#
$g_error_parameters = array();
$g_error_handled = false;
$g_error_proceed_url = null;
# Default error handler
#
# This handler will not receive E_ERROR, E_PARSE, E_CORE_*, or E_COMPILE_*
# errors.
#
# E_USER_* are triggered by us and will contain an error constant in $p_error
# The others, being system errors, will come with a string in $p_error
#
# @access private
# @param int p_type contains the level of the error raised, as an integer.
# @param string p_error contains the error message, as a string.
# @param string p_file contains the filename that the error was raised in, as a string.
# @param int p_line contains the line number the error was raised at, as an integer.
# @param array p_context to the active symbol table at the point the error occurred (optional)
# @uses lang_api.php
# @uses config_api.php
# @uses compress_api.php
# @uses database_api.php (optional)
# @uses html_api.php (optional)
function error_handler( $p_type, $p_error, $p_file, $p_line, $p_context ) {
global $g_error_parameters, $g_error_handled, $g_error_proceed_url;
global $g_lang_overrides;
global $g_error_send_page_header;
# check if errors were disabled with @ somewhere in this call chain
if( 0 == error_reporting() ) {
return;
}
$t_lang_pushed = false;
$t_db_connected = false;
if( function_exists( 'db_is_connected' ) ) {
if( db_is_connected() ) {
$t_db_connected = true;
}
}
$t_html_api = false;
if( function_exists( 'html_end' ) ) {
$t_html_api = true;
}
# flush any language overrides to return to user's natural default
if( $t_db_connected ) {
lang_push( lang_get_default() );
$t_lang_pushed = true;
}
$t_short_file = basename( $p_file );
$t_method_array = config_get_global( 'display_errors' );
if( isset( $t_method_array[$p_type] ) ) {
$t_method = $t_method_array[$p_type];
} else {
if( isset( $t_method_array[E_ALL] ) ) {
$t_method = $t_method_array[E_ALL];
} else {
$t_method = 'none';
}
}
# build an appropriate error string
switch( $p_type ) {
case E_WARNING:
$t_error_type = 'SYSTEM WARNING';
$t_error_description = $p_error;
break;
case E_NOTICE:
$t_error_type = 'SYSTEM NOTICE';
$t_error_description = $p_error;
break;
case E_USER_ERROR:
$t_error_type = "APPLICATION ERROR #$p_error";
$t_error_description = error_string( $p_error );
break;
case E_USER_WARNING:
$t_error_type = "APPLICATION WARNING #$p_error";
$t_error_description = error_string( $p_error );
break;
case E_USER_NOTICE:
# used for debugging
$t_error_type = 'DEBUG';
$t_error_description = $p_error;
break;
default:
# shouldn't happen, just display the error just in case
$t_error_type = '';
$t_error_description = $p_error;
}
$t_error_description = nl2br( $t_error_description );
switch( $t_method ) {
case 'halt':
$t_oblen = ob_get_length();
if( error_handled() && $t_oblen > 0 ) {
$t_old_contents = ob_get_contents();
}
# We need to ensure compression is off - otherwise the compression headers are output.
compress_disable();
# then clean the buffer, leaving output buffering on.
if( $t_oblen > 0 ) {
ob_clean();
}
# don't send the page header information if it has already been sent
if( $g_error_send_page_header || $g_error_send_page_header == null ) {
if( $t_html_api ) {
html_page_top1();
if( $p_error != ERROR_DB_QUERY_FAILED && $t_db_connected == true ) {
html_page_top2();
} else {
html_page_top2a();
}
} else {
echo '<html><head><title>', $t_error_type, '</title></head><body>';
}
}
echo '<br /><div align="center"><table class="width50" cellspacing="1">';
echo '<tr><td class="form-title">', $t_error_type, '</td></tr>';
echo '<tr><td><p class="center" style="color:red">', $t_error_description, '</p></td></tr>';
echo '<tr><td><p class="center">';
if( null === $g_error_proceed_url ) {
echo lang_get( 'error_no_proceed' );
} else {
echo '<a href="', $g_error_proceed_url, '">', lang_get( 'proceed' ), '</a>';
}
echo '</p></td></tr>';
if( ON == config_get_global( 'show_detailed_errors' ) ) {
echo '<tr><td>';
error_print_details( $p_file, $p_line, $p_context );
echo '</td></tr>';
echo '<tr><td>';
error_print_stack_trace();
echo '</td></tr>';
}
echo '</table></div>';
if( isset( $t_old_contents ) ) {
echo '<p>Previous non-fatal errors occurred. Page contents follow.</p>';
echo '<div style="border: solid 1px black;padding: 4px">';
echo $t_old_contents;
echo '</div>';
}
if( $t_html_api ) {
if( $p_error != ERROR_DB_QUERY_FAILED && $t_db_connected == true ) {
html_page_bottom1();
} else {
html_body_end();
html_end();
}
} else {
echo '</body></html>', "\n";
}
exit();
case 'inline':
echo '<p style="color:red">', $t_error_type, ': ', $t_error_description, '</p>';
$g_error_handled = true;
break;
default:
# do nothing - note we treat this as we've not handled an error, so any redirects go through.
}
if( $t_lang_pushed ) {
lang_pop();
}
$g_error_parameters = array();
$g_error_proceed_url = null;
}
# Print out the error details including context
function error_print_details( $p_file, $p_line, $p_context ) {
?>
<center>
<table class="width75">
<tr>
<td>Full path: <?php echo htmlentities( $p_file, ENT_COMPAT, lang_get( 'charset' ) );?></td>
</tr>
<tr>
<td>Line: <?php echo $p_line?></td>
</tr>
<tr>
<td>
<?php error_print_context( $p_context )?>
</td>
</tr>
</table>
</center>
<?php
}
# Print out the variable context given
function error_print_context( $p_context ) {
if( !is_array( $p_context ) ) {
return;
}
echo '<table class="width100"><tr><th>Variable</th><th>Value</th><th>Type</th></tr>';
# print normal variables
foreach( $p_context as $t_var => $t_val ) {
if( !is_array( $t_val ) && !is_object( $t_val ) ) {
$t_type = gettype( $t_val );
$t_val = htmlentities( (string) $t_val, ENT_COMPAT, lang_get( 'charset' ) );
# Mask Passwords
if( strpos( $t_var, 'password' ) !== false ) {
$t_val = '**********';
}
echo '<tr><td>', $t_var, '</td><td>', $t_val, '</td><td>', $t_type, '</td></tr>', "\n";
}
}
# print arrays
foreach( $p_context as $t_var => $t_val ) {
if( is_array( $t_val ) && ( $t_var != 'GLOBALS' ) ) {
echo '<tr><td colspan="3" align="left"><br /><strong>', $t_var, '</strong></td></tr>';
echo '<tr><td colspan="3">';
error_print_context( $t_val );
echo '</td></tr>';
}
}
echo '</table>';
}
# Print out a stack trace
function error_print_stack_trace() {
echo '<center><table class="width75">';
echo '<tr><th>Filename</th><th>Line</th><th></th><th></th><th>Function</th><th>Args</th></tr>';
$t_stack = debug_backtrace();
array_shift( $t_stack );
# remove the call to this function from the stack trace
array_shift( $t_stack );
# remove the call to the error handler from the stack trace
foreach( $t_stack as $t_frame ) {
echo '<tr ', error_alternate_class(), '>';
echo '<td>', ( isset( $t_frame['file'] ) ? htmlentities( $t_frame['file'], ENT_COMPAT, lang_get( 'charset' ) ) : '-' ), '</td><td>', ( isset( $t_frame['line'] ) ? $t_frame['line'] : '-' ), '</td><td>', ( isset( $t_frame['class'] ) ? $t_frame['class'] : '-' ), '</td><td>', ( isset( $t_frame['type'] ) ? $t_frame['type'] : '-' ), '</td><td>', ( isset( $t_frame['function'] ) ? $t_frame['function'] : '-' ), '</td>';
$t_args = array();
if( isset( $t_frame['args'] ) && !empty( $t_frame['args'] ) ) {
foreach( $t_frame['args'] as $t_value ) {
$t_args[] = error_build_parameter_string( $t_value );
}
echo '<td>( ', htmlentities( implode( $t_args, ', ' ), ENT_COMPAT, lang_get( 'charset' ) ), ' )</td></tr>';
} else {
echo '<td>-</td></tr>';
}
}
echo '</table></center>';
}
# Build a string describing the parameters to a function
function error_build_parameter_string( $p_param, $p_showtype = true, $p_depth = 0 ) {
if( $p_depth++ > 10 ) {
return '<b>***Nesting Level Too Deep***</b>';
}
if( is_array( $p_param ) ) {
$t_results = array();
foreach( $p_param as $t_key => $t_value ) {
$t_results[] = '[' . error_build_parameter_string( $t_key, false, $p_depth ) . ']' . ' => ' . error_build_parameter_string( $t_value, false, $p_depth );
}
return '<Array> { ' . implode( $t_results, ', ' ) . ' }';
}
elseif( is_object( $p_param ) ) {
$t_results = array();
$t_class_name = get_class( $p_param );
$t_inst_vars = get_object_vars( $p_param );
foreach( $t_inst_vars as $t_name => $t_value ) {
$t_results[] = "[$t_name]" . ' => ' . error_build_parameter_string( $t_value, false, $p_depth );
}
return '<Object><' . $t_class_name . '> ( ' . implode( $t_results, ', ' ) . ' )';
} else {
if( $p_showtype ) {
return '<' . gettype( $p_param ) . '>' . var_export( $p_param, true );
} else {
return var_export( $p_param, true );
}
}
}
# Return an error string (in the current language) for the given error.
# @access public
function error_string( $p_error ) {
global $g_error_parameters;
$MANTIS_ERROR = lang_get( 'MANTIS_ERROR' );
# We pad the parameter array to make sure that we don't get errors if
# the caller didn't give enough parameters for the error string
$t_padding = array_pad( array(), 10, '' );
$t_error = $MANTIS_ERROR[$p_error];
# ripped from string_api
$t_string = call_user_func_array( 'sprintf', array_merge( array( $t_error ), $g_error_parameters, $t_padding ) );
return preg_replace( "/&(#[0-9]+|[a-z]+);/i", "&$1;", @htmlspecialchars( $t_string, ENT_COMPAT, lang_get( 'charset' ) ) );
}
# Check if we have handled an error during this page
# Return true if an error has been handled, false otherwise
function error_handled() {
global $g_error_handled;
return( true == $g_error_handled );
}
# Set additional info parameters to be used when displaying the next error
# This function takes a variable number of parameters
#
# When writing internationalized error strings, note that you can change the
# order of parameters in the string. See the PHP manual page for the
# sprintf() function for more details.
# @access public
function error_parameters() {
global $g_error_parameters;
$g_error_parameters = func_get_args();
}
# Set a url to give to the user to proceed after viewing the error
# @access public
# @param string p_url url given to user after viewing the error
# @return null
function error_proceed_url( $p_url ) {
global $g_error_proceed_url;
$g_error_proceed_url = $p_url;
}
# Simple version of helper_alternate_class for use by error api only.
# @access private
# @return string representing css class
# @usedby error_print_stack_trace
function error_alternate_class() {
static $t_errindex = 1;
if( 1 == $t_errindex++ % 2 ) {
return 'class="row-1"';
} else {
return 'class="row-2"';
}
}