more error handling

2021-11-10 19:33:51 +00:00 · 2021-11-10 19:33:51 +00:00 · 58db685b29
commit 58db685b29
parent 4c4b26f098
7 changed files with 27 additions and 16 deletions
--- a/core/exceptions.php
+++ b/core/exceptions.php
@ -1,8 +1,6 @@
 <?php declare(strict_types=1);

 /**
- * Class SCoreException
- *
 * A base exception to be caught by the upper levels.
 */
 class SCoreException extends RuntimeException
@ -34,8 +32,6 @@ class InstallerException extends RuntimeException
 }

 /**
- * Class PermissionDeniedException
- *
 * A fairly common, generic exception.
 */
 class PermissionDeniedException extends SCoreException
@ -43,16 +39,19 @@ class PermissionDeniedException extends SCoreException
 }

 /**
- * Class ImageDoesNotExist
- *
 * This exception is used when an Image cannot be found by ID.
- *
- * Example: Image::by_id(-1) returns null
 */
 class ImageDoesNotExist extends SCoreException
 {
 }

+/**
+ * This exception is used when a User cannot be found by some criteria.
+ */
+class UserDoesNotExist extends SCoreException
+{
+}
+
 /*
 * For validate_input()
 */
--- a/core/imageboard/image.php
+++ b/core/imageboard/image.php
@ -119,7 +119,7 @@ class Image

        if (SPEED_HAX) {
            if (!$user->can(Permissions::BIG_SEARCH) and count($tags) > 3) {
-                throw new SCoreException("Anonymous users may only search for up to 3 tags at a time");
+                throw new PermissionDeniedException("Anonymous users may only search for up to 3 tags at a time");
            }
        }

--- a/core/user.php
+++ b/core/user.php
@ -97,7 +97,7 @@ class User
    {
        $u = User::by_name($name);
        if (is_null($u)) {
-            throw new ScoreException("Can't find any user named $name");
+            throw new UserDoesNotExist("Can't find any user named $name");
        } else {
            return $u->id;
        }
--- a/core/util.php
+++ b/core/util.php
@ -616,7 +616,7 @@ function _fatal_error(Exception $e): void
        print("Version: $version (on $phpver)\n");
    } else {
        $q = $query ? "" : "<p><b>Query:</b> " . html_escape($query);
-        error_log("Shimmie Error: $message // $query // {$e->getTraceAsString()}");
+        error_log("Shimmie Error: $message (Query: $query)\n{$e->getTraceAsString()}");
        header("HTTP/1.0 500 Internal Error");
        echo '
 <!doctype html>
--- a/ext/index/main.php
+++ b/ext/index/main.php
@ -91,8 +91,12 @@ class Index extends Extension
                if (!$images) {
                    $images = Image::find_images(($page_number-1)*$page_size, $page_size, $search_terms);
                }
+            } catch (PermissionDeniedException $pde) {
+                $this->theme->display_error(403, "Permission denied", $pde->error);
+                $total_pages = 0;
+                $images = [];
            } catch (SearchTermParseException $stpe) {
-                // FIXME: display the error somewhere
+                $this->theme->display_error(400, "Malformed search query", $stpe->error);
                $total_pages = 0;
                $images = [];
            }
--- a/ext/rss_images/main.php
+++ b/ext/rss_images/main.php
@ -27,8 +27,12 @@ class RSSImages extends Extension
            if (SPEED_HAX && $page_number > 9) {
                return;
            }
-            $images = Image::find_images(($page_number-1)*$page_size, $page_size, $search_terms);
-            $this->do_rss($images, $search_terms, $page_number);
+            try {
+                $images = Image::find_images(($page_number-1)*$page_size, $page_size, $search_terms);
+                $this->do_rss($images, $search_terms, $page_number);
+            } catch (PermissionDeniedException $pde) {
+                $this->theme->display_error(403, "Permission denied", $pde->error);
+            }
        }
    }

--- a/ext/user/main.php
+++ b/ext/user/main.php
@ -385,8 +385,12 @@ class UserPage extends Extension

        $matches = [];
        if (preg_match(self::USER_SEARCH_REGEX, $event->term, $matches)) {
-            $user_id = User::name_to_id($matches[2]);
-            $event->add_querylet(new Querylet("images.owner_id ${matches[1]}= $user_id"));
+            try {
+                $user_id = User::name_to_id($matches[2]);
+                $event->add_querylet(new Querylet("images.owner_id ${matches[1]}= $user_id"));
+            } catch (UserDoesNotExist $e) {
+                $event->add_querylet(new Querylet("1=0"));
+            }
        } elseif (preg_match(self::USER_ID_SEARCH_REGEX, $event->term, $matches)) {
            $user_id = int_escape($matches[2]);
            $event->add_querylet(new Querylet("images.owner_id ${matches[1]}= $user_id"));