html_escape all exception messages - pass query out-of-band if we want it formatted
This commit is contained in:
Shish
parent
6486bb95da
commit
c94f289291
4 changed files with 20 additions and 20 deletions
|
|
@ -17,7 +17,7 @@ class Database
|
|||
* @var null|PDO
|
||||
*/
|
||||
private $db = null;
|
||||
|
||||
|
||||
/**
|
||||
* @var float
|
||||
*/
|
||||
|
|
@ -103,29 +103,21 @@ class Database
|
|||
|
||||
public function commit(): bool
|
||||
{
|
||||
if (!is_null($this->db)) {
|
||||
if ($this->transaction === true) {
|
||||
$this->transaction = false;
|
||||
return $this->db->commit();
|
||||
} else {
|
||||
throw new SCoreException("<p><b>Database Transaction Error:</b> Unable to call commit() as there is no transaction currently open.");
|
||||
}
|
||||
if (!is_null($this->db) && $this->transaction === true) {
|
||||
$this->transaction = false;
|
||||
return $this->db->commit();
|
||||
} else {
|
||||
throw new SCoreException("<p><b>Database Transaction Error:</b> Unable to call commit() as there is no connection currently open.");
|
||||
throw new SCoreException("Unable to call commit() as there is no transaction currently open.");
|
||||
}
|
||||
}
|
||||
|
||||
public function rollback(): bool
|
||||
{
|
||||
if (!is_null($this->db)) {
|
||||
if ($this->transaction === true) {
|
||||
$this->transaction = false;
|
||||
return $this->db->rollback();
|
||||
} else {
|
||||
throw new SCoreException("<p><b>Database Transaction Error:</b> Unable to call rollback() as there is no transaction currently open.");
|
||||
}
|
||||
if (!is_null($this->db) && $this->transaction === true) {
|
||||
$this->transaction = false;
|
||||
return $this->db->rollback();
|
||||
} else {
|
||||
throw new SCoreException("<p><b>Database Transaction Error:</b> Unable to call rollback() as there is no connection currently open.");
|
||||
throw new SCoreException("Unable to call rollback() as there is no transaction currently open.");
|
||||
}
|
||||
}
|
||||
|
||||
|
|
@ -213,7 +205,7 @@ class Database
|
|||
}
|
||||
return $stmt;
|
||||
} catch (PDOException $pdoe) {
|
||||
throw new SCoreException($pdoe->getMessage()."<p><b>Query:</b> ".$query);
|
||||
throw new SCoreException($pdoe->getMessage(), $query);
|
||||
}
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -7,6 +7,11 @@
|
|||
*/
|
||||
class SCoreException extends Exception
|
||||
{
|
||||
public function __construct(string $msg, ?string $query=null)
|
||||
{
|
||||
parent::__construct($msg);
|
||||
$this->query = $query;
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
|
|
|
|||
|
|
@ -63,7 +63,7 @@ class UserClass
|
|||
$min_ability = $a;
|
||||
}
|
||||
}
|
||||
throw new SCoreException("Unknown ability '".html_escape($ability)."'. Did the developer mean '".html_escape($min_ability)."'?");
|
||||
throw new SCoreException("Unknown ability '$ability'. Did the developer mean '$min_ability'?");
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -522,6 +522,8 @@ function _fatal_error(Exception $e): void
|
|||
//$hash = exec("git rev-parse HEAD");
|
||||
//$h_hash = $hash ? "<p><b>Hash:</b> $hash" : "";
|
||||
//'.$h_hash.'
|
||||
|
||||
$q = (!isset($e->query) || is_null($e->query)) ? "" : "<p><b>Query:</b> " . html_escape($e->query);
|
||||
|
||||
header("HTTP/1.0 500 Internal Error");
|
||||
echo '
|
||||
|
|
@ -531,7 +533,8 @@ function _fatal_error(Exception $e): void
|
|||
</head>
|
||||
<body>
|
||||
<h1>Internal Error</h1>
|
||||
<p><b>Message:</b> '.$message.'
|
||||
<p><b>Message:</b> '.html_escape($message).'
|
||||
'.$q.'
|
||||
<p><b>Version:</b> '.$version.' (on '.phpversion().')
|
||||
</body>
|
||||
</html>
|
||||
|
|
|
|||
Reference in a new issue