Skip to content
This repository has been archived by the owner on Feb 4, 2021. It is now read-only.

If display_errors is FALSE exception messages are still printed to the screen #168

Merged
merged 9 commits into from
Aug 31, 2015
45 changes: 27 additions & 18 deletions lib/libraries/cms/error/page.php
Original file line number Diff line number Diff line change
@@ -34,10 +34,21 @@ public static function render(Exception $error)
$app = JFactory::getApplication();
$document = JDocument::getInstance('error');

if (!$document)
$code = $error->getCode();
if(!isset(JHttpResponse::$status_messages[$code])) {
$code = '500';
}

if(ini_get('display_errors')) {
$message = $error->getMessage();
} else {
$message = JHttpResponse::$status_messages[$code];
}

// Exit immediatly if we are in a CLI environment
if (PHP_SAPI == 'cli')
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

before the condition was !$document, I'd keep it in addition to PHP_SAPI check. Otherwise this might break in json, xml etc where JDocument returns null.

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@ercanozkaya Agreed.

{
// We're probably in an CLI environment
exit($error->getMessage());
exit($message);
$app->close(0);
}

@@ -46,15 +57,13 @@ public static function render(Exception $error)
// Get the current template from the application
$template = $app->getTemplate();

// Push the error object into the document
$document->setError($error);

if (ob_get_contents())
{
if (ob_get_contents()) {
ob_end_clean();
}

$document->setTitle(JText::_('Error') . ': ' . $error->getCode());
$document->setTitle(JText::_('Error') . ': ' . $code);
$data = $document->render(
false,
array('template' => $template,
@@ -63,22 +72,22 @@ public static function render(Exception $error)
);

// Failsafe to get the error displayed.
if (empty($data))
{
exit($error->getMessage());
}
else
if (!empty($data))
{
// Do not allow cache
$app->allowCache(false);
// Do not allow cache
$app->allowCache(false);

$app->setBody($data);
echo $app->toString();
$app->setBody($data);
echo $app->toString();
}
else
{
exit($message);
}
}
catch (Exception $e)
{
exit('Error displaying the error page: ' . $e->getMessage() . ': ' . $error->getMessage());
{
exit('Error displaying the error page: ' . $e->getMessage() . ': ' . $message);
}
}
}
65 changes: 38 additions & 27 deletions lib/libraries/joomla/document/error/error.php
Original file line number Diff line number Diff line change
@@ -79,35 +79,46 @@ public function setError($error)
public function render($cache = false, $params = array())
{
// If no error object is set return null
if (!isset($this->_error))
if (isset($this->_error))
{
return;
$code = $$this->_error->getCode();
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

typo. double $

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@ercanozkaya Fixed.

if(!isset(JHttpResponse::$status_messages[$code])) {
$code = '500';
}

if(ini_get('display_errors')) {
$message = $this->_error->getMessage();
} else {
$message = JHttpResponse::$status_messages[$code];
}

// Set the status header
JFactory::getApplication()->setHeader('status', $code . ' ' . str_replace("\n", ' ', $message));
$file = 'error.php';

// Check template
$directory = isset($params['directory']) ? $params['directory'] : 'templates';
$template = isset($params['template']) ? JFilterInput::getInstance()->clean($params['template'], 'cmd') : 'system';

if (!file_exists($directory . '/' . $template . '/' . $file))
{
$template = 'system';
}

// Set variables
$this->baseurl = JUri::base(true);
$this->template = $template;
$this->error = $this->_error;
$this->debug = isset($params['debug']) ? $params['debug'] : false;
$this->code = isset($params['code']) ? $params['code'] : $code;
$this->message = isset($params['message']) ? $params['message'] : $message;

// Load
$data = $this->_loadTemplate($directory . '/' . $template, $file);

parent::render();
return $data;
}

// Set the status header
JFactory::getApplication()->setHeader('status', $this->_error->getCode() . ' ' . str_replace("\n", ' ', $this->_error->getMessage()));
$file = 'error.php';

// Check template
$directory = isset($params['directory']) ? $params['directory'] : 'templates';
$template = isset($params['template']) ? JFilterInput::getInstance()->clean($params['template'], 'cmd') : 'system';

if (!file_exists($directory . '/' . $template . '/' . $file))
{
$template = 'system';
}

// Set variables
$this->baseurl = JUri::base(true);
$this->template = $template;
$this->debug = isset($params['debug']) ? $params['debug'] : false;
$this->error = $this->_error;

// Load
$data = $this->_loadTemplate($directory . '/' . $template, $file);

parent::render();
return $data;
}

/**
99 changes: 99 additions & 0 deletions lib/libraries/joomla/http/response.php
Original file line number Diff line number Diff line change
@@ -35,4 +35,103 @@ class JHttpResponse
* @since 11.3
*/
public $body;

// [Successful 2xx]
const OK = 200;
const CREATED = 201;
const ACCEPTED = 202;
const NO_CONTENT = 204;
const RESET_CONTENT = 205;
const PARTIAL_CONTENT = 206;

// [Redirection 3xx]
const MOVED_PERMANENTLY = 301;
const FOUND = 302;
const SEE_OTHER = 303;
const NOT_MODIFIED = 304;
const USE_PROXY = 305;
const TEMPORARY_REDIRECT = 307;

// [Client Error 4xx]
const BAD_REQUEST = 400;
const UNAUTHORIZED = 401;
const FORBIDDEN = 403;
const NOT_FOUND = 404;
const METHOD_NOT_ALLOWED = 405;
const NOT_ACCEPTABLE = 406;
const REQUEST_TIMEOUT = 408;
const CONFLICT = 409;
const GONE = 410;
const LENGTH_REQUIRED = 411;
const PRECONDITION_FAILED = 412;
const REQUEST_ENTITY_TOO_LARGE = 413;
const REQUEST_URI_TOO_LONG = 414;
const UNSUPPORTED_MEDIA_TYPE = 415;
const REQUESTED_RANGE_NOT_SATISFIED = 416;
const EXPECTATION_FAILED = 417;

// [Server Error 5xx]
const INTERNAL_SERVER_ERROR = 500;
const NOT_IMPLEMENTED = 501;
const BAD_GATEWAY = 502;
const SERVICE_UNAVAILABLE = 503;
const GATEWAY_TIMEOUT = 504;
const VERSION_NOT_SUPPORTED = 505;

/**
* Status codes translation table.
*
* The list of codes is complete according to the
* {@link http://www.iana.org/assignments/http-status-codes/ Hypertext Transfer Protocol (HTTP) Status Code Registry}
* (last updated 2012-02-13).
*
* Unless otherwise noted, the status code is defined in RFC2616.
*
* @var array
*/
public static $status_messages = array(

// [Successful 2xx]
200 => 'OK',
201 => 'Created',
202 => 'Accepted',
204 => 'No Content',
205 => 'Reset Content',
206 => 'Partial Content',

// [Redirection 3xx]
300 => 'Multiple Choices',
301 => 'Moved Permanently',
302 => 'Found',
303 => 'See Other',
304 => 'Not Modified',
305 => 'Use Proxy',
307 => 'Temporary Redirect',

// [Client Error 4xx]
400 => 'Bad Request',
401 => 'Unauthorized',
403 => 'Forbidden',
404 => 'Not Found',
405 => 'Method Not Allowed',
406 => 'Not Acceptable',
408 => 'Request Timeout',
409 => 'Conflict',
410 => 'Gone',
411 => 'Length Required',
412 => 'Precondition Failed',
413 => 'Request Entity Too Large',
414 => 'Request-URI Too Long',
415 => 'Unsupported Media Type',
416 => 'Requested Range Not Satisfiable',
417 => 'Expectation Failed',

// [Server Error 5xx]
500 => 'Internal Server Error',
501 => 'Not Implemented',
502 => 'Bad Gateway',
503 => 'Object Unavailable',
504 => 'Gateway Timeout',
505 => 'HTTP Version Not Supported'
);
}
4 changes: 2 additions & 2 deletions web/administrator/templates/isis/error.php
Original file line number Diff line number Diff line change
@@ -63,7 +63,7 @@
<meta http-equiv="content-type" content="text/html; charset=utf-8" />
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<meta http-equiv="X-UA-Compatible" content="IE=edge" />
<title><?php echo $this->title; ?> <?php echo htmlspecialchars($this->error->getMessage(), ENT_QUOTES, 'UTF-8'); ?></title>
<title><?php echo $this->title; ?> <?php echo htmlspecialchars($this->message, ENT_QUOTES, 'UTF-8'); ?></title>
<?php if ($app->get('debug_lang', '0') == '1' || $app->get('debug', '0') == '1') : ?>
<!-- Load additional CSS styles for debug mode-->
<link rel="stylesheet" href="<?php echo JUri::root(); ?>/media/system/css/debug.css" type="text/css" />
@@ -221,7 +221,7 @@
<!-- Begin Content -->
<h1 class="page-header"><?php echo JText::_('JERROR_AN_ERROR_HAS_OCCURRED'); ?></h1>
<blockquote>
<span class="label label-inverse"><?php echo $this->error->getCode(); ?></span> <?php echo htmlspecialchars($this->error->getMessage(), ENT_QUOTES, 'UTF-8');?>
<span class="label label-inverse"><?php echo $this->code; ?></span> <?php echo htmlspecialchars($this->message, ENT_QUOTES, 'UTF-8');?>
</blockquote>
<p><a href="<?php echo $this->baseurl; ?>" class="btn"><i class="icon-dashboard"></i> <?php echo JText::_('JGLOBAL_TPL_CPANEL_LINK_TEXT'); ?></a></p>
<!-- End Content -->
10 changes: 5 additions & 5 deletions web/administrator/templates/system/error.php
Original file line number Diff line number Diff line change
@@ -13,24 +13,24 @@
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="<?php echo $this->language; ?>" lang="<?php echo $this->language; ?>" dir="<?php echo $this->direction; ?>" >
<head>
<meta http-equiv="content-type" content="text/html; charset=utf-8" />
<title><?php echo $this->error->getCode(); ?> - <?php echo htmlspecialchars($this->error->getMessage(), ENT_QUOTES, 'UTF-8'); ?></title>
<title><?php echo $this->error->getCode(); ?> - <?php echo htmlspecialchars($this->message, ENT_QUOTES, 'UTF-8'); ?></title>
<link rel="stylesheet" href="templates/system/css/error.css" type="text/css" />
</head>
<body>
<table width="550" align="center" class="outline">
<tr>
<tr>
<td align="center">
<h1>
<?php echo $this->error->getCode() ?> - <?php echo JText::_('JERROR_AN_ERROR_HAS_OCCURRED') ?>
<?php echo $this->code ?> - <?php echo JText::_('JERROR_AN_ERROR_HAS_OCCURRED') ?>
</h1>
</td>
</tr>
<tr>
<td width="39%" align="center">
<p><?php echo htmlspecialchars($this->error->getMessage(), ENT_QUOTES, 'UTF-8'); ?></p>
<p><?php echo htmlspecialchars($this->message, ENT_QUOTES, 'UTF-8'); ?></p>
<p><a href="index.php"><?php echo JText::_('JGLOBAL_TPL_CPANEL_LINK_TEXT') ?></a></p>
<p>
<?php if ($this->debug) :
<?php if ($this->debug && ini_get('display_errors')) :
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I'd keep it to $this->debug as before since you might want all the information you can get when debug is on. This is also what we do on Koowa no?

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@ercanozkaya No. We only show render the trace if display_errors is on explicitly. Otherwise we don't. This change make the behavior of platform and framework consistent. I would keep it.

See https://github.com/nooku/nooku-framework/blob/master/code/libraries/koowa/components/com_koowa/controller/error.php#L96

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@johanjanssens Okay agreed

echo $this->renderBacktrace();
endif; ?>
</p>