|
1
|
<?php
|
|
2
|
/**
|
|
3
|
* @category WebsiteBaker
|
|
4
|
* @package WebsiteBaker_core
|
|
5
|
* @author Werner v.d.Decken
|
|
6
|
* @copyright WebsiteBaker.org e.V.
|
|
7
|
* @link http://websitebaker2.org
|
|
8
|
* @license http://www.gnu.org/licenses/gpl.html
|
|
9
|
* @version $Id: class.order.php 1487 2011-08-10 13:20:15Z DarkViper $
|
|
10
|
* @filesource $HeadURL: http://svn.websitebaker2.org/branches/2.8.x/wb/framework/class.order.php $
|
|
11
|
*
|
|
12
|
* Global exception-handler
|
|
13
|
* This module will activate a global exception handler to catch all thrown exceptions
|
|
14
|
*
|
|
15
|
*/
|
|
16
|
/**
|
|
17
|
* define several default exceptions directly to prevent from extra loading requests
|
|
18
|
*/
|
|
19
|
/**
|
|
20
|
*
|
|
21
|
*/
|
|
22
|
class AppException extends Exception{
|
|
23
|
public function __toString() {
|
|
24
|
$file = str_replace(dirname(dirname(__FILE__)), '', $this->getFile());
|
|
25
|
if(DEBUG) {
|
|
26
|
$trace = $this->getTrace();
|
|
27
|
$result = 'Exception: "'.$this->getMessage().'" @ ';
|
|
28
|
if($trace[0]['class'] != '') {
|
|
29
|
$result .= $trace[0]['class'].'->';
|
|
30
|
}
|
|
31
|
$result .= $trace[0]['function'].'(); in'.$file.'<br />'."\n";
|
|
32
|
if(mysql_errno()) {
|
|
33
|
$result .= mysql_errno().': '.mysql_error().'<br />'."\n";
|
|
34
|
}
|
|
35
|
}else {
|
|
36
|
$result = 'Exception: "'.$this->getMessage().'" in ['.$file.']<br />'."\n";
|
|
37
|
}
|
|
38
|
return $result;
|
|
39
|
}
|
|
40
|
}
|
|
41
|
/**
|
|
42
|
* define Exception to show error after accessing a forbidden file
|
|
43
|
*/
|
|
44
|
class IllegalFileException extends LogicException {
|
|
45
|
public function __toString() {
|
|
46
|
$file = str_replace(dirname(dirname(__FILE__)), '', $this->getFile());
|
|
47
|
$out = '<div style="color: #ff0000; text-align: center;"><br />';
|
|
48
|
$out .= '<br /><br /><h1>Illegale file access</h1>';
|
|
49
|
$out .= '<h2>'.$file.'</h2></div>';
|
|
50
|
return $out;
|
|
51
|
}
|
|
52
|
} // end of class
|
|
53
|
|
|
54
|
/* -- several security exceptions ----------------------------------------------------- */
|
|
55
|
class SecurityException extends RuntimeException { }
|
|
56
|
|
|
57
|
class SecDirectoryTraversalException extends SecurityException {
|
|
58
|
public function __toString() {
|
|
59
|
return 'possible directory traversal attack';
|
|
60
|
}
|
|
61
|
}
|
|
62
|
/* ------------------------------------------------------------------------------------ */
|
|
63
|
/**
|
|
64
|
*
|
|
65
|
* @param Exception $e
|
|
66
|
*/
|
|
67
|
function globalExceptionHandler($e) {
|
|
68
|
// hide server internals from filename where the exception was thrown
|
|
69
|
$file = str_replace(dirname(dirname(__FILE__)), '', $e->getFile());
|
|
70
|
// select some exceptions for special handling
|
|
71
|
if ($e instanceof SecurityException) {
|
|
72
|
$out = 'Exception: "'.(string)$e.'" @ ';
|
|
73
|
$trace = $e->getTrace();
|
|
74
|
if($trace[0]['class'] != '') {
|
|
75
|
$out .= $trace[0]['class'].'->';
|
|
76
|
}
|
|
77
|
$out .= $trace[0]['function'].'();<br />';
|
|
78
|
$out .= 'in "'.$file.'"'."\n";
|
|
79
|
echo $out;
|
|
80
|
}elseif ($e instanceof IllegalFileException) {
|
|
81
|
$sResponse = $_SERVER['SERVER_PROTOCOL'].' 403 Forbidden';
|
|
82
|
header($sResponse);
|
|
83
|
echo $e;
|
|
84
|
}elseif($e instanceof RuntimeException) {
|
|
85
|
$out = 'There was a serious runtime error:'."\n";
|
|
86
|
$out .= $e->getMessage()."\n";
|
|
87
|
$out .= 'in line ('.$e->getLine().') of ('.$file.')'."\n";
|
|
88
|
echo $out;
|
|
89
|
}else {
|
|
90
|
// default exception handling
|
|
91
|
$out = 'There was an unknown exception:'."\n";
|
|
92
|
$out .= $e->getMessage()."\n";
|
|
93
|
$out .= 'in line ('.$e->getLine().') of ('.$file.')'."\n";
|
|
94
|
echo $out;
|
|
95
|
}
|
|
96
|
}
|
|
97
|
/**
|
|
98
|
* now activate the new defined handler
|
|
99
|
*/
|
|
100
|
set_exception_handler('globalExceptionHandler');
|