mirror of
https://github.com/EGroupware/egroupware.git
synced 2024-10-05 01:32:29 +02:00
Improved exception handling:
- exceptions get now always logged to the error_log - in the webgui it's now configurable, if the message contains a stacktrace (incl. function arguments) - default no (security) - command line interfaces get detected and contain no html anymore - webdav and groupdav send the exceptions as basic auth realms to the client - webdav and groupdav login failures contain the reason as part of the basic auth realm
This commit is contained in:
parent
80324c6c63
commit
fa73ad5339
@ -43,14 +43,12 @@ $GLOBALS['egw_info'] = array(
|
||||
'currentapp' => 'admin',
|
||||
'noheader' => true,
|
||||
'autocreate_session_callback' => 'user_pass_from_argv',
|
||||
'no_exception_handler' => 'cli',
|
||||
)
|
||||
);
|
||||
|
||||
include('../header.inc.php');
|
||||
|
||||
// set our own exception handler, to not get the html from eGW's default one
|
||||
set_exception_handler('admin_cli_exception_handler');
|
||||
|
||||
switch($action)
|
||||
{
|
||||
case '--edit-user':
|
||||
@ -359,18 +357,6 @@ function do_change_account_id($args)
|
||||
run_command(new admin_cmd_change_account_id($ids2change));
|
||||
}
|
||||
|
||||
/**
|
||||
* Exit the script with a numeric exit code and an error-message, does NOT return
|
||||
*
|
||||
* @param int $exit_code
|
||||
* @param string $message
|
||||
*/
|
||||
function admin_cli_exception_handler(Exception $e)
|
||||
{
|
||||
echo $e->getMessage()."\n";
|
||||
exit($e->getCode());
|
||||
}
|
||||
|
||||
/**
|
||||
* List all exit codes used by the command line interface
|
||||
*
|
||||
|
@ -232,6 +232,7 @@ error: %1 not found or other error !!! admin de Fehler: %1 nicht gefunden oder a
|
||||
expires admin de abgelaufen
|
||||
explanation of ldapman admin de Dieses Modul ist derzeit nur für folgende Konfiguration getestet: Postfix, LDAP, Courier-Imap, Procmail und erfordert die Schemas: core und qmail(OID 7914). Weitere Konfigurationshinweise sind im README.ldapman im DOC Verzeichnis des Moduls ADMIN zu finden.
|
||||
fallback (after each pageview) admin de Ausweichmöglichkeit (nach jedem Seitenaufbau)
|
||||
false admin de Falsch
|
||||
field '%1' already exists !!! admin de Feld '%1' existiert bereits !!!
|
||||
file space admin de Dateiraum
|
||||
file space must be an integer admin de Speicherplatz muss eine Zahl sein
|
||||
@ -398,6 +399,7 @@ server type(mode) admin de Server-Typ (Modus)
|
||||
server url admin de Server-URL
|
||||
server username admin de Server-Benutzername
|
||||
set preference values. admin de Einstellungswert wurde geändert
|
||||
should exceptions contain a trace (including function arguments) admin de Sollen Ausnahmefehler eine Rückverfolgung enthalten (einschl. Funktionsargumente)
|
||||
should the login page include a language selectbox (useful for demo-sites) ? admin de Soll die Anmeldeseite eine Sprachauswahl beinhalten (nützlich für Demosites) ?
|
||||
show 'powered by' logo on admin de Zeige "powered by" Logo
|
||||
show access log admin de Zugangsprotokoll anzeigen
|
||||
@ -450,6 +452,7 @@ times admin de Zeiten
|
||||
top admin de oben
|
||||
total of %1 id's changed. admin de Die Gesamtanzahl von %1 Ids wurde geändert.
|
||||
total records admin de Anzahl Datensätze insgesamt
|
||||
true admin de Wahr
|
||||
trust level admin de Grad des Vertrauens
|
||||
trust relationship admin de Vertrauensverhältnis
|
||||
type '%1' already exists !!! admin de Typ '%1' existiert bereits !!!
|
||||
|
@ -397,6 +397,7 @@ server type(mode) admin en Server Type(mode)
|
||||
server url admin en Server URL
|
||||
server username admin en Server Username
|
||||
set preference values. admin en Set preference values.
|
||||
should exceptions contain a trace (including function arguments) admin en Should exceptions contain a trace (including function arguments)
|
||||
should the login page include a language selectbox (useful for demo-sites) ? admin en Should the login page include a language selectbox (useful for demo-sites) ?
|
||||
show 'powered by' logo on admin en Show 'powered by' logo on
|
||||
show access log admin en Show access log
|
||||
|
@ -273,6 +273,16 @@
|
||||
<td>{lang_Allow_remote_administration_from_following_install_ID's_(comma_separated)}:<br />{lang_Own_install_ID:_}{value_install_id}</td>
|
||||
<td><input name="newsettings[allow_remote_admin]" value="{value_allow_remote_admin}" size="40"></td>
|
||||
</tr>
|
||||
<tr class="row_on">
|
||||
<td>{lang_Should_exceptions_contain_a_trace_(including_function_arguments)}:</td>
|
||||
<td>
|
||||
<select name="newsettings[exception_show_trace]">
|
||||
<option value="">{lang_No} - {lang_more_secure}</option>
|
||||
<option value="True"{selected_exception_show_trace_True}>{lang_Yes}</option>
|
||||
</select>
|
||||
</td>
|
||||
</tr>
|
||||
</tr>
|
||||
|
||||
<!-- END body -->
|
||||
|
||||
|
12
groupdav.php
12
groupdav.php
@ -13,6 +13,8 @@
|
||||
* @version $Id$
|
||||
*/
|
||||
|
||||
$starttime = microtime(true);
|
||||
|
||||
/**
|
||||
* check if the given user has access
|
||||
*
|
||||
@ -41,9 +43,11 @@ function check_access(&$account)
|
||||
}
|
||||
//error_log("GroupDAV PHP_AUTH_USER={$_SERVER['PHP_AUTH_USER']}, HTTP_USER_AGENT={$_SERVER['HTTP_USER_AGENT']} --> no_session=".(int)$no_session);
|
||||
|
||||
if (!($sessionid = $GLOBALS['egw']->session->create($account,'','',$no_session)))
|
||||
if (!isset($_SERVER['PHP_AUTH_USER']) || !($sessionid = $GLOBALS['egw']->session->create($account,'','',$no_session)))
|
||||
{
|
||||
header('WWW-Authenticate: Basic realm="'.groupdav::REALM.'"');
|
||||
header('WWW-Authenticate: Basic realm="'.groupdav::REALM.
|
||||
// if the session class gives a reason why the login failed --> append it to the REALM
|
||||
($GLOBALS['egw']->session->reason ? ': '.$GLOBALS['egw']->session->reason : '').'"');
|
||||
header('HTTP/1.1 401 Unauthorized');
|
||||
header('X-WebDAV-Status: 401 Unauthorized', true);
|
||||
exit;
|
||||
@ -55,9 +59,13 @@ $GLOBALS['egw_info']['flags'] = array(
|
||||
'noheader' => True,
|
||||
'currentapp' => 'groupdav',
|
||||
'autocreate_session_callback' => 'check_access',
|
||||
'no_exception_handler' => 'basic_auth', // we use a basic auth exception handler (sends exception message as basic auth realm)
|
||||
);
|
||||
// if you move this file somewhere else, you need to adapt the path to the header!
|
||||
include(dirname(__FILE__).'/header.inc.php');
|
||||
|
||||
$headertime = microtime(true);
|
||||
|
||||
$groupdav = new groupdav();
|
||||
$groupdav->ServeRequest();
|
||||
//error_log(sprintf("GroupDAV %s request took %5.3f s (header include took %5.3f s)",$_SERVER['REQUEST_METHOD'],microtime(true)-$starttime,$headertime-$starttime));
|
||||
|
@ -1404,10 +1404,29 @@ function egw_exception_handler(Exception $e)
|
||||
{
|
||||
$headline = try_lang('An error happend');
|
||||
}
|
||||
$message = '<h3>'.$headline."</h3>\n".
|
||||
'<pre><b>'.$e->getMessage()."</b>\n\n".
|
||||
$e->getTraceAsString()."</pre>\n";
|
||||
// logging all exceptions to the error_log
|
||||
error_log($headline.': '.$e->getMessage());
|
||||
foreach(explode("\n",$e->getTraceAsString()) as $line) error_log($line);
|
||||
|
||||
// exception handler for cli (command line interface) clients, no html
|
||||
if(!isset($_SERVER['HTTP_HOST']) || $GLOBALS['egw_info']['flags']['no_exception_handler'] == 'cli')
|
||||
{
|
||||
echo $headline.': '.$e->getMessage()."\n";
|
||||
echo $e->getTraceAsString()."\n";
|
||||
exit($e->getCode() ? $e->getCode() : 9999); // allways give a non-zero exit code
|
||||
}
|
||||
// regular GUI exception
|
||||
elseif (!isset($GLOBALS['egw_info']['flags']['no_exception_handler']))
|
||||
{
|
||||
$message = '<h3>'.$headline."</h3>\n".
|
||||
'<pre><b>'.$e->getMessage()."</b>\n\n";
|
||||
|
||||
// only show trace (incl. function arguments) if explicitly enabled, eg. on a development system
|
||||
if ($GLOBALS['egw_info']['server']['exception_show_trace'])
|
||||
{
|
||||
$message .= $e->getTraceAsString();
|
||||
}
|
||||
$message .= "</pre>\n";
|
||||
if (is_object($GLOBALS['egw']) && isset($GLOBALS['egw']->session) && method_exists($GLOBALS['egw'],'link'))
|
||||
{
|
||||
$message .= '<p><a href="'.$GLOBALS['egw']->link('/index.php').'">'.try_lang('Click here to resume your eGroupWare Session.').'</a></p>';
|
||||
@ -1420,6 +1439,14 @@ function egw_exception_handler(Exception $e)
|
||||
{
|
||||
echo "<html>\n<head>\n<title>$headline</title>\n</head>\n<body>\n$message\n</body>\n</html>\n";
|
||||
}
|
||||
}
|
||||
// exception handler sending message back to the client as basic auth message
|
||||
elseif($GLOBALS['egw_info']['flags']['no_exception_handler'] == 'basic_auth')
|
||||
{
|
||||
header('WWW-Authenticate: Basic realm="'.$headline.' '.$e->getMessage().'"');
|
||||
header('HTTP/1.1 401 Unauthorized');
|
||||
header('X-WebDAV-Status: 401 Unauthorized', true);
|
||||
}
|
||||
if (is_object($GLOBALS['egw']) && isset($GLOBALS['egw']->common))
|
||||
{
|
||||
$GLOBALS['egw']->common->egw_exit();
|
||||
@ -1427,7 +1454,7 @@ function egw_exception_handler(Exception $e)
|
||||
exit;
|
||||
}
|
||||
|
||||
if (!isset($GLOBALS['egw_info']['flags']['no_exception_handler']) || !$GLOBALS['egw_info']['flags']['no_exception_handler'])
|
||||
if (!isset($GLOBALS['egw_info']['flags']['no_exception_handler']) || $GLOBALS['egw_info']['flags']['no_exception_handler'] !== true)
|
||||
{
|
||||
set_exception_handler('egw_exception_handler');
|
||||
}
|
||||
|
@ -41,27 +41,11 @@ $GLOBALS['egw_info'] = array(
|
||||
'flags' => array(
|
||||
'currentapp' => 'home',
|
||||
'noapi' => true,
|
||||
'no_exception_handler' => 'cli',
|
||||
));
|
||||
include('inc/functions.inc.php');
|
||||
$GLOBALS['egw_setup']->translation->no_translation_marker = '';
|
||||
$GLOBALS['egw_setup']->system_charset = $charset;
|
||||
|
||||
/**
|
||||
* Echo the exception message and exit the script with a numeric code, does NOT return
|
||||
*
|
||||
* @param Exception $e
|
||||
*/
|
||||
function cli_exception_handler(Exception $e)
|
||||
{
|
||||
echo $e->getMessage()."\n";
|
||||
// if ($e instanceof egw_exception_assertion_failed && !($e instanceof egw_exception_wrong_userinput))
|
||||
{
|
||||
echo $e->getTraceAsString()."\n";
|
||||
}
|
||||
exit($e->getCode() ? $e->getCode() : 9999); // always give a non-zero exist status
|
||||
}
|
||||
set_exception_handler('cli_exception_handler');
|
||||
|
||||
if ((float) PHP_VERSION < $GLOBALS['egw_setup']->required_php_version)
|
||||
{
|
||||
fail(98,lang('You are using PHP version %1. eGroupWare now requires %2 or later, recommended is PHP %3.',PHP_VERSION,$GLOBALS['egw_setup']->required_php_version,$GLOBALS['egw_setup']->recommended_php_version));
|
||||
|
12
webdav.php
12
webdav.php
@ -13,6 +13,8 @@
|
||||
* @version $Id$
|
||||
*/
|
||||
|
||||
$starttime = microtime(true);
|
||||
|
||||
/**
|
||||
* check if the given user has access
|
||||
*
|
||||
@ -28,9 +30,11 @@ function check_access(&$account)
|
||||
'passwd' => $_SERVER['PHP_AUTH_PW'],
|
||||
'passwd_type' => 'text',
|
||||
);
|
||||
if (!($sessionid = $GLOBALS['egw']->session->create($account)))
|
||||
if (!isset($_SERVER['PHP_AUTH_USER']) || !($sessionid = $GLOBALS['egw']->session->create($account)))
|
||||
{
|
||||
header('WWW-Authenticate: Basic realm="'.vfs_webdav_server::REALM.'"');
|
||||
header('WWW-Authenticate: Basic realm="'.vfs_webdav_server::REALM.
|
||||
// if the session class gives a reason why the login failed --> append it to the REALM
|
||||
($GLOBALS['egw']->session->reason ? ': '.$GLOBALS['egw']->session->reason : '').'"');
|
||||
header("HTTP/1.1 401 Unauthorized");
|
||||
header("X-WebDAV-Status: 401 Unauthorized", true);
|
||||
exit;
|
||||
@ -48,10 +52,14 @@ $GLOBALS['egw_info'] = array(
|
||||
'noheader' => True,
|
||||
'currentapp' => $app,
|
||||
'autocreate_session_callback' => 'check_access',
|
||||
'no_exception_handler' => 'basic_auth', // we use a basic auth exception handler (sends exception message as basic auth realm)
|
||||
)
|
||||
);
|
||||
// if you move this file somewhere else, you need to adapt the path to the header!
|
||||
include(dirname(__FILE__).'/header.inc.php');
|
||||
|
||||
$headertime = microtime(true);
|
||||
|
||||
$webdav_server = new vfs_webdav_server();
|
||||
$webdav_server->ServeRequest();
|
||||
//error_log(sprintf("GroupDAV %s request took %5.3f s (header include took %5.3f s)",$_SERVER['REQUEST_METHOD'],microtime(true)-$starttime,$headertime-$starttime));
|
||||
|
Loading…
Reference in New Issue
Block a user