diff options
| author | Florian Pritz <bluewind@xinu.at> | 2020-04-19 13:47:34 +0200 |
|---|---|---|
| committer | Florian Pritz <bluewind@xinu.at> | 2020-04-19 13:55:45 +0200 |
| commit | ac934ca94370f5204319f88eef0a7747fe7e133a (patch) | |
| tree | aadc36591663cb706f4b208491b3ceed5e6abc55 | |
| parent | ddf6734dfeac65babf096a3147338f54d712b6e3 (diff) | |
Reclassify various exceptions as UserInputException
These are errors that a user can correct themselves so we should
classify them accordingly. That way they get the correct HTTP status
code and they also get ignored by the logging code.
Signed-off-by: Florian Pritz <bluewind@xinu.at>
| -rw-r--r-- | NEWS | 1 | ||||
| -rw-r--r-- | application/controllers/Api.php | 12 | ||||
| -rw-r--r-- | application/controllers/User.php | 10 | ||||
| -rw-r--r-- | application/controllers/api/v2/file.php | 2 | ||||
| -rw-r--r-- | application/models/Muser.php | 6 |
5 files changed, 16 insertions, 15 deletions
@@ -2,6 +2,7 @@ This file lists major, incompatible or otherwise important changes, you should l NEXT - Log PublicApiException to error log + - Reclassify various user input exceptions 3.4.3 2019-12-07 - PHP 7.4 compatibility fixes diff --git a/application/controllers/Api.php b/application/controllers/Api.php index 1fa49cb46..4f32ad427 100644 --- a/application/controllers/Api.php +++ b/application/controllers/Api.php @@ -24,7 +24,7 @@ class Api extends MY_Controller { $function = $this->uri->segment(4); if (!preg_match("/^v([0-9]+)(.[0-9]+){0,2}$/", $requested_version)) { - throw new \exceptions\PublicApiException("api/invalid-version", "Invalid API version requested"); + throw new \exceptions\UserInputException("api/invalid-version", "Invalid API version requested"); } $requested_version = substr($requested_version, 1); @@ -32,11 +32,11 @@ class Api extends MY_Controller { $major = intval(explode(".", $requested_version)[0]); if (!preg_match("/^[a-zA-Z-_]+$/", $controller)) { - throw new \exceptions\PublicApiException("api/invalid-endpoint", "Invalid endpoint requested"); + throw new \exceptions\UserInputException("api/invalid-endpoint", "Invalid endpoint requested"); } if (!preg_match("/^[a-zA-Z-_]+$/", $function)) { - throw new \exceptions\PublicApiException("api/invalid-endpoint", "Invalid endpoint requested"); + throw new \exceptions\UserInputException("api/invalid-endpoint", "Invalid endpoint requested"); } $namespace = "controllers\\api\\v".$major; @@ -44,16 +44,16 @@ class Api extends MY_Controller { $class_info = $namespace."\\api_info"; if (!class_exists($class_info) || version_compare($class_info::get_version(), $requested_version, "<")) { - throw new \exceptions\PublicApiException("api/version-not-supported", "Requested API version is not supported"); + throw new \exceptions\UserInputException("api/version-not-supported", "Requested API version is not supported"); } if (!class_exists($class)) { - throw new \exceptions\PublicApiException("api/unknown-endpoint", "Unknown endpoint requested"); + throw new \exceptions\UserInputException("api/unknown-endpoint", "Unknown endpoint requested"); } $c= new $class; if (!method_exists($c, $function)) { - throw new \exceptions\PublicApiException("api/unknown-endpoint", "Unknown endpoint requested"); + throw new \exceptions\UserInputException("api/unknown-endpoint", "Unknown endpoint requested"); } return $this->send_json_reply($c->$function()); } catch (\exceptions\PublicApiException $e) { diff --git a/application/controllers/User.php b/application/controllers/User.php index c98784d50..00d348240 100644 --- a/application/controllers/User.php +++ b/application/controllers/User.php @@ -326,7 +326,7 @@ class User extends MY_Controller { $username = $this->input->post("username"); if (!$this->muser->username_exists($username)) { - throw new \exceptions\PublicApiException("user/reset_password/invalid-username", "Invalid username"); + throw new \exceptions\UserInputException("user/reset_password/invalid-username", "Invalid username"); } $userinfo = $this->db->select('id, email, username') @@ -485,18 +485,18 @@ class User extends MY_Controller { $values = explode("-", $value); if (!is_array($values) || count($values) != 2) { - throw new \exceptions\PublicApiException("user/profile/invalid-upload-id-limit", "Invalid upload id limit value"); + throw new \exceptions\UserInputException("user/profile/invalid-upload-id-limit", "Invalid upload id limit value"); } $lower = intval($values[0]); $upper = intval($values[1]); if ($lower > $upper) { - throw new \exceptions\PublicApiException("user/profile/lower-bigger-than-upper", "lower limit > upper limit"); + throw new \exceptions\UserInputException("user/profile/lower-bigger-than-upper", "lower limit > upper limit"); } if ($lower < 3 || $upper > 64) { - throw new \exceptions\PublicApiException("user/profile/limit-out-of-bounds", "upper or lower limit out of bounds (3-64)"); + throw new \exceptions\UserInputException("user/profile/limit-out-of-bounds", "upper or lower limit out of bounds (3-64)"); } return $lower."-".$upper; @@ -512,7 +512,7 @@ class User extends MY_Controller { } if (!$this->muser->valid_email($value)) { - throw new \exceptions\PublicApiException("user/profile/invalid-email", "Invalid email"); + throw new \exceptions\UserInputException("user/profile/invalid-email", "Invalid email"); } $this->load->library("email"); diff --git a/application/controllers/api/v2/file.php b/application/controllers/api/v2/file.php index 3d4103f1c..6da0d8155 100644 --- a/application/controllers/api/v2/file.php +++ b/application/controllers/api/v2/file.php @@ -24,7 +24,7 @@ class file extends \controllers\api\api_controller { $files = getNormalizedFILES(); if (empty($files)) { - throw new \exceptions\PublicApiException("file/no-file", "No file was uploaded or unknown error occurred."); + throw new \exceptions\UserInputException("file/no-file", "No file was uploaded or unknown error occurred."); } \service\files::verify_uploaded_files($files); diff --git a/application/models/Muser.php b/application/models/Muser.php index ef260f47b..521d1c989 100644 --- a/application/models/Muser.php +++ b/application/models/Muser.php @@ -162,15 +162,15 @@ class Muser extends CI_Model { public function add_user($username, $password, $email, $referrer) { if (!$this->valid_username($username)) { - throw new \exceptions\PublicApiException("user/invalid-username", "Invalid username (only up to 32 chars of a-z0-9 are allowed)"); + throw new \exceptions\UserInputException("user/invalid-username", "Invalid username (only up to 32 chars of a-z0-9 are allowed)"); } else { if ($this->muser->username_exists($username)) { - throw new \exceptions\PublicApiException("user/username-already-exists", "Username already exists"); + throw new \exceptions\UserInputException("user/username-already-exists", "Username already exists"); } } if (!$this->valid_email($email)) { - throw new \exceptions\PublicApiException("user/invalid-email", "Invalid email"); + throw new \exceptions\UserInputException("user/invalid-email", "Invalid email"); } $this->db->set(array( |