diff options
-rw-r--r-- | application/controllers/file.php | 22 | ||||
-rw-r--r-- | application/controllers/tools.php | 4 | ||||
-rw-r--r-- | application/controllers/user.php | 10 | ||||
-rw-r--r-- | application/core/MY_Controller.php | 7 | ||||
-rw-r--r-- | application/exceptions/NotFoundException.php | 14 | ||||
-rw-r--r-- | application/exceptions/RequestTooBigException.php | 14 | ||||
-rw-r--r-- | application/libraries/Ddownload/drivers/Ddownload_lighttpd.php | 2 | ||||
-rw-r--r-- | application/libraries/Ddownload/drivers/Ddownload_nginx.php | 2 | ||||
-rw-r--r-- | application/libraries/Duser/Duser.php | 2 | ||||
-rw-r--r-- | application/libraries/Duser/drivers/Duser_db.php | 2 | ||||
-rw-r--r-- | application/libraries/Duser/drivers/Duser_ldap.php | 2 | ||||
-rw-r--r-- | application/libraries/Image.php | 4 | ||||
-rw-r--r-- | application/migrations/012_add_constraints.php | 2 | ||||
-rw-r--r-- | application/migrations/013_add_multipaste.php | 2 | ||||
-rw-r--r-- | application/models/mfile.php | 2 | ||||
-rw-r--r-- | application/models/mmultipaste.php | 2 | ||||
-rw-r--r-- | application/models/muser.php | 6 | ||||
-rw-r--r-- | index.php | 2 |
18 files changed, 66 insertions, 35 deletions
diff --git a/application/controllers/file.php b/application/controllers/file.php index c60831cba..538155c55 100644 --- a/application/controllers/file.php +++ b/application/controllers/file.php @@ -108,7 +108,7 @@ class File extends MY_Controller { default: if ($is_multipaste) { - show_error("Invalid action \"".htmlspecialchars($lexer)."\""); + throw new \exceptions\UserInputException("file/download/invalid-action", "Invalid action \"".htmlspecialchars($lexer)."\""); } break; } @@ -384,7 +384,7 @@ class File extends MY_Controller { } if ($total_size > $this->config->item("tarball_max_size")) { - show_error("Tarball too large, refusing to create."); + throw new \exceptions\PublicApiException("file/tarball/tarball-filesize-limit", "Tarball too large, refusing to create."); } $tmpfile = $archive->begin(); @@ -554,7 +554,7 @@ class File extends MY_Controller { $filedata = $this->mfile->get_filedata($id); if (!$filedata) { - show_error("Failed to get file data"); + throw new \exceptions\ApiException("file/thumbnail/filedata-unavailable", "Failed to get file data"); } $cache_key = $filedata['hash'].'_thumb_'.$thumb_size; @@ -566,7 +566,7 @@ class File extends MY_Controller { $thumb = $img->get(IMAGETYPE_JPEG); if ($thumb === false) { - show_error("Failed to generate thumbnail"); + throw new \exceptions\PublicApiException("file/thumbnail/generation-failed", "Failed to generate thumbnail"); } return $thumb; @@ -713,7 +713,7 @@ class File extends MY_Controller { $this->muser->require_access("apikey"); if (!is_cli_client()) { - show_error("Not a listed cli client, please use the history to delete uploads.\n", 403); + throw new \exceptions\InsufficientPermissionsException("file/delete/unlisted-client", "Not a listed cli client, please use the history to delete uploads"); } $id = $this->uri->segment(3); @@ -735,7 +735,9 @@ class File extends MY_Controller { } } - show_error("Unknown ID '$id'.", 404); + throw new \exceptions\NotFoundException("file/delete/unknown-id", "Unknown ID '$id'.", array( + "id" => $id, + )); } // Handle pastes @@ -754,11 +756,11 @@ class File extends MY_Controller { $filename = "stdin"; if (!$content) { - show_error("Nothing was pasted, content is empty.", 400); + throw new \exceptions\UserInputException("file/do_paste/empty-input", "Nothing was pasted, content is empty."); } if ($filesize > $this->config->item('upload_max_size')) { - show_error("Error while uploading: File too big", 413); + throw new \exceptions\RequestTooBigException("file/do_paste/request-too-big", "Error while uploading: File too big"); } // FIXME: this duplicates service\files::add_file (kind of) @@ -840,7 +842,7 @@ class File extends MY_Controller { $last_upload = $this->session->userdata("last_upload"); if ($last_upload === false) { - show_error("Failed to get last upload data"); + throw new \exceptions\PublicApiException("file/claim_id/last_upload-failed", "Failed to get last upload data, unable to claim uploads"); } $ids = $last_upload["ids"]; @@ -859,7 +861,7 @@ class File extends MY_Controller { } if (!empty($errors)) { - show_error("Someone already owns '".implode(", ", $errors)."', can't reassign."); + throw new \exceptions\PublicApiException("file/claim_id/already-owned", "Someone already owns '".implode(", ", $errors)."', can't reassign."); } $this->session->unset_userdata("last_upload"); diff --git a/application/controllers/tools.php b/application/controllers/tools.php index b80dc5024..8c0785409 100644 --- a/application/controllers/tools.php +++ b/application/controllers/tools.php @@ -15,7 +15,7 @@ class Tools extends MY_Controller { $this->load->model('mfile'); if (!$this->input->is_cli_request()) { - show_error("This can only be called via CLI"); + throw new \exceptions\ApiException("api/cli-only", "This can only be called via CLI"); } } @@ -39,7 +39,7 @@ class Tools extends MY_Controller { { $this->load->library('migration'); if ( ! $this->migration->current()) { - show_error($this->migration->error_string()); + throw new \exceptions\ApiException("tools/update_database/migration-error", $this->migration->error_string()); } } } diff --git a/application/controllers/user.php b/application/controllers/user.php index aba2a8ec1..5b4e85141 100644 --- a/application/controllers/user.php +++ b/application/controllers/user.php @@ -136,7 +136,7 @@ class User extends MY_Controller { ->count_all_results(); if ($invitations + 1 > 3) { - show_error("You can't create more invitation keys at this time."); + throw new \exceptions\PublicApiException("user/invitation-limit", "You can't create more invitation keys at this time."); } $key = random_alphanum(12, 16); @@ -277,7 +277,7 @@ class User extends MY_Controller { $username = $this->input->post("username"); if (!$this->muser->username_exists($username)) { - show_error("Invalid username"); + throw new \exceptions\PublicApiException("user/reset_password/invalid-username", "Invalid username"); } $userinfo = $this->db->select('id, email, username') @@ -388,18 +388,18 @@ class User extends MY_Controller { $values = explode("-", $value); if (!is_array($values) || count($values) != 2) { - show_error("Invalid upload id limit value"); + throw new \exceptions\PublicApiException("user/profile/invalid-upload-id-limit", "Invalid upload id limit value"); } $lower = intval($values[0]); $upper = intval($values[1]); if ($lower > $upper) { - show_error("lower limit > upper limit"); + throw new \exceptions\PublicApiException("user/profile/lower-bigger-than-upper", "lower limit > upper limit"); } if ($lower < 3 || $upper > 64) { - show_error("upper or lower limit out of bounds (3-64)"); + throw new \exceptions\PublicApiException("user/profile/limit-out-of-bounds", "upper or lower limit out of bounds (3-64)"); } return $lower."-".$upper; diff --git a/application/core/MY_Controller.php b/application/core/MY_Controller.php index 0f71a7fdc..a58d03563 100644 --- a/application/core/MY_Controller.php +++ b/application/core/MY_Controller.php @@ -18,10 +18,12 @@ class MY_Controller extends CI_Controller { $this->var = new StdClass(); $csrf_protection = true; + $this->load->library('customautoloader'); + // check if DB is up to date if (!$this->input->is_cli_request()) { if (!$this->db->table_exists('migrations')){ - show_error("Database not initialized. Can't find migrations table. Please run the migration script. (php index.php tools update_database)"); + throw new \exceptions\PublicApiException("general/db/not-initialized", "Database not initialized. Can't find migrations table. Please run the migration script. (php index.php tools update_database)"); } else { $this->config->load("migration", true); $target_version = $this->config->item("migration_version", "migration"); @@ -31,7 +33,7 @@ class MY_Controller extends CI_Controller { $current_version = $row ? $row->version : 0; if ($current_version != $target_version) { - show_error("Database version is $current_version, we want $target_version. Please run the migration script. (php index.php tools update_database)"); + throw new \exceptions\PublicApiException("general/db/wrong-version", "Database version is $current_version, we want $target_version. Please run the migration script. (php index.php tools update_database)"); } } } @@ -41,7 +43,6 @@ class MY_Controller extends CI_Controller { mb_internal_encoding('UTF-8'); $this->load->helper(array('form', 'filebin')); - $this->load->library('customautoloader'); if ($this->uri->segment(1) == "api") { is_cli_client(true); diff --git a/application/exceptions/NotFoundException.php b/application/exceptions/NotFoundException.php new file mode 100644 index 000000000..c4b9d1537 --- /dev/null +++ b/application/exceptions/NotFoundException.php @@ -0,0 +1,14 @@ +<?php +/* + * Licensed under AGPLv3 + * (see COPYING for full license text) + * + */ +namespace exceptions; + +class NotFoundException extends UserInputException { + public function get_http_error_code() + { + return 404; + } +} diff --git a/application/exceptions/RequestTooBigException.php b/application/exceptions/RequestTooBigException.php new file mode 100644 index 000000000..ae2ab4d22 --- /dev/null +++ b/application/exceptions/RequestTooBigException.php @@ -0,0 +1,14 @@ +<?php +/* + * Licensed under AGPLv3 + * (see COPYING for full license text) + * + */ +namespace exceptions; + +class RequestTooBigException extends UserInputException { + public function get_http_error_code() + { + return 413; + } +} diff --git a/application/libraries/Ddownload/drivers/Ddownload_lighttpd.php b/application/libraries/Ddownload/drivers/Ddownload_lighttpd.php index 780f60838..fbdb04b02 100644 --- a/application/libraries/Ddownload/drivers/Ddownload_lighttpd.php +++ b/application/libraries/Ddownload/drivers/Ddownload_lighttpd.php @@ -15,7 +15,7 @@ class Ddownload_lighttpd extends Ddownload_Driver { $upload_path = $CI->config->item('upload_path'); if (strpos($file, $upload_path) !== 0) { - show_error('Invalid file path'); + throw new \exceptions\ApiException("libraries/ddownload/lighttpd/invalid-file-path", 'Invalid file path'); } header('Content-disposition: inline; filename="'.$filename."\"\n"); diff --git a/application/libraries/Ddownload/drivers/Ddownload_nginx.php b/application/libraries/Ddownload/drivers/Ddownload_nginx.php index 2410df4d4..58c7502a7 100644 --- a/application/libraries/Ddownload/drivers/Ddownload_nginx.php +++ b/application/libraries/Ddownload/drivers/Ddownload_nginx.php @@ -18,7 +18,7 @@ class Ddownload_nginx extends Ddownload_Driver { if (strpos($file, $upload_path) === 0) { $file_path = substr($file, strlen($upload_path)); } else { - show_error('Invalid file path'); + throw new \exceptions\ApiException("libraries/ddownload/nginx/invalid-file-path", 'Invalid file path'); } header('Content-disposition: inline; filename="'.$filename."\"\n"); diff --git a/application/libraries/Duser/Duser.php b/application/libraries/Duser/Duser.php index 07a16190c..bf765d690 100644 --- a/application/libraries/Duser/Duser.php +++ b/application/libraries/Duser/Duser.php @@ -62,7 +62,7 @@ class Duser extends CI_Driver_Library { // require an optional function to be implemented public function require_implemented($function) { if (!$this->is_implemented($function)) { - show_error("" + throw new \exceptions\PublicApiException("libraries/duser/optional-function-not-implemented", "" ."Optional function '".$function."' not implemented in user adapter '".$this->_adapter."'. " ."Requested functionally unavailable."); } diff --git a/application/libraries/Duser/drivers/Duser_db.php b/application/libraries/Duser/drivers/Duser_db.php index 258de1820..157a91395 100644 --- a/application/libraries/Duser/drivers/Duser_db.php +++ b/application/libraries/Duser/drivers/Duser_db.php @@ -67,7 +67,7 @@ class Duser_db extends Duser_Driver { ->get()->row_array(); if (empty($query)) { - show_error("Failed to get email address from db"); + throw new \exceptions\ApiException("libraries/duser/db/get_email-failed", "Failed to get email address from db"); } return $query["email"]; diff --git a/application/libraries/Duser/drivers/Duser_ldap.php b/application/libraries/Duser/drivers/Duser_ldap.php index 1f1581620..b80385fe0 100644 --- a/application/libraries/Duser/drivers/Duser_ldap.php +++ b/application/libraries/Duser/drivers/Duser_ldap.php @@ -37,7 +37,7 @@ class Duser_ldap extends Duser_Driver { $r = ldap_search($ds, $config['basedn'], $config["username_field"].'='.$username); break; default: - show_error("Invalid LDAP scope"); + throw new \exceptions\ApiException("libraries/duser/ldap/invalid-ldap-scope", "Invalid LDAP scope"); } if ($r === false) { return false; diff --git a/application/libraries/Image.php b/application/libraries/Image.php index 32c4717e9..ae7be844e 100644 --- a/application/libraries/Image.php +++ b/application/libraries/Image.php @@ -35,7 +35,7 @@ class Image { { $img = imagecreatefromstring(file_get_contents($file)); if ($img === false) { - show_error("Unsupported image type"); + throw new \exceptions\ApiException("libraries/Image/unsupported-image-type", "Unsupported image type"); } $this->set_img_object($img); $this->fix_alpha(); @@ -94,7 +94,7 @@ class Image { $result = ob_get_clean(); if (!$ret) { - show_error("Failed to create thumbnail"); + throw new \exceptions\ApiException("libraries/Image/thumbnail-creation-failed", "Failed to create thumbnail"); } return $result; diff --git a/application/migrations/012_add_constraints.php b/application/migrations/012_add_constraints.php index 1ed4abf08..f298ceb5f 100644 --- a/application/migrations/012_add_constraints.php +++ b/application/migrations/012_add_constraints.php @@ -29,6 +29,6 @@ class Migration_add_constraints extends CI_Migration { public function down() { - show_error("downgrade not supported"); + throw new \exceptions\ApiException("migration/downgrade-not-supported", "downgrade not supported"); } } diff --git a/application/migrations/013_add_multipaste.php b/application/migrations/013_add_multipaste.php index 96092b4ee..539e9d292 100644 --- a/application/migrations/013_add_multipaste.php +++ b/application/migrations/013_add_multipaste.php @@ -55,6 +55,6 @@ class Migration_add_multipaste extends CI_Migration { public function down() { - show_error("downgrade not supported"); + throw new \exceptions\ApiException("migration/downgrade-not-supported", "downgrade not supported"); } } diff --git a/application/models/mfile.php b/application/models/mfile.php index eee2c4e5b..0ec27a817 100644 --- a/application/models/mfile.php +++ b/application/models/mfile.php @@ -40,7 +40,7 @@ class Mfile extends CI_Model { return $id; } - show_error("Failed to find unused ID after $max_tries tries."); + throw new \exceptions\PublicApiException("file/new_id-try-limit", "Failed to find unused ID after $max_tries tries"); } function id_exists($id) diff --git a/application/models/mmultipaste.php b/application/models/mmultipaste.php index 6cbf6518b..2b0196531 100644 --- a/application/models/mmultipaste.php +++ b/application/models/mmultipaste.php @@ -54,7 +54,7 @@ class Mmultipaste extends CI_Model { return $id; } - show_error("Failed to find unused ID after $max_tries tries."); + throw new \exceptions\PublicApiException("file/new_id-try-limit", "Failed to find unused ID after $max_tries tries"); } public function id_exists($id) diff --git a/application/models/muser.php b/application/models/muser.php index 398253c6a..6f6129ca2 100644 --- a/application/models/muser.php +++ b/application/models/muser.php @@ -83,7 +83,7 @@ class Muser extends CI_Model { if ($this->login($username, $password)) { return true; } else { - show_error("Login failed", 401); + throw new \exceptions\NotAuthenticatedException("user/login-failed", "Login failed"); } } @@ -112,7 +112,7 @@ class Muser extends CI_Model { return true; } - show_error("API key login failed", 401); + throw new \exceptions\NotAuthenticatedException("user/api-login-failed", "API key login failed"); } function logout() @@ -208,7 +208,7 @@ class Muser extends CI_Model { ->get()->row_array(); if (!isset($query["key"]) || $key != $query["key"]) { - show_error("Invalid action key"); + throw new \exceptions\ApiException("user/get_action/invalid-action", "Invalid action key"); } return $query; @@ -309,7 +309,7 @@ try { require_once BASEPATH.'core/CodeIgniter.php'; } catch (\exceptions\NotAuthenticatedException $e) { redirect("user/login"); -} catch (\exceptions\UserInputException $e) { +} catch (\exceptions\PublicApiException $e) { show_error(nl2br(htmlspecialchars($e->__toString())), $e->get_http_error_code()); } |