From cb52a4cdc2daa45a61c728f5ec83603e6c6a71fa Mon Sep 17 00:00:00 2001
From: Florian Pritz <bluewind@xinu.at>
Date: Tue, 3 Feb 2015 00:23:12 +0100
Subject: Rework error handling in upload validator

Signed-off-by: Florian Pritz <bluewind@xinu.at>
---
 application/controllers/api/v1/file.php            |  5 +----
 application/controllers/file.php                   | 14 +------------
 .../exceptions/FileUploadVerifyException.php       | 23 ++++++++++++++++++++++
 application/exceptions/PublicApiException.php      |  4 ++++
 application/exceptions/UserInputException.php      | 10 ++++++++++
 application/service/files.php                      |  8 +++++---
 application/service/user.php                       |  1 -
 index.php                                          |  6 +++++-
 8 files changed, 49 insertions(+), 22 deletions(-)
 create mode 100644 application/exceptions/FileUploadVerifyException.php
 create mode 100644 application/exceptions/UserInputException.php

diff --git a/application/controllers/api/v1/file.php b/application/controllers/api/v1/file.php
index c291ae879..82060e420 100644
--- a/application/controllers/api/v1/file.php
+++ b/application/controllers/api/v1/file.php
@@ -27,10 +27,7 @@ class file extends \controllers\api\api_controller {
 			throw new \exceptions\PublicApiException("file/no-file", "No file was uploaded or unknown error occured.");
 		}
 
-		$errors = \service\files::verify_uploaded_files($files);
-		if (!empty($errors)) {
-			throw new \exceptions\PublicApiException("file/upload-verify-failed", "Failed to verify uploaded file", $errors);
-		}
+		\service\files::verify_uploaded_files($files);
 
 		$limits = $this->muser->get_upload_id_limits();
 		$urls = array();
diff --git a/application/controllers/file.php b/application/controllers/file.php
index 5fce8afc8..e35978a1e 100644
--- a/application/controllers/file.php
+++ b/application/controllers/file.php
@@ -897,19 +897,7 @@ class File extends MY_Controller {
 
 		$files = getNormalizedFILES();
 
-		if (empty($files)) {
-			show_error("No file was uploaded or unknown error occured.");
-		}
-
-		$errors = service\files::verify_uploaded_files($files);
-		if (!empty($errors)) {
-			$messages = array();
-			foreach ($errors as $error) {
-				$messages[] = htmlspecialchars($error["filename"]).": ".$error["message"];
-			}
-			show_error("Error(s) occured while uploading:<br>".implode("<br>", $messages), 400);
-		}
-
+		service\files::verify_uploaded_files($files);
 		$limits = $this->muser->get_upload_id_limits();
 
 		foreach ($files as $key => $file) {
diff --git a/application/exceptions/FileUploadVerifyException.php b/application/exceptions/FileUploadVerifyException.php
new file mode 100644
index 000000000..d091c1eab
--- /dev/null
+++ b/application/exceptions/FileUploadVerifyException.php
@@ -0,0 +1,23 @@
+<?php
+/*
+ * Licensed under AGPLv3
+ * (see COPYING for full license text)
+ *
+ */
+namespace exceptions;
+
+class FileUploadVerifyException extends UserInputException {
+	public function __toString()
+	{
+		$ret = $this->getMessage()."\n";
+		$data = $this->get_data();
+		$errors = array();
+
+		foreach ($data as $error) {
+			$errors[] = sprintf("%s: %s", $error["filename"], $error["message"]);
+		}
+
+		$ret .= implode("\n", $errors);
+		return $ret;
+	}
+}
diff --git a/application/exceptions/PublicApiException.php b/application/exceptions/PublicApiException.php
index e7aa4360a..d22309478 100644
--- a/application/exceptions/PublicApiException.php
+++ b/application/exceptions/PublicApiException.php
@@ -7,4 +7,8 @@
 namespace exceptions;
 
 class PublicApiException extends ApiException {
+	public function __toString()
+	{
+		return $this->getMessage();
+	}
 }
diff --git a/application/exceptions/UserInputException.php b/application/exceptions/UserInputException.php
new file mode 100644
index 000000000..150d0204b
--- /dev/null
+++ b/application/exceptions/UserInputException.php
@@ -0,0 +1,10 @@
+<?php
+/*
+ * Licensed under AGPLv3
+ * (see COPYING for full license text)
+ *
+ */
+namespace exceptions;
+
+class UserInputException extends PublicApiException {
+}
diff --git a/application/service/files.php b/application/service/files.php
index 8d8b1d01a..c270500ef 100644
--- a/application/service/files.php
+++ b/application/service/files.php
@@ -89,6 +89,10 @@ class files {
 		$CI =& get_instance();
 		$errors = array();
 
+		if (empty($files)) {
+			throw new \exceptions\UserInputException("file/no-file", "No file was uploaded or unknown error occured.");
+		}
+
 		foreach ($files as $key => $file) {
 			$error_message = "";
 
@@ -113,7 +117,6 @@ class files {
 				} else {
 					$error_message = "Unknown error code: ".$file['error'].". Please report a bug.";
 				}
-
 			}
 
 			$filesize = filesize($file['tmp_name']);
@@ -127,9 +130,8 @@ class files {
 					"formfield" => $file["formfield"],
 					"message" => $error_message,
 				);
+				throw new \exceptions\FileUploadVerifyException("file/upload-verify", "Failed to verify uploaded file(s)", $errors);
 			}
 		}
-
-		return $errors;
 	}
 }
diff --git a/application/service/user.php b/application/service/user.php
index 97f2531f9..16fa62272 100644
--- a/application/service/user.php
+++ b/application/service/user.php
@@ -23,7 +23,6 @@ class user {
 	{
 		$CI =& get_instance();
 
-
 		$valid_levels = $CI->muser->get_access_levels();
 		if (array_search($access_level, $valid_levels) === false) {
 			throw new \exceptions\UserInputException("user/validation/access_level/invalid", "Invalid access levels requested.");
diff --git a/index.php b/index.php
index f41ee5fc5..35fb64313 100644
--- a/index.php
+++ b/index.php
@@ -299,7 +299,11 @@ register_shutdown_function("check_for_fatal");
  * And away we go...
  *
  */
-require_once BASEPATH.'core/CodeIgniter.php';
+try {
+	require_once BASEPATH.'core/CodeIgniter.php';
+} catch (\exceptions\UserInputException $e) {
+	show_error(nl2br(htmlspecialchars($e->__toString())), 400);
+}
 
 /* End of file index.php */
 /* Location: ./index.php */
-- 
cgit v1.2.3-24-g4f1b