[SECURITY] XSS in exception handler
[Packages/TYPO3.CMS.git] / t3lib / error / class.t3lib_error_productionexceptionhandler.php
1 <?php
2 /***************************************************************
3 * Copyright notice
4 *
5 * (c) 2009-2011 Ingo Renner <ingo@typo3.org>
6 * All rights reserved
7 *
8 * This script is part of the TYPO3 project. The TYPO3 project is
9 * free software; you can redistribute it and/or modify
10 * it under the terms of the GNU General Public License as published by
11 * the Free Software Foundation; either version 2 of the License, or
12 * (at your option) any later version.
13 *
14 * The GNU General Public License can be found at
15 * http://www.gnu.org/copyleft/gpl.html.
16 *
17 * This script is distributed in the hope that it will be useful,
18 * but WITHOUT ANY WARRANTY; without even the implied warranty of
19 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
20 * GNU General Public License for more details.
21 *
22 * This copyright notice MUST APPEAR in all copies of the script!
23 ***************************************************************/
24
25
26 /**
27 * A quite exception handler which catches but ignores any exception.
28 *
29 * This file is a backport from FLOW3
30 *
31 * @package TYPO3
32 * @subpackage t3lib_error
33 * @version $Id$
34 */
35 class t3lib_error_ProductionExceptionHandler extends t3lib_error_AbstractExceptionHandler {
36
37 /**
38 * Constructs this exception handler - registers itself as the default exception handler.
39 *
40 * @author Robert Lemke <robert@typo3.org>
41 */
42 public function __construct() {
43 set_exception_handler(array($this, 'handleException'));
44 }
45
46 /**
47 * Echoes an exception for the web.
48 *
49 * @param Exception $exception The exception
50 * @return void
51 */
52 public function echoExceptionWeb(Exception $exception) {
53 if (!headers_sent()) {
54 header("HTTP/1.1 500 Internal Server Error");
55 }
56 $this->writeLogEntries($exception, self::CONTEXT_WEB);
57 // we use a nice-looking title for our visitors instead of the exception's class name
58 $messageObj = t3lib_div::makeInstance('t3lib_message_ErrorPageMessage', htmlspecialchars($exception->getMessage()), 'Oops, an error occured!');
59 $messageObj->output();
60 }
61
62 /**
63 * Echoes an exception for the command line.
64 *
65 * @param Exception $exception The exception
66 * @return void
67 */
68 public function echoExceptionCLI(Exception $exception) {
69 $this->writeLogEntries($exception, self::CONTEXT_CLI);
70 exit(1);
71 }
72 }
73
74 if (defined('TYPO3_MODE') && isset($GLOBALS['TYPO3_CONF_VARS'][TYPO3_MODE]['XCLASS']['t3lib/error/class.t3lib_error_productionexceptionhandler.php'])) {
75 include_once($GLOBALS['TYPO3_CONF_VARS'][TYPO3_MODE]['XCLASS']['t3lib/error/class.t3lib_error_productionexceptionhandler.php']);
76 }
77
78 ?>