Resources/Documents/core_2_classes_2_error_2_production_exception_handler_8php_source.html

<?php

namespace TYPO3\CMS\Core\Error;


/*

 * This file is part of the TYPO3 CMS project.

 *

 * It is free software; you can redistribute it and/or modify it under

 * the terms of the GNU General Public License, either version 2

 * of the License, or any later version.

 *

 * For the full copyright and license information, please read the

 * LICENSE.txt file that was distributed with this source code.

 *

 * The TYPO3 project - inspiring people to share!

 */


class ProductionExceptionHandler extends AbstractExceptionHandler

{

    protected $defaultTitle = 'Oops, an error occurred!';


    protected $defaultMessage = '';


    public function __construct()

    {

        set_exception_handler(array($this, 'handleException'));

    }


    public function echoExceptionWeb(\Exception $exception)

    {

        $this->sendStatusHeaders($exception);

        $this->writeLogEntries($exception, self::CONTEXT_WEB);

        $messageObj = \TYPO3\CMS\Core\Utility\GeneralUtility::makeInstance(

            \TYPO3\CMS\Core\Messaging\ErrorpageMessage::class,

            $this->getMessage($exception),

            $this->getTitle($exception)

        );

        $messageObj->output();

    }


    public function echoExceptionCLI(\Exception $exception)

    {

        $this->writeLogEntries($exception, self::CONTEXT_CLI);

        die(1);

    }


    protected function discloseExceptionInformation(\Exception $exception)

    {

        // Allow message to be shown in production mode if the exception is about

        // trusted host configuration.  By doing so we do not disclose

        // any valuable information to an attacker but avoid confusions among TYPO3 admins

        // in production context.

        if ($exception->getCode() === 1396795884) {

            return true;

        }

        // Show client error messages 40x in every case

        if ($exception instanceof Http\AbstractClientErrorException) {

            return true;

        }

        // Only show errors in FE, if a BE user is authenticated

        if (TYPO3_MODE === 'FE') {

            return $GLOBALS['TSFE']->beUserLogin;

        }

        return true;

    }


    protected function getTitle(\Exception $exception)

    {

        if ($this->discloseExceptionInformation($exception) && method_exists($exception, 'getTitle') && $exception->getTitle() !== '') {

            return htmlspecialchars($exception->getTitle());

        } else {

            return $this->defaultTitle;

        }

    }


    protected function getMessage(\Exception $exception)

    {

        if ($this->discloseExceptionInformation($exception)) {

            // Exception has an error code given

            if ($exception->getCode() > 0) {

                $moreInformationLink = '<p>More information regarding this error might be available <a href="'

                    . TYPO3_URL_EXCEPTION . $exception->getCode() . '" target="_blank">online</a>.</p>';

            } else {

                $moreInformationLink = '';

            }

            return htmlspecialchars($exception->getMessage()) . $moreInformationLink;

        } else {

            return $this->defaultMessage;

        }

    }

}