]> git.openstreetmap.org Git - nominatim.git/blobdiff - lib/init-website.php
setup: escape arguments when executing shell commands (psql, createdb)
[nominatim.git] / lib / init-website.php
index 9d66a9ac122aaf5b97d8f54c2dcb994481eb0237..23c15ba81b3b3dc0253c0d26fc88cc2a282b8dc8 100644 (file)
 <?php
-       require_once('init.php');
-       require_once('ParameterParser.php');
+
+require_once('init.php');
+require_once('ParameterParser.php');
+require_once(CONST_Debug ? 'DebugHtml.php' : 'DebugNone.php');
 
 /***************************************************************************
  *
  * Error handling functions
  *
  */
-       function chksql($oSql, $sMsg = "Database request failed")
-       {
-               if (!PEAR::isError($oSql)) return $oSql;
-
-               header('HTTP/1.0 500 Internal Server Error');
-               header('Content-type: text/html; charset=utf-8');
-
-               $sSqlError = $oSql->getMessage();
-
-               echo <<<INTERNALFAIL
-       <html>
-         <head><title>Internal Server Error</title></head>
-         <body>
-               <h1>Internal Server Error</h1>
-               <p>Nominatim has encountered an internal error while accessing the database.
-                  This may happen because the database is broken or because of a bug in
-                  the software. If you think it is a bug, feel free to report
-                  it over on <a href="https://github.com/twain47/Nominatim/issues">
-                  Github</a>. Please include the URL that caused the problem and the
-                  complete error details below.</p>
-               <p><b>Message:</b> $sMsg</p>
-               <p><b>SQL Error:</b> $sSqlError</p>
-               <p><b>Details:</b> <pre>
-INTERNALFAIL;
-
-               if (CONST_Debug)
-               {
-                       var_dump($oSql);
-               }
-               else
-               {
-                       echo "<pre>\n".$oSql->getUserInfo()."</pre>";
-               }
-
-               echo "</pre></p></body></html>";
-               exit;
-       }
-
-       function failInternalError($sError, $sSQL = false, $vDumpVar = false)
-       {
-               header('HTTP/1.0 500 Internal Server Error');
-               header('Content-type: text/html; charset=utf-8');
-               echo "<html><body><h1>Internal Server Error</h1>";
-               echo '<p>Nominatim has encountered an internal error while processing your request. This is most likely because of a bug in the software.</p>';
-               echo "<p><b>Details:</b> ".$sError,"</p>";
-               echo '<p>Feel free to file an issue on <a href="https://github.com/twain47/Nominatim/issues">Github</a>. Please include the error message above and the URL you used.</p>';
-               if (CONST_Debug)
-               {
-                       echo "<hr><h2>Debugging Information</h2><br>";
-                       if ($sSQL)
-                       {
-                               echo "<h3>SQL query</h3><code>".$sSQL."</code>";
-                       }
-                       if ($vDumpVar)
-                       {
-                               echo "<h3>Result</h3> <code>";
-                               var_dump($vDumpVar);
-                               echo "</code>";
-                       }
-               }
-               echo "\n</body></html>\n";
-               exit;
-       }
-
-
-       function userError($sError)
-       {
-               header('HTTP/1.0 400 Bad Request');
-               header('Content-type: text/html; charset=utf-8');
-               echo "<html><body><h1>Bad Request</h1>";
-               echo '<p>Nominatim has encountered an error with your request.</p>';
-               echo "<p><b>Details:</b> ".$sError."</p>";
-               echo '<p>If you feel this error is incorrect feel file an issue on <a href="https://github.com/twain47/Nominatim/issues">Github</a>. Please include the error message above and the URL you used.</p>';
-               echo "\n</body></html>\n";
-               exit;
-       }
+
+function userError($sMsg)
+{
+    throw new Exception($sMsg, 400);
+}
+
+
+function exception_handler_html($exception)
+{
+    http_response_code($exception->getCode());
+    header('Content-type: text/html; charset=UTF-8');
+    include(CONST_BasePath.'/lib/template/error-html.php');
+    exit();
+}
+
+function exception_handler_json($exception)
+{
+    http_response_code($exception->getCode());
+    header('Content-type: application/json; charset=utf-8');
+    include(CONST_BasePath.'/lib/template/error-json.php');
+    exit();
+}
+
+function exception_handler_xml($exception)
+{
+    http_response_code($exception->getCode());
+    header('Content-type: text/xml; charset=utf-8');
+    echo '<?xml version="1.0" encoding="UTF-8" ?>'."\n";
+    include(CONST_BasePath.'/lib/template/error-xml.php');
+    exit();
+}
+
+function shutdown_exception_handler_html()
+{
+    $error = error_get_last();
+    if ($error !== null && $error['type'] === E_ERROR) {
+        exception_handler_html(new Exception($error['message'], 500));
+    }
+}
+
+function shutdown_exception_handler_xml()
+{
+    $error = error_get_last();
+    if ($error !== null && $error['type'] === E_ERROR) {
+        exception_handler_xml(new Exception($error['message'], 500));
+    }
+}
+
+function shutdown_exception_handler_json()
+{
+    $error = error_get_last();
+    if ($error !== null && $error['type'] === E_ERROR) {
+        exception_handler_json(new Exception($error['message'], 500));
+    }
+}
+
+
+function set_exception_handler_by_format($sFormat = null)
+{
+    // Multiple calls to register_shutdown_function will cause multiple callbacks
+    // to be executed, we only want the last executed. Thus we don't want to register
+    // one by default without an explicit $sFormat set.
+
+    if (!isset($sFormat)) {
+        set_exception_handler('exception_handler_html');
+    } elseif ($sFormat == 'html') {
+        set_exception_handler('exception_handler_html');
+        register_shutdown_function('shutdown_exception_handler_html');
+    } elseif ($sFormat == 'xml') {
+        set_exception_handler('exception_handler_xml');
+        register_shutdown_function('shutdown_exception_handler_xml');
+    } else {
+        set_exception_handler('exception_handler_json');
+        register_shutdown_function('shutdown_exception_handler_json');
+    }
+}
+// set a default
+set_exception_handler_by_format();
 
 
 /***************************************************************************
  * HTTP Reply header setup
  */
 
-       if (CONST_NoAccessControl)
-       {
-               header("Access-Control-Allow-Origin: *");
-               header("Access-Control-Allow-Methods: OPTIONS,GET");
-               if (!empty($_SERVER['HTTP_ACCESS_CONTROL_REQUEST_HEADERS']))
-               {
-                       header("Access-Control-Allow-Headers: ".$_SERVER['HTTP_ACCESS_CONTROL_REQUEST_HEADERS']);
-               }
-       }
-       if ($_SERVER['REQUEST_METHOD'] == 'OPTIONS') exit;
-
-       if (CONST_Debug) header('Content-type: text/html; charset=utf-8');
+if (CONST_NoAccessControl) {
+    header('Access-Control-Allow-Origin: *');
+    header('Access-Control-Allow-Methods: OPTIONS,GET');
+    if (!empty($_SERVER['HTTP_ACCESS_CONTROL_REQUEST_HEADERS'])) {
+        header('Access-Control-Allow-Headers: '.$_SERVER['HTTP_ACCESS_CONTROL_REQUEST_HEADERS']);
+    }
+}
+if (isset($_SERVER['REQUEST_METHOD']) && $_SERVER['REQUEST_METHOD'] == 'OPTIONS') exit;
 
+if (CONST_Debug) header('Content-type: text/html; charset=utf-8');