Hide message for DBUnexpectedError exceptions

DBUnexpectedErrors are now treated like most other exceptions; we now
hide the error messages (which could contain sensitive information
such as IP addresses) unless $wgShowExceptionDetails is true.

In that case, the messages (and redacted backtraces) would be shown
even if $wgShowDBErrorBacktrace is false, though hiding them would
add complexity to the exception handler for little benefit.

Bug: 26811
Change-Id: I063c241975ce5b12a04abc21821ac67c716b3d5e

diff --git a/RELEASE-NOTES-1.23 b/RELEASE-NOTES-1.23
index 382b54f..8d967f5 100644 (file)
--- a/RELEASE-NOTES-1.23
+++ b/RELEASE-NOTES-1.23
@@ -151,6 +151,9 @@ production.
   message instead of leading the user to make a null edit.
 * (bug 52659) mediawiki.notification: Notification area remained visible when
   empty and thus was stealing pointer events from links on the page.
+* (bug 26811) When a DBUnexpectedError occurs, DB server hostnames are now
+  hidden unless $wgShowExceptionDetails is true, and $wgShowDBErrorBacktrace
+  no longer applies in such cases.
 
 === Web API changes in 1.23 ===
 * (bug 54884) action=parse&prop=categories now indicates hidden and missing

diff --git a/includes/AutoLoader.php b/includes/AutoLoader.php
index 3e3805b..87dc95d 100644 (file)
--- a/includes/AutoLoader.php
+++ b/includes/AutoLoader.php
@@ -449,6 +449,7 @@ $wgAutoloadLocalClasses = array(
        'DBConnectionError' => 'includes/db/DatabaseError.php',
        'DBConnRef' => 'includes/db/LoadBalancer.php',
        'DBError' => 'includes/db/DatabaseError.php',
+       'DBExpectedError' => 'includes/db/DatabaseError.php',
        'DBObject' => 'includes/db/DatabaseUtility.php',
        'IDatabase'  => 'includes/db/Database.php',
        'IORMRow' => 'includes/db/IORMRow.php',

diff --git a/includes/DefaultSettings.php b/includes/DefaultSettings.php
index 4ad2188..734c27e 100644 (file)
--- a/includes/DefaultSettings.php
+++ b/includes/DefaultSettings.php
@@ -5015,6 +5015,11 @@ $wgShowExceptionDetails = false;
 
 /**
  * If true, show a backtrace for database errors
+ *
+ * @note This setting only applies when connection errors and query errors are
+ * reported in the normal manner. $wgShowExceptionDetails applies in other cases,
+ * including those in which an uncaught exception is thrown from within the
+ * exception handler.
  */
 $wgShowDBErrorBacktrace = false;
 

diff --git a/includes/db/DatabaseError.php b/includes/db/DatabaseError.php
index b4c7365..377aca1 100644 (file)
--- a/includes/db/DatabaseError.php
+++ b/includes/db/DatabaseError.php
@@ -38,7 +38,16 @@ class DBError extends MWException {
                $this->db = $db;
                parent::__construct( $error );
        }
+}
 
+/**
+ * Base class for the more common types of database errors. These are known to occur
+ * frequently, so we try to give friendly error messages for them.
+ *
+ * @ingroup Database
+ * @since 1.23
+ */
+class DBExpectedError extends DBError {
        /**
         * @return string
         */
@@ -80,14 +89,14 @@ class DBError extends MWException {
         * @return string
         */
        protected function getHTMLContent() {
-               return '<p>' . nl2br( htmlspecialchars( $this->getMessage() ) ) . '</p>';
+               return '<p>' . nl2br( htmlspecialchars( $this->getTextContent() ) ) . '</p>';
        }
 }
 
 /**
  * @ingroup Database
  */
-class DBConnectionError extends DBError {
+class DBConnectionError extends DBExpectedError {
        /** @var string Error text */
        public $error;
 
@@ -313,7 +322,7 @@ EOT;
 /**
  * @ingroup Database
  */
-class DBQueryError extends DBError {
+class DBQueryError extends DBExpectedError {
        public $error, $errno, $sql, $fname;
 
        /**