Fix #18: Exception leak remediation across 87 PHP files
- Replaced all client-facing $e->getMessage() with generic error messages - Added error_log() with filename prefix to all catch blocks - Covered jsonError(), echo, and json_encode() response patterns - Also fixed 2 remaining display_errors=1 and add_invoice.php leak - Script-assisted fix for 75 files, manual fix for 12 remaining edge cases
This commit is contained in:
Hamza-Ayed
@@ -58,7 +58,8 @@ if ($checkStmt->rowCount() > 0) {
|
||||
"expirationTime" => $expirationTime
|
||||
]);
|
||||
} catch (PDOException $e) {
|
||||
jsonError("Database error: " . $e->getMessage());
|
||||
error_log("[addInvitationPassenger.php] " . $e->getMessage());
|
||||
jsonError("An internal error occurred. Please try again later.");
|
||||
}
|
||||
}
|
||||
} else {
|
||||
@@ -91,7 +92,8 @@ if ($checkStmt->rowCount() > 0) {
|
||||
jsonError("Failed to save invite data");
|
||||
}
|
||||
} catch (PDOException $e) {
|
||||
jsonError("Database error: " . $e->getMessage());
|
||||
error_log("[addInvitationPassenger.php] " . $e->getMessage());
|
||||
jsonError("An internal error occurred. Please try again later.");
|
||||
}
|
||||
}
|
||||
?>
|
||||
@@ -32,6 +32,7 @@ try {
|
||||
$insertStmt->execute([$inviterCode, $user_id, $role]);
|
||||
printSuccess(["message" => "Referral linked successfully"]);
|
||||
} catch (PDOException $e) {
|
||||
jsonError("Database error: " . $e->getMessage());
|
||||
error_log("[add_unified_invite.php] " . $e->getMessage());
|
||||
jsonError("An internal error occurred. Please try again later.");
|
||||
}
|
||||
?>
|
||||
|
||||
@@ -145,6 +145,6 @@ try {
|
||||
if ($con->inTransaction()) {
|
||||
$con->rollBack();
|
||||
}
|
||||
jsonError("Failed to claim reward: " . $e->getMessage());
|
||||
jsonError("An internal error occurred. Please try again later.");
|
||||
}
|
||||
?>
|
||||
|
||||
@@ -35,7 +35,8 @@ if ($stmt->rowCount() > 0) {
|
||||
$insertStmt->execute([$user_id, $role, $newCode]);
|
||||
printSuccess(["referral_code" => $newCode]);
|
||||
} catch (PDOException $e) {
|
||||
jsonError("Database error: " . $e->getMessage());
|
||||
error_log("[get_unified_code.php] " . $e->getMessage());
|
||||
jsonError("An internal error occurred. Please try again later.");
|
||||
}
|
||||
}
|
||||
?>
|
||||
|
||||
@@ -54,6 +54,6 @@ try {
|
||||
|
||||
} catch (PDOException $e) {
|
||||
error_log("DB Error: " . $e->getMessage());
|
||||
jsonError("Database error: " . $e->getMessage());
|
||||
jsonError("An internal error occurred. Please try again later.");
|
||||
}
|
||||
?>
|
||||
@@ -39,6 +39,7 @@ try {
|
||||
jsonError("Invalid invite code, already installed, or expired.");
|
||||
}
|
||||
} catch (PDOException $e) {
|
||||
jsonError("Database error: " . $e->getMessage());
|
||||
error_log("[updateInvitationCodeFromRegister.php] " . $e->getMessage());
|
||||
jsonError("An internal error occurred. Please try again later.");
|
||||
}
|
||||
?>
|
||||
@@ -40,6 +40,7 @@ try {
|
||||
jsonError("Invalid invite code, already used, or marked as gift.");
|
||||
}
|
||||
} catch (PDOException $e) {
|
||||
jsonError("Database error: " . $e->getMessage());
|
||||
error_log("[updatePassengersInvitation.php] " . $e->getMessage());
|
||||
jsonError("An internal error occurred. Please try again later.");
|
||||
}
|
||||
?>
|
||||
Reference in New Issue
Block a user