protected static function addAlert($type, $key, $message, $severity = 0, $save = false)
{
// If the severity is greater than 0, this alert can be tracked by the system to learn more about it.
// This may be useful for diagnosing potential threats, or seeing where problems are frequently occuring.
if ($severity > 0) {
// Identify where the alert was called: the class, file, file line, etc.
$backtrace = debug_backtrace();
$origin = $backtrace[2];
// Record the information discovered about the alert
self::$debuggingInfo[] = array($message, isset($origin['class']) ? $origin['class'] . $origin['type'] : "", isset($origin['function']) ? $origin['function'] : "", isset($origin['args']) ? $origin['args'] : array(), $origin['file'], $backtrace[1]['line'], $severity, Me::$id);
// If debug mode is verbose, display the alert information directly in the browser
if (Debug::$verbose == 1 and Debug::$adminDisplay == false) {
Debug::$adminDisplay = true;
register_shutdown_function(array('Debug', 'run'));
}
// If Security_ThreatTracker mode is set to logging, log these results in the database for later review
if (Security_ThreatTracker::$trackActivity == true and Security_ThreatTracker::$minSeverity <= $severity) {
// Prepare Values
$function = (isset($origin['class']) ? $origin['class'] . $origin['type'] : "") . (isset($origin['function']) ? $origin['function'] : "");
$params = isset($origin['args']) ? Data_Utilities::convertArrayToArgumentString($origin['args']) : "";
// Log the threat
Security_ThreatTracker::log("activity", $severity, $message, array(), $function, $params, $origin['file'], $backtrace[1]['line']);
}
}
// Now we can load the alert as intended for normal users:
if ($save == false) {
// This alert is a regular alert, and will only load on this page:
switch ($type) {
case "success":
self::$successList[$key] = $message;
break;
case "warning":
self::$warningList[$key] = $message;
break;
case "error":
self::$errorList[$key] = $message;
break;
case "info":
self::$infoList[$key] = $message;
break;
default:
return false;
}
return true;
}
// This is a saved alert, so it will generally load on the next page (unless you don't display alerts there)
// Filter out any invalid alert types
if (!in_array($type, array("success", "warning", "error", "info"))) {
return false;
}
// Prepare the Session Variable
if (!isset($_SESSION[SITE_HANDLE]['alert'])) {
$_SESSION[SITE_HANDLE]['alert'] = array($type => array());
} else {
if (!isset($_SESSION[SITE_HANDLE]['alert'][$type])) {
$_SESSION[SITE_HANDLE]['alert'][$type] = array();
}
}
// Save the Alert into the Session
$_SESSION[SITE_HANDLE]['alert'][$type][$key] = $message;
return true;
}
function customErrorHandler($errorNumber, $errorString, $errorFile, $errorLine)
{
// Prepare Values
$errorType = "Error";
switch ($errorNumber) {
case E_USER_NOTICE:
$errorType = "Notice";
$importance = 0;
break;
case E_USER_WARNING:
$errorType = "Warning";
$importance = 2;
break;
case E_USER_ERROR:
$errorType = "Fatal Error";
$importance = 4;
break;
default:
$errorType = "Unknown Error";
$importance = 8;
break;
}
// Run the Backtrace
$backtrace = debug_backtrace();
if (isset($backtrace[1])) {
// Prepare Backtrace Values
$origin = $backtrace[1];
$behind = $backtrace[0];
// Identify the current URL
$urlData = URL::parse($_SERVER['SERVER_NAME'] . "/" . $_SERVER['REQUEST_URI']);
// If the error was triggered with trigger_error(), simplify the logging
if ($origin['function'] == "trigger_error") {
// Prepare Logging Values
$class = "";
$function = "trigger_error";
$argString = $origin['args'][0];
$filePath = str_replace(SYS_PATH, "", $origin['file']);
$fileLine = (int) $origin['line'];
// Local Environment
if (ENVIRONMENT == "local") {
$cons = get_defined_constants(true);
$debugData = array("Backtrace" => array_splice($backtrace, 1), "URL" => $urlData, "Constants" => $cons['user'], "_GET" => $_GET, "_POST" => $_POST, "_COOKIE" => $_COOKIE, "_SESSION" => $_SESSION, "_SERVER" => $_SERVER);
}
} else {
// Prepare Logging Values
$class = isset($origin['class']) ? $origin['class'] : "";
$function = isset($origin['function']) ? $origin['function'] : "";
$argString = isset($origin['args']) ? Data_Utilities::convertArrayToArgumentString($origin['args']) : "";
$filePath = isset($behind['file']) ? str_replace(dirname(SYS_PATH), "", $behind['file']) : '';
$fileLine = isset($behind['line']) ? $behind['line'] : 0;
// Skip instances of the autoloader
if ($errorType == "Unknown Error" and strpos($function, "spl_autoload") !== false) {
return false;
}
}
// Debug files in the local environment
if (ENVIRONMENT == "local") {
if (!isset($urlData['path'])) {
$urlData['path'] = "home";
}
// Add an entry to the debug timeline
File::write(SYS_PATH . "/debug/" . microtime(true) . "-" . str_replace("/", "_", $urlData['path']) . ".php", print_r(isset($debugData) ? $debugData : $backtrace, true));
// Add an entry to the primary debug page
File::prepend(SYS_PATH . "/debug/_primaryDebug.php", print_r(array("Domain" => FULL_DOMAIN, "URL" => $urlData['full'], "Error" => $errorType . ": " . $argString, "File" => "[Line " . $fileLine . "] " . $filePath, "Timestamp" => microtime(true)), true));
// Add an entry to the debugging page
File::prepend(SYS_PATH . "/debug/by-site/" . FULL_DOMAIN . "/" . $urlData['path'] . ".php", print_r(array("URL" => $urlData['full'], "Error" => $errorType . ": " . $behind['args'][1], "File" => "[Line " . $fileLine . "] " . $filePath, "Timestamp" => microtime(true)), true));
// Prune the debug pages so that they don't get overloaded
File::prune(SYS_PATH . "/debug/_primaryDebug.php", 300);
File::prune(SYS_PATH . "/debug/by-site/" . FULL_DOMAIN . "/" . $urlData['path'] . ".php", 120);
// Prune the timeline debug files so that they don't exhaust the system
if (mt_rand(0, 25) == 22) {
$debugFiles = Dir::getFiles(SYS_PATH . "/debug");
foreach ($debugFiles as $dbf) {
if ($dbf[0] != "_") {
$exp = explode(".", $dbf);
if ($exp[0] < time() + 86400) {
File::delete(SYS_PATH . "/debug/" . $dbf);
} else {
break;
}
}
}
}
}
// Log this error in the database
// Debug::logError($importance, $errorType, $class, $function, $argString, $filePath, $fileLine, $urlData['full'], Me::$id);
// End the Error Handler
return false;
// TRUE to run standard error logging afterward
/*
if(ENVIRONMENT != "production")
{
Debug::$verbose = true;
Debug::scriptError($errorString, $class, $function, $argString, $filePath, $fileLine, $filePathNext, $fileLineNext);
}
else
{
return false;
}
*/
}
// Returning FALSE will activate the default PHP Handler after ours runs.
// Returning TRUE will prevent the default PHP Handler from running.
return true;
}
private static function warnOfPotentialAttack($unsafeContent, $threatText = "", $severity = 0, $traceDepth = 0)
{
// Record this if the system is tracking input of this severity level
if (Security_ThreatTracker::$trackInput == true and Security_ThreatTracker::$minSeverity <= $severity) {
// Prepare Values
$threatData = array("Input Caught" => $unsafeContent, "Illegal Characters" => '');
$backtrace = debug_backtrace();
$origin = $backtrace[2 + $traceDepth];
$function = (isset($origin['class']) ? $origin['class'] . $origin['type'] : "") . (isset($origin['function']) ? $origin['function'] : "");
$params = isset($origin['args']) ? Data_Utilities::convertArrayToArgumentString($origin['args']) : "";
// Log the threat
Security_ThreatTracker::log("input", $severity, $threatText, $threatData, $function, $params, $origin['file'], $backtrace[1 + $traceDepth]['line']);
}
}
