projects / GitHub / WoltLab / woltlab.github.io.git / blame
| Commit | Line | Data |
|---|---|---|
| e3747bbc | 1 | # Exceptions |
| 659673d5 MS |
2 | |
| 3 | ## SPL Exceptions | |
| 4 | ||
| 5 | The [Standard PHP Library (SPL)](https://secure.php.net/manual/en/book.spl.php) provides some [exceptions](https://secure.php.net/manual/en/spl.exceptions.php) that should be used whenever possible. | |
| 6 | ||
| 7 | ||
| 8 | ## Custom Exceptions | |
| 9 | ||
| 9003992d | 10 | !!! warning "Do not use `wcf\system\exception\SystemException` anymore, use specific exception classes!" |
| 659673d5 MS |
11 | |
| 12 | The following table contains a list of custom exceptions that are commonly used. | |
| be7792c4 | 13 | All of the exceptions are found in the `wcf\system\exception` namespace. |
| 659673d5 | 14 | |
| be7792c4 | 15 | | Class name | (examples) when to use | |
| 659673d5 | 16 | |-----------|------------------------| |
| be7792c4 MS |
17 | | `IllegalLinkException` | access to a page that belongs to a non-existing object, executing actions on specific non-existing objects (is shown as http 404 error to the user) | |
| 18 | | `ImplementationException` | a class does not implement an expected interface | | |
| 19 | | `InvalidObjectArgument` | <span class="label label-info">5.4+</span> API method support generic objects but specific implementation requires objects of specific (sub)class and different object is given | | |
| 20 | | `InvalidObjectTypeException` | object type is not of an expected object type definition | | |
| 21 | | `InvalidSecurityTokenException` | given security token does not match the security token of the active user's session | | |
| 22 | | `ParentClassException` | a class does not extend an expected (parent) class | | |
| 23 | | `PermissionDeniedException` | page access without permission, action execution without permission (is shown as http 403 error to the user) | | |
| 24 | | `UserInputException` | user input does not pass validation | | |
| a7f75edd TD |
25 | |
| 26 | ## Sensitive Arguments in Stack Traces | |
| 27 | ||
| 28 | Sometimes sensitive values are passed as a function or method argument. | |
| 29 | If the callee throws an Exception, these values will be part of the Exception’s stack trace and logged, unless the Exception is caught and ignored. | |
| 30 | ||
| 31 | WoltLab Suite will automatically suppress the values of parameters named like they might contain sensitive values, namely arguments matching the regular expression `/(?:^(?:password|passphrase|secret)|(?:Password|Passphrase|Secret))/`. | |
| 32 | ||
| 33 | If you need to suppress additional arguments from appearing in the stack trace, you can add the `\wcf\SensitiveArgument` attribute to such parameters. | |
| 256c1d64 | 34 | Arguments are only supported as of PHP 8 and ignored as comments in lower PHP versions. |
| a7f75edd TD |
35 | In PHP 7, such arguments will not be suppressed, but the code will continue to work. |
| 36 | Make sure to insert a linebreak between the attribute and the parameter name. | |
| 37 | ||
| 38 | Example: | |
| 39 | ||
| 40 | {jinja{ codebox( | |
| 41 | language="php", | |
| 42 | title="wcfsetup/install/files/lib/data/user/User.class.php", | |
| 43 | contents=""" | |
| 44 | <?php | |
| 45 | ||
| 46 | namespace wcf\data\user; | |
| 47 | ||
| 48 | // … | |
| 49 | ||
| 50 | final class User extends DatabaseObject implements IPopoverObject, IRouteController, IUserContent | |
| 51 | { | |
| 52 | // … | |
| 53 | ||
| 54 | public function checkPassword( | |
| 55 | #[\wcf\SensitiveArgument()] | |
| 56 | $password | |
| 57 | ) { | |
| 58 | // … | |
| 59 | } | |
| 60 | ||
| 61 | // … | |
| 62 | } | |
| 63 | """ | |
| 64 | ) }} |