Cavemanon/piratepoet
7
Fork 0
Code Pull Requests Actions Releases 16 Activity

Prevents leaking SQL errors in API response

Browse Source
This commit is contained in:
Vlad
2017-09-19 20:32:26 -04:00
parent 697f9ba5bc
commit c3b643df84
2 changed files with 43 additions and 12 deletions
Download Patch File Download Diff File Expand all files Collapse all files

21
lib/API/JSON/ErrorResponse.php
View File

@ -1,4 +1,5 @@
<?php
namespace MailPoet\API\JSON;
if(!defined('ABSPATH')) exit;
@ -12,23 +13,19 @@ class ErrorResponse extends Response {
}
function getData() {
if(empty($this->errors)) {
return null;
} else {
return array(
'errors' => $this->errors
);
}
return (empty($this->errors)) ? null : array('errors' => $this->errors);
}
function formatErrors($errors = array()) {
$formatted_errors = array();
foreach($errors as $error => $message) {
$formatted_errors[] = array(
return array_map(function($error, $message) {
// sanitize SQL error
if(preg_match('/^SQLSTATE/i', $message)) {
$message = __('An unknown error occurred.', 'mailpoet');
}
return array(
'error' => $error,
'message' => $message
);
}
return $formatted_errors;
}, array_keys($errors), array_values($errors));
}
}