Updating raven-php

Author: Cyril Glapa

src/lib/Raven/Client.php

@@ -11,7 +11,6 @@
 
 class Raven_Compat
 {
-
     public static function gethostname()
     {
         if (function_exists('gethostname')) {

src/lib/Raven/Compat.php

@@ -45,6 +45,8 @@ public function enqueue($url, $data=null, $headers=array())
         foreach ($headers as $key => $value) {
             array_push($new_headers, $key .': '. $value);
         }
+        // XXX(dcramer): Prevent 100-continue response form server (Fixes GH-216)
+        $new_headers[] = 'Expect:';
 
         curl_setopt($ch, CURLOPT_HTTPHEADER, $new_headers);
         curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
@@ -69,9 +71,9 @@ public function enqueue($url, $data=null, $headers=array())
 
     public function join($timeout=null)
     {
-    	if (!isset($timeout)) {
-    		$timeout = $this->join_timeout;
-    	}
+        if (!isset($timeout)) {
+            $timeout = $this->join_timeout;
+        }
         $start = time();
         do {
             $this->select();
@@ -94,8 +96,7 @@ private function select()
                 do {
                     $mrc = curl_multi_exec($this->multi_handle, $active);
                 } while ($mrc == CURLM_CALL_MULTI_PERFORM);
-            }
-            else {
+            } else {
                 return;
             }
         }

src/lib/Raven/CurlHandler.php

@@ -21,6 +21,9 @@
  * @package raven
  */
 
+// TODO(dcramer): deprecate default error types in favor of runtime configuration
+// unless a reason can be determined that making them dynamic is better. They
+// currently are not used outside of the fatal handler.
 class Raven_ErrorHandler
 {
     private $old_exception_handler;
@@ -29,11 +32,60 @@ class Raven_ErrorHandler
     private $call_existing_error_handler = false;
     private $reservedMemory;
     private $send_errors_last = false;
-    private $error_types = -1;
 
-    public function __construct($client, $send_errors_last = false)
+    /**
+     * @var array
+     * Error types which should be processed by the handler.
+     * A 'null' value implies "whatever error_reporting is at time of error".
+     */
+    private $error_types = null;
+
+    /**
+     * @deprecated
+     * @var array
+     * Error types that can be processed by the handler
+     */
+    private $validErrorTypes = array(
+        E_ERROR,
+        E_WARNING,
+        E_PARSE,
+        E_NOTICE,
+        E_CORE_ERROR,
+        E_CORE_WARNING,
+        E_COMPILE_ERROR,
+        E_COMPILE_WARNING,
+        E_USER_ERROR,
+        E_USER_WARNING,
+        E_USER_NOTICE,
+        E_STRICT,
+        E_RECOVERABLE_ERROR,
+        E_DEPRECATED,
+        E_USER_DEPRECATED,
+    );
+
+    /**
+     * @deprecated
+     * @var array
+     * The default Error types that are always processed by the handler. Can be set during construction.
+     */
+    private $defaultErrorTypes = array(
+        E_ERROR,
+        E_PARSE,
+        E_CORE_ERROR,
+        E_CORE_WARNING,
+        E_COMPILE_ERROR,
+        E_COMPILE_WARNING,
+        E_STRICT,
+    );
+
+    public function __construct($client, $send_errors_last = false, $default_error_types = null,
+                                $error_types = null)
     {
         $this->client = $client;
+        if ($default_error_types !== null) {
+            $this->defaultErrorTypes = $default_error_types;
+        }
+        $this->error_types = $error_types;
         register_shutdown_function(array($this, 'detectShutdown'));
         if ($send_errors_last) {
             $this->send_errors_last = true;
@@ -53,16 +105,49 @@ public function handleException($e, $isError = false, $vars = null)
 
     public function handleError($code, $message, $file = '', $line = 0, $context=array())
     {
-        if ($this->error_types & $code & error_reporting()) {
-          $e = new ErrorException($message, 0, $code, $file, $line);
-          $this->handleException($e, true, $context);
+        if (error_reporting() !== 0) {
+            $error_types = $this->error_types;
+            if ($error_types === null) {
+                $error_types = error_reporting();
+            }
+            if ($error_types & $code) {
+                $e = new ErrorException($message, 0, $code, $file, $line);
+                $this->handleException($e, true, $context);
+            }
         }
-
-        if ($this->call_existing_error_handler && $this->old_error_handler) {
-            call_user_func($this->old_error_handler, $code, $message, $file, $line, $context);
+        if ($this->call_existing_error_handler) {
+            if ($this->old_error_handler !== null) {
+                return call_user_func($this->old_error_handler, $code, $message, $file, $line, $context);
+            } else {
+                return false;
+            }
         }
     }
 
+    /**
+     * Nothing by default, use it in child classes for catching other types of errors
+     * Only constants from $this->validErrorTypes can be used
+     *
+     * @deprecated
+     * @return array
+     */
+
+    protected function getAdditionalErrorTypesToProcess()
+    {
+        return array();
+    }
+
+    /**
+     * @deprecated
+     * @return array
+     */
+    private function getErrorTypesToProcess()
+    {
+        $additionalErrorTypes = array_intersect($this->getAdditionalErrorTypesToProcess(), $this->validErrorTypes);
+        // array_unique so bitwise "or" operation wouldn't fail if some error type gets repeated
+        return array_unique(array_merge($this->defaultErrorTypes, $additionalErrorTypes));
+    }
+
     public function handleFatalError()
     {
         if (null === $lastError = error_get_last()) {
@@ -71,7 +156,10 @@ public function handleFatalError()
 
         unset($this->reservedMemory);
 
-        $errors = E_ERROR | E_PARSE | E_CORE_ERROR | E_CORE_WARNING | E_COMPILE_ERROR | E_COMPILE_WARNING | E_STRICT;
+        $errors = 0;
+        foreach ($this->getErrorTypesToProcess() as $errorType) {
+            $errors |= $errorType;
+        }
 
         if ($lastError['type'] & $errors) {
             $e = new ErrorException(
@@ -88,10 +176,19 @@ public function registerExceptionHandler($call_existing_exception_handler = true
         $this->call_existing_exception_handler = $call_existing_exception_handler;
     }
 
-    public function registerErrorHandler($call_existing_error_handler = true, $error_types = -1)
+    /**
+     * Register a handler which will intercept standard PHP errors and report them to the
+     * associated Sentry client.
+     *
+     * @return array
+     */
+    //
+    public function registerErrorHandler($call_existing_error_handler = true, $error_types = null)
     {
-        $this->error_types = $error_types;
-        $this->old_error_handler = set_error_handler(array($this, 'handleError'), error_reporting());
+        if ($error_types !== null) {
+            $this->error_types = $error_types;
+        }
+        $this->old_error_handler = set_error_handler(array($this, 'handleError'), E_ALL);
         $this->call_existing_error_handler = $call_existing_error_handler;
     }
 
@@ -102,7 +199,8 @@ public function registerShutdownFunction($reservedMemorySize = 10)
         $this->reservedMemory = str_repeat('x', 1024 * $reservedMemorySize);
     }
 
-    public function detectShutdown() {
+    public function detectShutdown()
+    {
         if (!defined('RAVEN_CLIENT_END_REACHED')) {
             define('RAVEN_CLIENT_END_REACHED', true);
         }

src/lib/Raven/ErrorHandler.php

@@ -4,7 +4,7 @@
  *
  * @package raven
  */
-class Raven_Processor
+abstract class Raven_Processor
 {
     public function __construct(Raven_Client $client)
     {
@@ -13,8 +13,8 @@ public function __construct(Raven_Client $client)
 
     /**
      * Process and sanitize data, modifying the existing value if necessary.
+     *
+     * @param array $data   Array of log data
      */
-    public function process(&$data)
-    {
-    }
+    abstract public function process(&$data);
 }

src/lib/Raven/Processor.php

@@ -7,31 +7,114 @@
  */
 class Raven_SanitizeDataProcessor extends Raven_Processor
 {
-    static $mask = '********';
-    static $fields_re = '/(authorization|password|passwd|secret|password_confirmation|card_number)/i';
-    static $values_re = '/^(?:\d[ -]*?){13,16}$/';
+    const MASK = '********';
+    const FIELDS_RE = '/(authorization|password|passwd|secret|password_confirmation|card_number|auth_pw)/i';
+    const VALUES_RE = '/^(?:\d[ -]*?){13,16}$/';
 
+    private $client;
+    private $fields_re;
+    private $values_re;
+
+    public function __construct(Raven_Client $client)
+    {
+        $this->client       = $client;
+        $this->fields_re    = self::FIELDS_RE;
+        $this->values_re    = self::VALUES_RE;
+        $this->session_cookie_name = ini_get('session.name');
+    }
+
+    /**
+     * Override the default processor options
+     *
+     * @param array $options    Associative array of processor options
+     */
+    public function setProcessorOptions(array $options)
+    {
+        if (isset($options['fields_re'])) {
+            $this->fields_re = $options['fields_re'];
+        }
+
+        if (isset($options['values_re'])) {
+            $this->values_re = $options['values_re'];
+        }
+    }
+
+    /**
+     * Replace any array values with our mask if the field name or the value matches a respective regex
+     *
+     * @param mixed $item       Associative array value
+     * @param string $key       Associative array key
+     */
     public function sanitize(&$item, $key)
     {
         if (empty($item)) {
             return;
         }
 
-        if (preg_match(self::$values_re, $item)) {
-            $item = self::$mask;
+        if (preg_match($this->values_re, $item)) {
+            $item = self::MASK;
         }
 
         if (empty($key)) {
             return;
         }
 
-        if (preg_match(self::$fields_re, $key)) {
-            $item = self::$mask;
+        if (preg_match($this->fields_re, $key)) {
+            $item = self::MASK;
+        }
+    }
+
+    public function sanitizeHttp(&$data)
+    {
+        if (empty($data['request'])) {
+            return;
+        }
+        $http = &$data['request'];
+        if (empty($http['cookies'])) {
+            return;
+        }
+
+        $cookies = &$http['cookies'];
+        if (!empty($cookies[$this->session_cookie_name])) {
+            $cookies[$this->session_cookie_name] = self::MASK;
         }
     }
 
     public function process(&$data)
     {
         array_walk_recursive($data, array($this, 'sanitize'));
+        $this->sanitizeHttp($data);
+    }
+
+    /**
+     * @return string
+     */
+    public function getFieldsRe()
+    {
+        return $this->fields_re;
+    }
+
+    /**
+     * @param string $fields_re
+     */
+    public function setFieldsRe($fields_re)
+    {
+        $this->fields_re = $fields_re;
+    }
+
+    /**
+     * @return string
+     */
+    public function getValuesRe()
+    {
+        return $this->values_re;
+    }
+
+    /**
+     * @param string $values_re
+     */
+    public function setValuesRe($values_re)
+    {
+        $this->values_re = $values_re;
     }
 }

src/lib/Raven/SanitizeDataProcessor.php

@@ -68,7 +68,7 @@ public static function serializeValue($value)
             $value = (string) $value;
 
             if (function_exists('mb_convert_encoding')) {
-                $value = mb_convert_encoding($value, 'UTF-8', 'UTF-8');
+                $value = mb_convert_encoding($value, 'UTF-8', 'auto');
             }
 
             return $value;