From c5d18164700c4a1763294fc5d3641d26f7dbc82c Mon Sep 17 00:00:00 2001 From: Petr Skoda Date: Sat, 20 Mar 2010 13:46:15 +0000 Subject: [PATCH] MDL-14679 fixed double encoding of html entities in debuginfo coming from the dml and ddl --- lib/ddllib.php | 2 +- lib/dmllib.php | 10 +++++----- lib/outputrenderers.php | 4 +++- lib/setuplib.php | 4 +++- 4 files changed, 12 insertions(+), 8 deletions(-) diff --git a/lib/ddllib.php b/lib/ddllib.php index 75b069a198a..3e25116ec8d 100644 --- a/lib/ddllib.php +++ b/lib/ddllib.php @@ -126,7 +126,7 @@ class ddl_change_structure_exception extends ddl_exception { function __construct($error, $sql=null) { $this->error = $error; $this->sql = $sql; - $errorinfo = s($error).'

'.s($sql); + $errorinfo = $error."\n".$sql; parent::__construct('ddlexecuteerror', NULL, $errorinfo); } } diff --git a/lib/dmllib.php b/lib/dmllib.php index e418d37c2ef..5f25341c943 100644 --- a/lib/dmllib.php +++ b/lib/dmllib.php @@ -71,7 +71,7 @@ class dml_connection_exception extends dml_exception { * @param string $error */ function __construct($error) { - $errorinfo = ''.s($error).''; + $errorinfo = $error; parent::__construct('dbconnectionfailed', NULL, $errorinfo); } } @@ -97,7 +97,7 @@ class dml_read_exception extends dml_exception { $this->error = $error; $this->sql = $sql; $this->params = $params; - $errorinfo = s($error).'

'.s($sql).'
['.s(var_export($params, true)).']'; + $errorinfo = $error."\n".$sql."\n[".var_export($params, true).']'; parent::__construct('dmlreadexception', NULL, $errorinfo); } } @@ -118,7 +118,7 @@ class dml_multiple_records_exception extends dml_exception { * @param array $params */ function __construct($sql='', array $params=null) { - $errorinfo = s($sql).'
['.s(var_export($params, true)).']'; + $errorinfo = $sql."\n[".var_export($params, true).']'; parent::__construct('multiplerecordsfound', null, $errorinfo); } } @@ -165,7 +165,7 @@ class dml_missing_record_exception extends dml_exception { $errcode = 'invalidrecord'; break; } - $errorinfo = s($sql).'
['.s(var_export($params, true)).']'; + $errorinfo = $sql."\n[".var_export($params, true).']'; parent::__construct($errcode, $tablename, $errorinfo); } } @@ -191,7 +191,7 @@ class dml_write_exception extends dml_exception { $this->error = $error; $this->sql = $sql; $this->params = $params; - $errorinfo = s($error).'

'.s($sql).'
['.s(var_export($params, true)).']'; + $errorinfo = $error."\n".$sql."\n[".var_export($params, true).']'; parent::__construct('dmlwriteexception', NULL, $errorinfo); } } diff --git a/lib/outputrenderers.php b/lib/outputrenderers.php index 36159a8e197..2b21610955c 100644 --- a/lib/outputrenderers.php +++ b/lib/outputrenderers.php @@ -1698,7 +1698,9 @@ END; if (debugging('', DEBUG_DEVELOPER)) { if (!empty($debuginfo)) { - $output .= $this->notification('Debug info: '.s($debuginfo), 'notifytiny'); + $debuginfo = s($debuginfo); // removes all nasty JS + $debuginfo = str_replace("\n", '
', $debuginfo); // keep newlines + $output .= $this->notification('Debug info: '.$debuginfo, 'notifytiny'); } if (!empty($backtrace)) { $output .= $this->notification('Stack trace: '.format_backtrace($backtrace), 'notifytiny'); diff --git a/lib/setuplib.php b/lib/setuplib.php index 9ef3b0cbcc8..dc4979d24e1 100644 --- a/lib/setuplib.php +++ b/lib/setuplib.php @@ -933,7 +933,9 @@ width: 80%; -moz-border-radius: 20px; padding: 15px"> '; if (!empty($CFG->debug) && $CFG->debug >= DEBUG_DEVELOPER) { if (!empty($debuginfo)) { - $content .= '
Debug info: ' . s($debuginfo) . '
'; + $debuginfo = s($debuginfo); // removes all nasty JS + $debuginfo = str_replace("\n", '
', $debuginfo); // keep newlines + $content .= '
Debug info: ' . $debuginfo . '
'; } if (!empty($backtrace)) { $content .= '
Stack trace: ' . format_backtrace($backtrace, false) . '
'; -- 2.36.1