Log more information for PDOExceptions while also keeping passwords out.

2018-02-18 14:31:40 -06:00 · 2018-02-18 14:31:40 -06:00 · 1eb76c4457
commit 1eb76c4457
parent 4b9f025e98
2 changed files with 47 additions and 1 deletions
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@ -11,6 +11,9 @@ This project follows [Semantic Versioning](http://semver.org) guidelines.
 * Fixes database naming scheme using `d###_` rather than `s###_` when creating server databases.
 * Fix exception thrown when attempting to update an existing database host.

+### Changed
+* Adjusted exception handler behavior to log more stack information for PDO exceptions while not exposing credentials.
+
 ## v0.7.0 (Derelict Dermodactylus)
 ### Fixed
 * `[rc.2]` — Fixes bad API behavior on `/user` routes.
--- a/app/Exceptions/Handler.php
+++ b/app/Exceptions/Handler.php
@ -32,6 +32,16 @@ class Handler extends ExceptionHandler
        ValidationException::class,
    ];

+    /**
+     * A list of exceptions that should be logged with cleaned stack
+     * traces to avoid exposing credentials or other sensitive information.
+     *
+     * @var array
+     */
+    protected $cleanStacks = [
+        PDOException::class,
+    ];
+
    /**
     * A list of the inputs that are never flashed for validation exceptions.
     *
@ -73,7 +83,40 @@ class Handler extends ExceptionHandler
            throw $exception;
        }

-        return $logger->error($exception instanceof PDOException ? $exception->getMessage() : $exception);
+        foreach ($this->cleanStacks as $class) {
+            if ($exception instanceof $class) {
+                $exception = $this->generateCleanedExceptionStack($exception);
+                break;
+            }
+        }
+
+        return $logger->error($exception);
+    }
+
+    private function generateCleanedExceptionStack(Exception $exception)
+    {
+        $cleanedStack = '';
+        foreach ($exception->getTrace() as $index => $item) {
+            $cleanedStack .= sprintf(
+                "#%d %s(%d): %s%s%s\n",
+                $index,
+                array_get($item, 'file'),
+                array_get($item, 'line'),
+                array_get($item, 'class'),
+                array_get($item, 'type'),
+                array_get($item, 'function')
+            );
+        }
+
+        $message = sprintf(
+            '%s: %s in %s:%d',
+            class_basename($exception),
+            $exception->getMessage(),
+            $exception->getFile(),
+            $exception->getLine()
+        );
+
+        return $message . "\nStack trace:\n" . trim($cleanedStack);
    }

    /**