Unable to catch exceptions generated by set_error_handler function

[mbiebl]

Hi,

the sabredav documentation or rather the examples recommend to use exceptions to handle PHP errors, so I followed that recommendation as well and added this code to my server.php:

/**

 * Mapping PHP errors to exceptions.

 *

 * While this is not strictly needed, it makes a lot of sense to do so. If an

 * E_NOTICE or anything appears in your code, this allows SabreDAV to intercept

 * the issue and send a proper response back to the client (HTTP/1.1 500).

 */

function exception_error_handler($errno, $errstr, $errfile, $errline ) {
        throw new ErrorException($errstr, 0, $errno, $errfile, $errline);

}

set_error_handler("exception_error_handler");

This has some strange and for me unexpected side effects. I have a custom authentication scheme which I implemented extending

\Sabre\DAV\Auth\Backend\AbstractBasic

In the validateUserPass() method I have some calls to ldap_bind, which can generate an error. Due to the error handler, those are turned into exceptions, which I wanted to handle via try {} catch {}. The code basically looks like this

class MyAuth extends \Sabre\DAV\Auth\Backend\AbstractBasic {

    public function validateUserPass($username, $password) {

        // setup ldap context etc

        try {
            $bind = ldap_bind($con, $user, $password);
        } catch (ErrorException $e) {
            error_log("failed to authenticate $user");
            $bind = null;
        }
       
        // clean up etc. 
    }
}

Yet, no matter what I do, I'm unable to catch the exception and instead I get a HTTP/500 with a stacktrace, like

Fatal error: Uncaught exception 'ErrorException' with message 'ldap_bind(): Unable to bind to server: Invalid credentials ...

This has two unpleasant side effects: I don't get a proper 401 HTTP return code and the authentication data is logged (like username and password).

Does anyone know, why I'm not able to catch the ErrorException within the \Sabre\DAV\Auth\Backend\AbstractBasic class?

Regards,

Michael

[Thomas Tanghus]

On Wednesday 16 April 2014 01:52 mbiebl wrote:
>
> class MyAuth extends \Sabre\DAV\Auth\Backend\AbstractBasic {
>
> public function validateUserPass($username, $password) {
>
> // setup ldap context etc
>
> try {
> $bind = ldap_bind($con, $user, $password);
> } catch (ErrorException $e) {
> error_log("failed to authenticate $user");
> $bind = null;
> }
>
> // clean up etc.
> }
> }
>
>

> Does anyone know, why I'm not able to catch the ErrorException within
> the \Sabre\DAV\Auth\Backend\AbstractBasic class?

Just to eliminate the obvious first ;)

Is your MyAuth class in a namespace? Then you will have to use:

} catch (\ErrorException $e) {

--
Med venlig hilsen,

Thomas Tanghus

[mbiebl]

Hi Thomas!

On Wednesday, April 16, 2014 11:58:31 AM UTC+2, Thomas Tanghus wrote:

Just to eliminate the obvious first ;)

Is your MyAuth class in a namespace?

It is, indeed.

 

Then you will have to use:

         } catch (\ErrorException $e) {

/me headdesks

Works like a charm now, thanks a bunch.

Was starring at the code for a while but completely missed that.

Michael

 

[Thomas Tanghus]

Been there, done that ;)

--
Med venlig hilsen / Best Regards

Thomas Tanghus

[Evert Pot]

I made the exact same mistake at first too ... took _forever_ to figure out, so annoying because PHP won't complain about non-existant classes in catch classes.