From 7b3f6cb219cac448ba470f016ed5068bdc7ffc56 Mon Sep 17 00:00:00 2001
From: Andreas Fischer <bantu@phpbb.com>
Date: Sun, 18 Sep 2011 00:55:24 +0200
Subject: [PATCH] [ticket/10369] Always include errfile and errline in
 format_errors().

We remove the phpBB root path from errfile. This is consistent with how
msg_handler handles E_WARNING messages etc.

PHPBB3-10369
---
 phpBB/includes/error_collector.php | 14 +++++++-----
 tests/error_collector_test.php     | 35 ++++++++++++++++++++++++++++++
 2 files changed, 44 insertions(+), 5 deletions(-)
 create mode 100644 tests/error_collector_test.php

diff --git a/phpBB/includes/error_collector.php b/phpBB/includes/error_collector.php
index 55834f354c..534df27ece 100644
--- a/phpBB/includes/error_collector.php
+++ b/phpBB/includes/error_collector.php
@@ -42,6 +42,8 @@ class phpbb_error_collector
 
 	function format_errors()
 	{
+		$phpbb_root_path = phpbb_realpath(dirname(__FILE__) . '/../');
+
 		$text = '';
 		foreach ($this->errors as $error)
 		{
@@ -49,13 +51,15 @@ class phpbb_error_collector
 			{
 				$text .= "<br />\n";
 			}
+
 			list($errno, $msg_text, $errfile, $errline) = $error;
-			$text .= "Errno $errno: $msg_text";
-			if (defined('DEBUG_EXTRA') || defined('IN_INSTALL'))
-			{
-				$text .= " at $errfile line $errline";
-			}
+
+			// Prevent leakage of local path to phpBB install
+			$errfile = str_replace(array($phpbb_root_path, '\\'), array('', '/'), $errfile);
+
+			$text .= "Errno $errno: $msg_text at $errfile line $errline";
 		}
+
 		return $text;
 	}
 }
diff --git a/tests/error_collector_test.php b/tests/error_collector_test.php
new file mode 100644
index 0000000000..e1ac32f5ac
--- /dev/null
+++ b/tests/error_collector_test.php
@@ -0,0 +1,35 @@
+<?php
+/**
+*
+* @package testing
+* @copyright (c) 2011 phpBB Group
+* @license http://opensource.org/licenses/gpl-license.php GNU Public License
+*
+*/
+
+require_once dirname(__FILE__) . '/../phpBB/includes/functions.php';
+require_once dirname(__FILE__) . '/../phpBB/includes/error_collector.php';
+
+class phpbb_error_collector_test extends phpbb_test_case
+{
+	public function test_collection()
+	{
+		$collector = new phpbb_error_collector;
+		$collector->install();
+
+		// Cause a warning
+		1/0; $line = __LINE__;
+
+		$collector->uninstall();
+
+		list($errno, $msg_text, $errfile, $errline) = $collector->errors[0];
+		$error_contents = $collector->format_errors();
+
+		$this->assertEquals($errno, 2);
+
+		// Unfortunately $error_contents will contain the full path here,
+		// because the tests directory is outside of phpbb root path.
+		$this->assertStringStartsWith('Errno 2: Division by zero at ', $error_contents);
+		$this->assertStringEndsWith(" line $line", $error_contents);
+	}
+}