Log more information for PDOExceptions while also keeping passwords out.

DaneEveritt · DaneEveritt · commit 1eb76c445779 · 2018-02-18T14:31:40.000-06:00
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -11,6 +11,9 @@ This project follows [Semantic Versioning](http://semver.org) guidelines.
 * Fixes database naming scheme using `d###_` rather than `s###_` when creating server databases.
 * Fix exception thrown when attempting to update an existing database host.
 
+### Changed
+* Adjusted exception handler behavior to log more stack information for PDO exceptions while not exposing credentials.
+
 ## v0.7.0 (Derelict Dermodactylus)
 ### Fixed
 * `[rc.2]` — Fixes bad API behavior on `/user` routes.
diff --git a/app/Exceptions/Handler.php b/app/Exceptions/Handler.php
@@ -32,6 +32,16 @@ class Handler extends ExceptionHandler
         ValidationException::class,
     ];
 
+    /**
+     * A list of exceptions that should be logged with cleaned stack
+     * traces to avoid exposing credentials or other sensitive information.
+     *
+     * @var array
+     */
+    protected $cleanStacks = [
+        PDOException::class,
+    ];
+
     /**
      * A list of the inputs that are never flashed for validation exceptions.
      *
@@ -73,7 +83,40 @@ public function report(Exception $exception)
             throw $exception;
         }
 
-        return $logger->error($exception instanceof PDOException ? $exception->getMessage() : $exception);
+        foreach ($this->cleanStacks as $class) {
+            if ($exception instanceof $class) {
+                $exception = $this->generateCleanedExceptionStack($exception);
+                break;
+            }
+        }
+
+        return $logger->error($exception);
+    }
+
+    private function generateCleanedExceptionStack(Exception $exception)
+    {
+        $cleanedStack = '';
+        foreach ($exception->getTrace() as $index => $item) {
+            $cleanedStack .= sprintf(
+                "#%d %s(%d): %s%s%s\n",
+                $index,
+                array_get($item, 'file'),
+                array_get($item, 'line'),
+                array_get($item, 'class'),
+                array_get($item, 'type'),
+                array_get($item, 'function')
+            );
+        }
+
+        $message = sprintf(
+            '%s: %s in %s:%d',
+            class_basename($exception),
+            $exception->getMessage(),
+            $exception->getFile(),
+            $exception->getLine()
+        );
+
+        return $message . "\nStack trace:\n" . trim($cleanedStack);
     }
 
     /**
