diff --git a/actions/apitimelineuser.php b/actions/apitimelineuser.php index 66984b5abd..3fe73c691c 100644 --- a/actions/apitimelineuser.php +++ b/actions/apitimelineuser.php @@ -322,8 +322,11 @@ class ApiTimelineUserAction extends ApiBareAuthAction $this->clientError(_('Atom post must not be empty.')); } - $dom = DOMDocument::loadXML($xml); - if (!$dom) { + $old = error_reporting(error_reporting() & ~(E_WARNING | E_NOTICE)); + $dom = new DOMDocument(); + $ok = $dom->loadXML($xml); + error_reporting($old); + if (!$ok) { // TRANS: Client error displayed attempting to post an API that is not well-formed XML. $this->clientError(_('Atom post must be well-formed XML.')); } diff --git a/actions/newapplication.php b/actions/newapplication.php index eb13593536..657c7bcb71 100644 --- a/actions/newapplication.php +++ b/actions/newapplication.php @@ -22,7 +22,7 @@ * @category Applications * @package StatusNet * @author Zach Copley - * @copyright 2008-2009 StatusNet, Inc. + * @copyright 2008-2011 StatusNet, Inc. * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 * @link http://status.net/ */ @@ -290,7 +290,13 @@ class NewApplicationAction extends OwnerDesignAction $app->query('ROLLBACK'); } - $app->uploadLogo(); + try { + $app->uploadLogo(); + } catch (Exception $e) { + $app->query('ROLLBACK'); + $this->showForm(_('Invalid image.')); + return; + } $app->query('COMMIT'); diff --git a/actions/recoverpassword.php b/actions/recoverpassword.php index 9019d6fb22..a73872bfdb 100644 --- a/actions/recoverpassword.php +++ b/actions/recoverpassword.php @@ -282,7 +282,11 @@ class RecoverpasswordAction extends Action $user = User::staticGet('email', common_canonical_email($nore)); if (!$user) { - $user = User::staticGet('nickname', common_canonical_nickname($nore)); + try { + $user = User::staticGet('nickname', common_canonical_nickname($nore)); + } catch (NicknameException $e) { + // invalid + } } # See if it's an unconfirmed email address