diff options
| -rw-r--r-- | app/controllers/application.rb | 14 | ||||
| -rw-r--r-- | app/views/general/exception_caught.rhtml | 12 | ||||
| -rw-r--r-- | public/stylesheets/main.css | 5 | ||||
| -rw-r--r-- | todo.txt | 23 |
4 files changed, 40 insertions, 14 deletions
diff --git a/app/controllers/application.rb b/app/controllers/application.rb index e01f264a2..23b6e376b 100644 --- a/app/controllers/application.rb +++ b/app/controllers/application.rb @@ -6,7 +6,7 @@ # Copyright (c) 2007 UK Citizens Online Democracy. All rights reserved. # Email: francis@mysociety.org; WWW: http://www.mysociety.org/ # -# $Id: application.rb,v 1.26 2008-01-09 19:56:01 francis Exp $ +# $Id: application.rb,v 1.27 2008-01-22 17:59:50 francis Exp $ class ApplicationController < ActionController::Base @@ -16,6 +16,18 @@ class ApplicationController < ActionController::Base # Pick a unique cookie name to distinguish our session data from others' session :session_key => '_foi_session_id' + # Override default error handler + def rescue_action_in_public(exception) + # do something based on exception + @exception_backtrace = exception.backtrace.join("\n") + @exception_class = exception.class.to_s + render :template => "general/exception_caught.rhtml", :status => 404 + end + + def local_request? + false + end + private # Check the user is logged in diff --git a/app/views/general/exception_caught.rhtml b/app/views/general/exception_caught.rhtml new file mode 100644 index 000000000..6db1e7d34 --- /dev/null +++ b/app/views/general/exception_caught.rhtml @@ -0,0 +1,12 @@ +<h1>Sorry, we couldn't find that page</h1> + +<p>You've requested a page which doesn't exist, or which we have moved. +Perhaps you mistyped the address? Other things you can try:</p> + +<ul> +<li>Go to <a href="/">our front page</a></li> +<li><a href="mailto:<%=contact_email%>">Email us</a> to tell us about + the problem</li> +</ul> + +<p id="error_technical_details"><strong>Technical details:</strong> <%=@exception_class ? @exception_class : "Unknown"%></p> diff --git a/public/stylesheets/main.css b/public/stylesheets/main.css index 5e810d8e8..b793f50f2 100644 --- a/public/stylesheets/main.css +++ b/public/stylesheets/main.css @@ -23,6 +23,11 @@ a:active { color: #ff0000; } +#error_technical_details { + font-size: 70%; + margin-top: 2em; +} + .subtitle { font-style: italic; margin-top: -1em; @@ -72,9 +72,6 @@ Followups: - don't show classify link on /response/ page Alert somewhere if working days table not up to date -Make it so if the pipe fails, exim tries again rather than sending an error to the public body. - Or so errors go to an admin somehow, at the very least. - Show due date on, e.g. http://foi.mysociety.org/request/4 Sort by due date, show categorisation everywhere @@ -112,8 +109,6 @@ Add SQL foreign keys to database schema (THIS IS IMPORTANT, or things will screw http://rubyforge.org/projects/mig-constraints/ Call "delete from sessions where now() - updated_at > 3600" (one hour) or whatever -Do pretty error messages, e.g. on invalid public body name page etc. - 404s on all invalid URL parameters Hook global error message also @@ -122,17 +117,13 @@ Check log rotation is working well Mark some requests as test requests -Legal/privacy -============= +Later +===== Check act to see if can use pseudonym for FOI request? -"We will not reveal your email address to anybody" - are there circumstances - (e.g. somebody messaging creator of a request and it bouncing) where we - may reasonably do this, and should say it may happen? - -Later -===== +Make it so if the pipe fails, exim tries again rather than sending an error to the public body. + Or so errors go to an admin somehow, at the very least. Synthesise these tips into our handful of snappy snappy bullet points http://community.foe.co.uk/tools/right_to_know/tips.html @@ -202,6 +193,12 @@ Maybe prepend letter for them with "this is FOI request blah" boilerplate? Forgotten password link Way of contacting other users + "We will not reveal your email address to anybody" - are there circumstances + (e.g. somebody messaging creator of a request and it bouncing) where we + may reasonably do this, and should say it may happen? + -- I think this is fine EXCEPT for the facility to send messages. Do we have + fake hash addresses two way for each user for the message-to-user sending + thing? Would make sense. Properly escape all name_and_email functions |