Come together with the global Drupal community in Rotterdam, 28 Sept – 1 Oct 2026. Sessions, contribution, connection, and Early Bird savings until 8 June.services_resource_execute_index_query assumes that any exceptions it catches will have the message() method and fails rather gracelessly when they don't. This can be triggered pretty easily by passing an invalid parameter to any index query method, e.g. api-endpoint/user.json?parameters[lkasfjdkls]=2488281 . The attached patch fixes this by adding a catch block for PDOExceptions before the more generic block. A better solution would be to validate the parameters, which I'd be happy to implement if someone else thinks it's a good idea.
| Comment | File | Size | Author |
|---|---|---|---|
| services-catch-pdoexception.patch | 629 bytes | cotto |
Comments
Comment #1
marcingy commentedAdding a new Try catch is fine, we are not going to validate parameters drupal core doesn't do and services shouldn't either, it adds bloat and at the end of the day it is reasonability of the caller to provide sensible data. I have opposed calls for this in other areas of the services and will do the same here it simply is not the drupal way when dealing with APIs.
Comment #2
marcingy commentedClosing as dup of #1446556: Call to undefined method PDOException::message() error in services_resource_execute_index_query()