Log details of mailing error and don't display details to end user

[mattwire]

Overview

Found when using the sparkpost extension and an error from sparkpost causes a failure to send the email. The CiviCRM mail library logs the message to the user session and it is then displayed - this is problematic because there could be sensitive information returned in the error message. Additionally there is no indication that an error occurred in the CiviCRM log files.

Before

Error message from mailer is displayed to end-user who is trying to unsubscribe:

After

Simple error message displayed to end-user with no sensitive information. Detail recorded as error in CiviCRM log:

Technical Details

CRM_Core_Session::setStatus() will display the message to any user who has an active session (eg. when following an unsubscribe link in an email). When certain mailing libraries are using this results in far too much detailed information being displayed to the end-user and not recorded in the logs.

Comments

@mlutfy @seamuslee001

[civibot]

(Standard links)

• If this is your first pull-request for CiviCRM, please browse CONTRIBUTING.md for information about the development and testing processes.
• If you are reviewing this pull-request, you may wish to consult the test sites and the Review Standards (long template, short template).

[eileenmcnaughton]

@mattwire this seems fine to me - test error relates but it's just a string to update. We could show more to users with debug permission - but I'm happy to only add that if it ever comes up

[agileware-justin]

Good work @mattwire