* Migrate email utils to non-static

* Migrate http utils to non-static

* Migrate net utils to non-static

* Migrate random utils to non-static

* Migrate system utils to non-static

* Migrate time utils to non-static

* Migrate xml utils to non-static

* Upgrade notes

* Update test-framework

* Fix tests

* Import the saml2 SspContainer into SSP

* Comment code targeted at saml2v5 for now

Improve error handling

bugfix: Allow exception messages different than "You have not yet created the SimpleSAMLphp configuration files.".

Right now, that's the only error message that you will ever get if something goes wrong with the configuration, no matter what. The message should not be hardcoded, but use the one from the captured exception instead.

ParseError errors in PHP 7 have a code of 0, which will always be masked. Avoid that by forcing error codes of 0 to be E_ERROR instead.

The www/_include.php script, included by all scripts in www/, checks unconditionally for the existence of the config.php file. However, this prevents us from testing the scripts automatically. Instead of checking for the file, we just try to load the configuration, and live with it if it works. That way we can pre-load the configuration using SimpleSAML_Configuration::loadFromArray(), as we are doing in some tests.

PHP 7 changed the way it handles internal errors. Now, Exception objects inherit from the Throwable interface, as well as the new Error objects. Internal functions throw Error objects now instead of raising an error, so the exception handler would need to handle them as well. Therefore, the exception handler is no longer guaranteed to receive an Exception object. We need now to discern whether the parameter is an exception (and continue our business as usual), or an Error (in case such thing exists, only PHP 7), and in this last case parse it and let the error handler do its stuff.

This should resolve #330.

In line with the previous commit, we now allow hooking in the exception handler, so that a module can implement its own logic to deal with certain exceptions.

Start using the new configuration exceptions, handling error situations that before led to blank pages or even worse.

Move the error-reporting logic in SimpleSAML_Utilities to the SimpleSAML_Logger class, and add a new method there to evaluate whether an error would be masked or not according to its level.

(being respectful with occurences that might change the behaviour, i.e. default database prefixes)

INCPREFIX has been added in March 2008 and was already deprecated in June 2008, i.e. > 7 years ago.

Moved logic pertaining to finding configdir to central location, added ability to set via environment variable

Move SimpleSAML_Utilities::initTimezone() to SimpleSAML\Utils\Time::initTimezone(). Deprecate the former.

Deprecate SimpleSAML_Utilities::disanleXMLEntityLoader(). Since we are requiring PHP 5.3, we can call libxml_disable_entity_loader() directly.

To prevent local and remote file inclusion attacks. This is in most cases
already disabled by default in system libraries, so this will be a no-op to
most systems, but to be safe we explicitly disable it also.

Fixes #74

This is necessary to make sure that if a minimum PHP error level
has been set, this is also respected by SSP's error handler. Most
notably, this will make calls prefixed with '@', the PHP warning
silencer, actually silence the warnings. The SSP code tries to
makes use of the @ sign on various places around the code, but
this will only work if it's actually checked here.

Due to a PHP bug combined with deprecation-warnings from the OpenID
library, we may fail with a fatal error due to not finding the
SimpleSAML_Logger class.

See PHP bug: https://bugs.php.net/bug.php?id=47987

git-svn-id: https://simplesamlphp.googlecode.com/svn/trunk@2999 44740490-163a-0410-bde0-09ae8108e29a

git-svn-id: https://simplesamlphp.googlecode.com/svn/trunk@2742 44740490-163a-0410-bde0-09ae8108e29a

git-svn-id: https://simplesamlphp.googlecode.com/svn/trunk@2191 44740490-163a-0410-bde0-09ae8108e29a