Jump to content
adrian

Tracy Debugger

Recommended Posts

1 hour ago, bernhard said:

But I cannot enable the console for my non-superuser?

So sorry @bernhard - I didn't read that bit of your question - my apologies!

I have purposely prevented the Console, File Editor and Adminer panels and some others from working for non-superusers. Perhaps this could be made optional, but it seemed like a good default security setting. I can work on this later for you, but for now, just remove this line: https://github.com/adrianbj/TracyDebugger/blob/b225975afdad1c86ecb7ac7d4a724b46dcbcd0f0/TracyDebugger.module.php#L1444

and this conditional: https://github.com/adrianbj/TracyDebugger/blob/b225975afdad1c86ecb7ac7d4a724b46dcbcd0f0/includes/CodeProcessor.php#L20

I think those should get you going.

  • Thanks 1

Share this post


Link to post
Share on other sites

Thx adrian, I see your intention now 🙂 I just tried the user switcher and I have everything I need there. 

Is there a reason for the guest user not being selectable in this panel? It might be helpful to switch to a guest user as well and have tracy for debugging (console, dumps, etc)?

  • Like 1

Share this post


Link to post
Share on other sites
1 minute ago, bernhard said:

Is there a reason for the guest user not being selectable in this panel?

All you have to do is start a User Switcher session and then click the logout button - that is the same as selecting guest.

Oh yeah, and good idea about using the User Switcher - sorry, too rushed to think of that this morning 🙂

Share this post


Link to post
Share on other sites
On 2/8/2019 at 8:03 AM, adrian said:

I have purposely prevented the Console, File Editor and Adminer panels and some others from working for non-superusers. Perhaps this could be made optional, but it seemed like a good default security setting.

I'd be keen to have an option to enable the Console for non-superusers on localhost. If it's limited to localhost then there's not really a security risk I think. It would be handy for checking things like $page->addable(), $page->publishable(), etc from the perspective of a non-superuser role. When testing I typically keep an incognito window open with an editor role logged in rather than work with the User Switcher.

  • Like 3

Share this post


Link to post
Share on other sites

@Robin S - I haven't ignored your request - it will be in the next version.

Speaking of the next version, I have been looking at the poll from @teppo's PW Weekly and wondering what you guys would think about Tracy dropping support for PHP < 7.1 ?

The new core Tracy 3.0-dev version requires PHP version 7.1 or newer and looking at the changes since the 2.5 version we are currently using, it won't be practical to support two versions of the core like I have done previously. So, the question is, can I make 7.1 a requirement for the new version?

Not sure how to really get your feedback on this, but maybe a "like" means your OK with it, or a "sad" if you're not happy either sticking with the current version of this module (to maintain 5.x support), or otherwise don't want to lose 5.x support just yet.

The new Tracy core comes with much faster rendering of dumped objects with a lot of depth, so we might be able to increase the default and big dump options significantly.

There have also been improvements to live dumping that I still need to experiment with, but both sound very useful to have so I would like to upgrade.

Thanks for your thoughts.

image.thumb.png.2f818fdef1679dde462e9664fb08d0b8.png

 

  • Like 5

Share this post


Link to post
Share on other sites

Just another update to the Tracy core - apparently LIVE dumps now work more reliably and are now the default when calling barDump(), so it looks like we'll be able to ditch our custom bdl() method and probably even our bdb() and db() and integrate the LIVE option into standard d() and bd() calls. 

As you can tell, I am excited about the new version 🙂

  • Like 2

Share this post


Link to post
Share on other sites

I'm biased, and probably not the biggest user of Tracy either, but in my opinion support for PHP < 7.1 should be safe to drop by now. For the folks stuck with those versions, current Tracy version still works – right?

That's what I've been doing with my modules and code recently: splitting a separate "legacy" branch for those who need it, but only focusing new development for current PHP versions. And by "current" I mean the officially supported ones.

  • Like 3

Share this post


Link to post
Share on other sites

+1 for dropping support. Maybe adding a check before upgrade and showing a warming/hint that older php versions can use the old tracy module (that is already great) with a link where to download it?

  • Like 2

Share this post


Link to post
Share on other sites
4 hours ago, bernhard said:

Maybe adding a check before upgrade and showing a warming/hint that older php versions can use the old tracy module (that is already great) with a link where to download it?

+1 one for this!

Otherwise this change forces me to bump my sites from PHP 7.0.x to 7.1.x which is great! Thanx 🙂 (I always play safe, so I'm reluctant to go higher than necessary...)

Share this post


Link to post
Share on other sites
18 minutes ago, szabesz said:

Otherwise this change forces me to bump my sites from PHP 7.0.x to 7.1.x which is great! Thanx 🙂 (I always play safe, so I'm reluctant to go higher than necessary...)

Probably worth pointing out that currently the "safe thing to do" is going with 7.1 or 7.2: 7.0 is no longer officially supported, so it's no longer receiving security updates, and even 7.1 will stop receiving (security) updates near the end of this year.

7.3 is currently the "cutting edge" version, so you might want to wait a while before going there.

In terms of security there are exceptions, such as Ubuntu, where distro maintainers have been backporting security-related fixes from new versions to old ones – but if you're already on 7.0, I would assume that it's not the one that you got with your operating system, and as such is likely that you're already using a (potentially) insecure version.

  • Like 3

Share this post


Link to post
Share on other sites

For those interested - looks like the Tracy core will be getting multiple AJAX bars in v3: https://github.com/nette/tracy/pull/336#event-2144817375

This will be great for many reasons and will also let me remove my additive approach to dumps in the AJAX bar because consecutive requests will show the dumps on separate bars, rather than overwriting the last one which is how the core currently works.

  • Like 2

Share this post


Link to post
Share on other sites
On 2/7/2019 at 8:22 PM, bernhard said:

Thx adrian, I see your intention now 🙂 I just tried the user switcher and I have everything I need there. 

Is there a reason for the guest user not being selectable in this panel? It might be helpful to switch to a guest user as well and have tracy for debugging (console, dumps, etc)?

Hi Adrian,

just tried your suggested method on another website where I only have guest + superuser. It does not work as expected, or I'm missing something. When I start a user switcher session and logout, I get the debug bar, but I still cannot open the console. So it is not possible on that site to do some quick console tests and dumps...

This would be really helpful on that setup. Or is there another hidden way how I could use the console as guest user?

Would be great to have the guest user available in the switcher! Thx

Share this post


Link to post
Share on other sites

Hey @bernhard - sorry about that - it didn't work as you expected. Please try the latest version which lets the Console panel work as a guest when you use the "logout" option via the User Switcher and also it now works on localhost when using the "Force guest users into DEVELOPMENT mode on localhost" which should take care of @Robin S's request above.

Hopefully the next version will include the new Tracy core features along with some other tweaks - just need to find some time 🙂

  • Like 3
  • Thanks 1

Share this post


Link to post
Share on other sites
On 2/20/2019 at 11:36 AM, adrian said:

Please try the latest version which lets the Console panel work as a guest when you use the "logout" option via the User Switcher and also it now works on localhost when using the "Force guest users into DEVELOPMENT mode on localhost" which should take care of @Robin S's request above.

Thanks for adding this feature!

There seems to be a problem with the console output though. No matter what I dump the output consists of the entire rendered page.

2019-02-21_180609.png.08545b98d2706d79c10c7043800695db.png

This occurs when using the console as guest or logged-in non-superuser. 

  • Like 1

Share this post


Link to post
Share on other sites

Hey @Robin S - sorry about - I went through a few different iterations of things and looks like I messed up a couple of things on the last version. I just made a quick fix (no version bump) that fixes it for local guest users, but I think I need to do a bit more to get non-superusers working. Feel free to test the recent commit, but hopefully will have a complete fix shortly.

  • Like 1

Share this post


Link to post
Share on other sites

Actually, thinking about non-superusers - not quite sure what I want to do here.

Using the user switcher to switch to a non-superuser I think is OK for the console etc, but I don't actually think they should be available to non-superusers unless you're on local dev. Are you ok with that?

 

Share this post


Link to post
Share on other sites
1 minute ago, adrian said:

Are you ok with that?

Okay with me as I do almost all development on localhost.

  • Like 1

Share this post


Link to post
Share on other sites
Just now, Robin S said:

Okay with me as I do almost all development on localhost.

And I think the key thing is that on a remote server you can still use the user switcher to change to a non-superuser and it will work - it's just that I don't want actual non-superuser users that might have the tracy-debugger permission from using it.

I think that last version I just committed should be ok for this scenario. I am double checking here now, but could you confirm at your end also please?

 

  • Like 1

Share this post


Link to post
Share on other sites
6 minutes ago, adrian said:

I am double checking here now, but could you confirm at your end also please?

Thanks, working well for me as guest/non-superuser on localhost, and when using User Switcher on remote host.

  • Like 1

Share this post


Link to post
Share on other sites

Thanks - I actually just committed one more change and did a version bump and updated modules directory. 

Share this post


Link to post
Share on other sites
2 minutes ago, adrian said:

I actually just committed one more change and did a version bump and updated modules directory

Cool, will update.

Something unrelated I'll just throw out there for the wishlist... it would be cool if the code window in the Console didn't resize proportionally when the panel is resized. So the code window would have a pixel height rather than a percentage height and the result window would have a height along the lines calc(100% - [console window pixel height]). I know you added a lot of neat stuff relating to the code window height (line snapping and keyboard shortcuts) and for all I know this request would complicate all of that, in which case don't worry because it's not that important. 🙂

  • Like 1

Share this post


Link to post
Share on other sites
1 minute ago, Robin S said:

it would be cool if the code window in the Console didn't resize proportionally when the panel is resized

Yeah, I kinda agree with you - it's a bit annoying at times - I have gotten used to the keyboard shortcuts to increase/decrease as needed. Not sure how easy it would be to do what you want because I make use of the splitjs library (https://github.com/nathancahill/split) for that stuff and it's a percentage based setup and not sure how I would go about overriding that at the moment - it's certainly on my mind though.

  • Like 1

Share this post


Link to post
Share on other sites

Hi Adrian,

Recent Tracy versions do not work in the backend (the issue also prevents admin login), the "errors" I get (PHP 7.1.22):

Spoiler

Warning: in_array() expects parameter 2 to be array, string given in .../TracyDebugger.module.php on line 1955
Warning: in_array() expects parameter 2 to be array, string given in .../TracyDebugger.module.php on line 1962
Warning: in_array() expects parameter 2 to be array, string given in .../TracyDebugger.module.php on line 971
Warning: in_array() expects parameter 2 to be array, string given in .../TracyDebugger.module.php on line 1032
Warning: in_array() expects parameter 2 to be array, string given in .../TracyDebugger.module.php on line 1049
Warning: Cannot modify header information - headers already sent by (output started at .../TracyDebugger.module.php:1955) in .../TracyDebugger.module.php on line 1201
Modules: Failed to init module: TracyDebugger - Tracy\Debugger::dispatch() called after some output has been sent. Output started at .../TracyDebugger.module.php:1955.

I tested a few old versions and TracyDebugger-4.17.10 is ok, while TracyDebugger-4.17.16 has this issue, so something between these two introduced the problem. I reverted back to v4.17.10 for the time being.

Share this post


Link to post
Share on other sites

No problems here with Tracy 4.10.23 / 4.17.23 + PHP 7.0.33 / 7.2.6.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

  • Recently Browsing   0 members

    No registered users viewing this page.

  • Similar Content

    • By bernhard
      --- Please use RockFinder3 ---
    • By MoritzLost
      Cacheable Placeholders
      This module allows you to have pieces of dynamic content inside cached output. This aims to solve the common problem of having a mostly cacheable site, but with pieces of dynamic output here and there.  Consider this simple example, where you want to output a custom greeting to the current user:
      <h1>Good morning, <?= ucfirst($user->name) ?></h1> This snippet means you can't use the template cache (at least for logged-in users), because each user has a different name. Even if 99% of your output is static, you can only cache the pieces that you know won't include this personal greeting. A more common example would be CSRF tokens for HTML forms - those need to be unique by definition, so you can't cache the form wholesale.
      This module solves this problem by introducing cacheable placeholders - small placeholder tokens that get replaced during every request. The replacement is done inside a Page::render hook so it runs during every request, even if the response is served from the template cache. So you can use something like this:
      <h1>Good morning, {{{greeting}}}</h1> Replacement tokens are defined with a callback function that produces the appropriate output and added to the module through a simple hook:
      // site/ready.php wire()->addHookAfter('CachePlaceholders::getTokens', function (HookEvent $e) { $tokens = $e->return; $tokens['greeting'] = [ 'callback' => function (array $tokenData) { return ucfirst(wire('user')->name); } ]; $e->return = $tokens; }); Tokens can also include parameters that are parsed and passed to the callback function. There are more fully annotated examples and step-by-step instructions in the README on Github!
      Features
      A simple and fast token parser that calls the appropriate callback and runs automatically. Tokens may include multiple named or positional parameters, as well as multi-value parameters. A manual mode that allows you to replace tokens in custom pieces of cached content (useful if you're using the $cache API). Some built-in tokens for common use-cases: CSRF-Tokens, replacing values from superglobals and producing random hexadecimal strings. The token format is completely customizable, all delimiters can be changed to avoid collisions with existing tag parsers or template languages. Links
      Github Repository & documentation Module directory (pending approval) If you are interested in learning more, the README is very extensive, with more usage examples, code samples and usage instructions!
    • By Craig
      I've been using Fathom Analytics for a while now and on a growing number of sites, so thought it was about time there was a PW module for it.
      WayFathomAnalytics
      WayFathomAnalytics is a group of modules which will allow you to view your Fathom Analytics dashboard in the PW admin panel and (optionally) automatically add and configure the tracking code on front-end pages.
      Links
      GitHub Readme & documentation Download Zip Modules directory Module settings screenshot What is Fathom Analytics?
      Fathom Analytics is a simple, privacy-focused website analytics tool for bloggers and businesses.

      Stop scrolling through pages of reports and collecting gobs of personal data about your visitors, both of which you probably don't need. Fathom is a simple and private website analytics platform that lets you focus on what's important: your business.
      Privacy focused Fast-loading dashboards, all data is on a single screen Easy to get what you need, no training required Unlimited email reports Private or public dashboard sharing Cookie notices not required (it doesn't use cookies or collect personal data) Displays: top content, top referrers, top goals and more
    • By daniels
      This is a lightweight alternative to other newsletter & newsletter-subscription modules.
      You can find the Module in the Modules directory and on Github
      It can subscribe, update, unsubscribe & delete a user in a list in Mailchimp with MailChimp API 3.0. It does not provide any forms or validation, so you can feel free to use your own. To protect your users, it does not save any user data in logs or sends them to an admin.
      This module fits your needs if you...
      ...use Mailchimp as your newsletter / email-automation tool ...want to let users subscribe to your newsletter on your website ...want to use your own form, validation and messages (with or without the wire forms) ...don't want any personal user data saved in any way in your ProcessWire environment (cf. EU data regulation terms) ...like to subscribe, update, unsubscribe or delete users to/from different lists ...like the Mailchimp UI for creating / sending / reviewing email campaigns *I have only tested it with PHP 7.x so far, so use on owners risk
      EDIT:
      Since 0.0.4, instructions and changelog can be found in the README only. You can find it here  🙂
      If you have questions or like to contribute, just post a reply or create an issue or pr on github, thanks!
    • By MoritzLost
      Sorry for the convoluted title. I have a problem with Process modules that define a custom page using the page key through getModuleInfo (as demonstrated in this excellent tutorial by @bernhard). Those pages are created automatically when the module is installed. The problem is that the title of the page only gets set in the current language. That's not a problem if the current language (language of the superuser who is installing the module) is the default language; if it isn't, the Process page is missing a title in the default language. This has the very awkward effect that a user using the backend in the default language (or any other language) will see an empty entry in the setup menu:

      This screenshot comes from my Cache Control module which includes a Process page. Now I realize the description sounds obscure, but for us it's a common setup: We a multiple bilingual sites where the default language is German and the second language is English. While the clients use the CMS in German, as a developer I prefer the English interface, so whenever I install a Process module I get this problem.
      As a module author, is there a way to handle this situation? I guess it would be possible to use post-installation hooks or create the pages manually, but I very much prefer the declarative approach. The page title is already translatable (through the __ function), but of course at the time of installation there is no translation, and as far as I'm aware it's not possible to ship translations with a module so they are used automatically. Could this situation be handled better in the core? I would prefer if the module installation process would always set the title of the Process page in the default language, instead of the language of the current user.
×
×
  • Create New...