This document summarizes Simon R Jones' presentation on PHP debugging techniques. It discusses common causes of bugs like human error and environmental issues. It also covers PHP errors like syntax errors and warnings. The presentation recommends enabling full error reporting, using tools like Xdebug for stack traces and remote debugging, and following best practices like coding standards and testing. Remote debugging and tools like Charles Proxy can help with debugging AJAX and web services. Legacy code poses unique challenges that refactoring can help address.
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
PHP Debugging from the Trenches: Methods for Finding and Fixing Bugs
1. PHP Debugging from the Trenches
PHP Cambridge, 24 Feb 2014
Simon R Jones, Studio 24
2. Me
•
Founder & Technical Director of
digital agency Studio 24
•
Programming PHP since 1999
•
Contributor to ZF1
•
Contributor to Web Standards
Project
•
Zend Certified Engineer
•
Organiser of PHP Cambridge
and Refresh Cambridge
studio24.net
3. What causes bugs
First steps
PHP errors
Error reporting
Debugging in PHP
Remote debugging
AJAX and Web Services
Legacy software
Good practises
studio24.net
4. “Debugging is a methodical process of finding
and reducing the number of bugs, or defects,
in a computer program or a piece of electronic
hardware, thus making it behave as expected.”
– Wikipedia
studio24.net
5. “Debugging is a methodical process of finding
and reducing the number of bugs, or defects,
in a computer program or a piece of electronic
hardware, thus making it behave as expected.”
– Wikipedia
studio24.net
6. !
We want to avoid this!
WSOD:
White Screen
Of Death!
11. What causes bugs?
•
Human error (typos)
•
Business logic errors
•
Environmental errors (files, web service, DB)
•
Client-side errors (web browsers)
•
External software bug (PHP, Apache, etc)
•
And sometimes it’s just a feature request or
misunderstanding!
studio24.net
13. “It is a capital mistake to theorize before one
has data. Insensibly one begins to twist facts to
suit theories, instead of theories to suit facts.”
– Sherlock Holmes, A Scandal in Bohemia
studio24.net
14. Understand the issue
1. What did you do?
(how to reproduce the issue)
2. What happened?
(what’s wrong)
3. What was supposed to
happen?
(expected behaviour)
studio24.net
18. Replicate the issue
•
Replay steps
•
Can you replicate it?
•
If not, what’s different?
•
Is the data the same?
•
Are there time-based business rules?
•
Are you using the same web browser/OS?
studio24.net
20. PHP errors
•
Parse errors
•
Identified by T_* parser tokens
•
T_PAAMAYIM_NEKUDOTAYIM
issues with static operator ::
•
Sending headers more than once
•
Segmentation faults
•
Exception thrown without a stack frame in
Unknown on line 0. Yay!
studio24.net
21. syntax error, unexpected T_SL …
$heredoc = <<<EOD
My long piece
of text on a few lines
there’s a space here
EOD;
<<<<<<< HEAD
$title = "My updated code";
=======
$title = "My old code";
>>>>>>> master
22. syntax error, unexpected $end in /path/to/file.php on line 27
$heredoc = <<<EOD
My long piece
of text on a few lines
EOD;
there’s a space here
// More code here
for ($x=0; $x<10; $x++) {
// Do stuff
}
echo $something;
but the error reports here
23. Syntax errors
Easily fixed with a decent IDE or running lint before you deploy code:
php -l /path/to/file.php
No syntax errors detected in file.php
24. Warning: session_start() [function.session-start]: Cannot
send session cookie - headers already sent by…
<?php
a space here
$title = "My title";
// More code here
for ($x=0; $x<10; $x++) {
// Do stuff
}
or here will flush the headers
?>
25. Headers sent twice errors
Easily fixed by separating PHP from your templates
and don’t include final ?> in files that only contain PHP
<?php
// Some code
$title = "Lots of code here!";
// Look Ma, no closing ?> here!
26. Obscure error messages
•
Segmentation fault - issue writing to memory, usually an
internal bug
•
Exception thrown without a stack frame - exception
thrown in destructors / exception handlers
studio24.net
28. Error reporting
// Development
display_errors = On
display_startup_errors = On
error_reporting = -1 // E_ALL works PHP5.4+
log_errors = On
// Production
display_errors = Off
display_startup_errors = Off
error_reporting = E_ALL
log_errors = On
29. Error reporting
•
Any syntax errors in the file that defines error reporting
will ignore these settings
•
Default is to log errors to Apache ErrorLog location,
overrides php.ini error_log setting
studio24.net
31. Suppressing errors
•
@ operator
•
Don’t do it!
•
Unless you immediately test the result and deal with it
•
Suppressed errors still sent to custom error handler
•
Scream to disable!
ini_set('scream.enabled', 1);
33. Quick and dirty
•
var_dump() and print_r()
•
Very basic, and not that useful
•
Needs formatting if complex data
echo "<pre>";var_dump($stuff);exit;
•
Xdebug formats var_dump()
studio24.net
35. Developer toolbars
•
Send JavaScript messages to console.log()
•
Use Firebug and FirePHP to send messages from PHP to
the console
•
Can profile DB queries via
Zend_Db_Profiler_Firebug
38. Xdebug
•
Stack traces for errors
•
Profiling
•
Remote debugging
•
Enabled via zend_extension in php.ini
•
Don’t use in production!
•
XHProf is designed for profiling on production servers
studio24.net
41. Xdebug remote debugging
•
Enable in PHP.ini via
xdebug.remote_enable=1
xdebug.remote_port="9000"
1. Set breakpoints
2. Run in browser via session, or browser extension
3. Step through code in IDE
studio24.net
45. CURL
•
Great for quickly inspecting headers
curl --HEAD http://domain.com/url
•
Redirects are aggressively cached in most browsers, CURL isn't
•
Use it to debug web services
•
Use Python’s json.tool to format returned JSON
curl -s -H 'X-Auth-Token: AUTH_TOKEN’
-H 'Accept: application/json'
'http://domain.com/url' | python -m json.tool
studio24.net
46. Charles Proxy
•
Records all requests
•
Inspect request and response headers
•
Makes it really easy to debug AJAX
•
You can include just your test domain to reduce amount
of data captured
studio24.net
47.
48. Dealing with SSL
•
Charles acts as a proxy to allow you to inspect SSL requests.
•
This is the same as a man-in-the-middle attack
•
You need to authorise your web browser to allow this
•
Access third-party URLs directly to do this
studio24.net
49. “Nothing clears up a case so much as stating it
to another person.”
–Sherlock Holmes, The Memoirs of Sherlock Holmes
studio24.net
50. If you’re stuck get a fresh view
•
“Rubber duck” debugging
•
The act of talking through an issue forces
you to think logically
studio24.net
52. Problems debugging Legacy software
•
“Spaghetti code”
•
No organised class/function system
•
Duplicated code
•
Dead code
•
Global variables
•
Unescaped SQL (and other security woes)
•
Suppressed errors
studio24.net
53. Strategies
•
Ensure you have a local development environment
•
Get the codebase into version control
•
Remove dead code
•
Review error logs
•
Debug with Xdebug to understand code flow
•
Refactor by making small, incremental changes
studio24.net
54. Refactoring
It Was Like That When I Got Here: Steps
Toward Modernizing a Legacy Codebase
http://paul-m-jones.com/archives/2667
!
Modernizing Legacy Applications In PHP
https://leanpub.com/mlaphp
studio24.net
56. Good practises
•
Use a good IDE (PHPStorm, Zend Studio, NetBeans)
•
Coding standards
•
Document your code
•
Filter In / Escape Out
•
Defensive coding (test all return values)
•
Automated testing
studio24.net
59. “Chance has put in our way a most singular
and whimsical problem, and its solution is its
own reward”
–Sherlock Holmes, The Adventures of Sherlock Holmes
studio24.net