6eba80e5f5
CGI->new() should not be used in any C4 module - it has a side-effect that breaks the AJAX file upload script. Specifically, any file upload field is slurped when a new CGI object is created, and is not available to a second object created by CGI->new(). Consequently, C4::Debug should not be instantiating a CGI object in its BEGIN block. It can use other CGI::* modules to parse QUERY_STRING to get the value of the debug parameter (note that this means that the debug param can be reliably set only in a GET, not as part of a form submission). Signed-off-by: Chris Cormack <crc@liblime.com> Signed-off-by: Joshua Ferraro <jmf@liblime.com>
169 lines
4.9 KiB
Perl
169 lines
4.9 KiB
Perl
package C4::Debug;
|
|
|
|
# Copyright 2000-2002 Katipo Communications
|
|
#
|
|
# This file is part of Koha.
|
|
#
|
|
# Koha is free software; you can redistribute it and/or modify it under the
|
|
# terms of the GNU General Public License as published by the Free Software
|
|
# Foundation; either version 2 of the License, or (at your option) any later
|
|
# version.
|
|
#
|
|
# Koha is distributed in the hope that it will be useful, but WITHOUT ANY
|
|
# WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR
|
|
# A PARTICULAR PURPOSE. See the GNU General Public License for more details.
|
|
#
|
|
# You should have received a copy of the GNU General Public License along with
|
|
# Koha; if not, write to the Free Software Foundation, Inc., 59 Temple Place,
|
|
# Suite 330, Boston, MA 02111-1307 USA
|
|
|
|
use strict;
|
|
use warnings;
|
|
|
|
use Exporter;
|
|
|
|
use CGI;
|
|
use vars qw($VERSION @ISA @EXPORT $debug $cgi_debug);
|
|
# use vars qw(@EXPORT_OK %EXPORT_TAGS);
|
|
|
|
BEGIN {
|
|
$VERSION = 1.00; # set the version for version checking
|
|
@ISA = qw(Exporter);
|
|
@EXPORT = qw($debug $cgi_debug);
|
|
# @EXPOR_OK = qw();
|
|
# %EXPORT_TAGS = ( all=>[qw($debug $cgi_debug)], );
|
|
}
|
|
|
|
BEGIN {
|
|
# this stuff needs a begin block too, since dependencies might alter their compilations
|
|
# for example, adding DataDumper
|
|
#my $query = CGI->new();
|
|
$debug = $ENV{KOHA_DEBUG} || $ENV{DEBUG} || 0;
|
|
#$cgi_debug = $ENV{KOHA_CGI_DEBUG} || $query->param('debug') || 0;
|
|
$cgi_debug = $ENV{KOHA_CGI_DEBUG} || 0;
|
|
unless (0 <= $debug and $debug <= 9) {
|
|
warn "Invalid \$debug value attempted: $debug";
|
|
$debug=1;
|
|
}
|
|
unless (0 <= $cgi_debug and $cgi_debug <= 9) {
|
|
$debug and
|
|
warn "Invalid \$cgi_debug value attempted: $cgi_debug";
|
|
$cgi_debug=1;
|
|
}
|
|
}
|
|
|
|
# sub import {
|
|
# print STDERR __PACKAGE__ . " (Debug) import @_\n";
|
|
# C4::Debug->export_to_level(1, @_);
|
|
# }
|
|
|
|
1;
|
|
__END__
|
|
|
|
=head1 NAME
|
|
|
|
C4::Debug - Standardized, centralized, exported debug switches.
|
|
|
|
=head1 SYNOPSIS
|
|
|
|
use C4::Debug;
|
|
|
|
=head1 DESCRIPTION
|
|
|
|
The purpose of this module is to centralize some of the "switches" that turn debugging
|
|
off and on in Koha. Most often, this functionality will be provided via C4::Context.
|
|
C4::Debug is separate to preserve the relatively stable state of Context, and
|
|
because other code will use C4::Debug without invoking Context.
|
|
|
|
Although centralization is our intention,
|
|
for logical and security reasons, several approaches to debugging need to be
|
|
kept separate. Information useful to developers in one area will not necessarily
|
|
be useful or even available to developers in another area.
|
|
|
|
For example, the designer of template-influenced javascript my want to be able to
|
|
trigger javascript's alert function to display certain variable values, to verify
|
|
the template selection is being performed correctly. For this purpose the presence
|
|
of a javascript "debug" variable might be a good switch.
|
|
|
|
Meanwhile, where security coders (say, for LDAP Auth) will appreciate low level feedback about
|
|
Authentication transactions, an environmental system variable might be a good switch.
|
|
However, clearly we would not want to expose that same information (e.g., entire LDAP records)
|
|
to the web interface based on a javascript variable (even if it were possible)!
|
|
|
|
All that is a long way of saying THERE ARE SECURITY IMPLICATIONS to turning on
|
|
debugging in various parts of the system, so don't treat them all the same or confuse them.
|
|
|
|
=head1 VARIABLES / AREAS
|
|
|
|
=head2 $debug - System, general
|
|
The general purpose debug switch.
|
|
|
|
=head3 How to Set $debug:
|
|
|
|
=over
|
|
|
|
=item environmental variable DEBUG or KOHA_DEBUG. In bash, you might do:
|
|
|
|
export KOHA_DEBUG=1;
|
|
perl t/Auth.t;
|
|
|
|
=item Keep in mind that your webserver will not be running in the same environment as your shell.
|
|
However, for development purposes, the same effect can be had by using Apache's SET_ENV
|
|
command with ERROR_LOG enabled for your VirtualHost. Not intended for production systems.
|
|
|
|
=item You can force the value from perl directly, like:
|
|
|
|
use C4::Debug;
|
|
use C4::Dates;
|
|
BEGIN { $C4::Debug::debug = 1; }
|
|
# now any other dependencies that also use C4::Debug will have debugging ON.
|
|
|
|
=back
|
|
|
|
=head2 $cgi_debug (CGI params) The web-based debug switch.
|
|
|
|
=head3 How to Set $cgi_debug:
|
|
|
|
=over
|
|
|
|
=item From a web browser, for example by supplying a non-zero debug parameter:
|
|
|
|
http://www.mylibrary.org/cgi-bin/koha/opac-search.pl?q=history&debug=1
|
|
|
|
=item Or in HTML, add a similar input parameter:
|
|
|
|
<input type="hidden" name="debug" value="1" />
|
|
|
|
=item Or from shell (or Apache), set KOHA_CGI_DEBUG.
|
|
|
|
=back
|
|
|
|
The former methods mean $cgi_debug is exposed. Do NOT use it to trigger any actions that you would
|
|
not allow a (potentially anonymous) end user to perform.
|
|
|
|
=head1 OTHER SOURCES of Debug Switches
|
|
|
|
=head2 System Preferences
|
|
|
|
=head2 Database Debug
|
|
|
|
Debugging at the database level might be useful. Koha does not currently integrate any such
|
|
capability.
|
|
|
|
=head1 CONVENTIONS
|
|
|
|
Debug values range from 0 to 9. At zero (the default), debugging is off.
|
|
|
|
=head1 AUTHOR
|
|
|
|
Joe Atzberger
|
|
atz AT liblime DOT com
|
|
|
|
=head1 SEE ALSO
|
|
|
|
CGI(3)
|
|
|
|
C4::Context
|
|
|
|
=cut
|
|
|