用户
 找回密码
 入住 CI 中国社区
搜索
查看: 4646|回复: 10
收起左侧

[讨论/交流] CodeIgniter的那些坑(一)

[复制链接]
发表于 2013-7-11 19:07:38 | 显示全部楼层 |阅读模式
作者:线筝
原文:http://h5b.net/codeigniter-php_error-log/


CodeIgniter是个很优秀的PHP框架,十分适合敏捷开发,但是,是个软件都会有缺陷和一些不尽如人意的地方,公司网站是基于CodeIgniter的,用的时间久了,自然会发现一些坑,下面列举一些。

PHP复制代码
<?php
 
/*
 *---------------------------------------------------------------
 * APPLICATION ENVIRONMENT
 *---------------------------------------------------------------
 *
 * You can load different configurations depending on your
 * current environment. Setting the environment also influences
 * things like logging and error reporting.
 *
 * This can be set to anything, but default usage is:
 *
 * development
 * testing
 * production
 *
 * NOTE: If you change these, also change the error_reporting() code below
 *
 */

 define('ENVIRONMENT', 'development');
/*
 *---------------------------------------------------------------
 * ERROR REPORTING
 *---------------------------------------------------------------
 *
 * Different environments will require different levels of error reporting.
 * By default development will show errors but testing and live will hide them.
 */

 
if (defined('ENVIRONMENT'))
{
 switch (ENVIRONMENT)
 {
 case 'development':
 error_reporting(E_ALL);
 break;
 
 case 'testing':
 case 'production':
 error_reporting(0);
 break;
 
default:
 exit('The application environment is not set correctly.');
 }
}
 
/*
 *---------------------------------------------------------------
 * SYSTEM FOLDER NAME
 *---------------------------------------------------------------
 *
 * This variable must contain the name of your "system" folder.
 * Include the path if the folder is not in the same directory
 * as this file.
 *
 */

 $system_path = 'system';
 
/*
 *---------------------------------------------------------------
 * APPLICATION FOLDER NAME
 *---------------------------------------------------------------
 *
 * If you want this front controller to use a different "application"
 * folder then the default one you can set its name here. The folder
 * can also be renamed or relocated anywhere on your server. If
 * you do, use a full server path. For more info please see the user guide:
 * http://codeigniter.com/user_guide/general/managing_apps.html
 *
 * NO TRAILING SLASH!
 *
 */

 $application_folder = 'application';
 
/*
 * --------------------------------------------------------------------
 * DEFAULT CONTROLLER
 * --------------------------------------------------------------------
 *
 * Normally you will set your default controller in the routes.php file.
 * You can, however, force a custom routing by hard-coding a
 * specific controller class/function here. For most applications, you
 * WILL NOT set your routing here, but it's an option for those
 * special instances where you might want to override the standard
 * routing in a specific front controller that shares a common CI installation.
 *
 * IMPORTANT: If you set the routing here, NO OTHER controller will be
 * callable. In essence, this preference limits your application to ONE
 * specific controller. Leave the function name blank if you need
 * to call functions dynamically via the URI.
 *
 * Un-comment the $routing array below to use this feature
 *
 */

 // The directory name, relative to the "controllers" folder. Leave blank
 // if your controller is not in a sub-folder within the "controllers" folder
 // $routing['directory'] = '';
 
// The controller class file name. Example: Mycontroller
 // $routing['controller'] = '';
 
// The controller function you wish to be called.
 // $routing['function'] = '';
/*
 * -------------------------------------------------------------------
 * CUSTOM CONFIG VALUES
 * -------------------------------------------------------------------
 *
 * The $assign_to_config array below will be passed dynamically to the
 * config class when initialized. This allows you to set custom config
 * items or override any default config values found in the config.php file.
 * This can be handy as it permits you to share one application between
 * multiple front controller files, with each file containing different
 * config values.
 *
 * Un-comment the $assign_to_config array below to use this feature
 *
 */

 // $assign_to_config['name_of_config_item'] = 'value of config item';
 
 
 
// --------------------------------------------------------------------
// END OF USER CONFIGURABLE SETTINGS. DO NOT EDIT BELOW THIS LINE
// --------------------------------------------------------------------
 
/*
 * ---------------------------------------------------------------
 * Resolve the system path for increased reliability
 * ---------------------------------------------------------------
 */

 
// Set the current directory correctly for CLI requests
 if (defined('STDIN'))
 {
 chdir(dirname(__FILE__));
 }
 
if (realpath($system_path) !== FALSE)
 {
 $system_path = realpath($system_path).'/';
 }
 
// ensure there's a trailing slash
 $system_path = rtrim($system_path, '/').'/';
 
// Is the system path correct?
 if ( ! is_dir($system_path))
 {
 exit("Your system folder path does not appear to be set correctly. Please open the following file and correct this: ".pathinfo(__FILE__, PATHINFO_BASENAME));
 }
 
/*
 * -------------------------------------------------------------------
 * Now that we know the path, set the main path constants
 * -------------------------------------------------------------------
 */

 // The name of THIS file
 define('SELF', pathinfo(__FILE__, PATHINFO_BASENAME));
 
// The PHP file extension
 // this global constant is deprecated.
 define('EXT', '.php');
 
// Path to the system folder
 define('BASEPATH', str_replace("\\", "/", $system_path));
 
// Path to the front controller (this file)
 define('FCPATH', str_replace(SELF, '', __FILE__));
 
// Name of the "system folder"
 define('SYSDIR', trim(strrchr(trim(BASEPATH, '/'), '/'), '/'));
 // The path to the "application" folder
 if (is_dir($application_folder))
 {
 define('APPPATH', $application_folder.'/');
 }
 else
 {
 if ( ! is_dir(BASEPATH.$application_folder.'/'))
 {
 exit("Your application folder path does not appear to be set correctly. Please open the following file and correct this: ".SELF);
 }
 
define('APPPATH', BASEPATH.$application_folder.'/');
 }
 
/*
 * --------------------------------------------------------------------
 * LOAD THE BOOTSTRAP FILE
 * --------------------------------------------------------------------
 *
 * And away we go...
 *
 */

require_once BASEPATH.'core/CodeIgniter.php';
 
/* End of file index.php */
/* Location: ./index.php */
复制代码


这是CodeIgniter的入口文件,做开发是,都会设置一下

PHP复制代码
define('ENVIRONMENT', 'development');
复制代码


用来区分线上和线下环境,但是在这里

PHP复制代码
if (defined('ENVIRONMENT'))
{
        switch (ENVIRONMENT)
        {
                case 'development':
                        error_reporting(E_ALL);
                break;
       
                case 'testing':
                case 'production':
                        error_reporting(0);
                break;
 
                default:
                        exit('The application environment is not set correctly.');
        }
}
复制代码


CodeIgniter会判断一下,如果是production,它会将error_reporting设置为0,这会导致所有的错误都不记录php_error.log,但是error.log是我们发现bug和解决问题的重要依据。
所以,根据我们自己的经验,建议CodeIgniter用户将error_reporting(0),这段代码删掉,并将php.ini的

PHP复制代码
error_reporting=E_ALL&~E_NOTICE
display_errors = Off
复制代码


如果你不能操作ini,那么就

PHP复制代码
if (defined('ENVIRONMENT'))
{
        switch (ENVIRONMENT)
        {
                case 'development':
                        error_reporting(E_ALL);
                break;
       
                case 'testing':
                case 'production':
                        error_reporting(E_ALL ^ E_NOTICE);
                        ini_set('display_errors','0');
                break;
 
                default:
                        exit('The application environment is not set correctly.');
        }
}
复制代码


这样你的程序错误就不会暴漏给用户,并且会记录在php_error.log中,但是即使这样,依然会有一些错误会暴漏出来,这就涉及到CodeIgniter另外的坑

评分

参与人数 1威望 +5 收起 理由
Hex + 5 赞一个!

查看全部评分

发表于 2013-7-12 01:30:21 | 显示全部楼层
不知道CodeIgniter GITHUB上的dev版本有没有修复这个问题……
发表于 2013-7-12 09:03:45 | 显示全部楼层
这么写估计CI是想开发者用自己的日志功能吧~~
毕竟虚拟空间里一般是看不到php_error.log..
除非自己是单独的服务器。否则去哪查看php_error.log。。

 楼主| 发表于 2013-7-12 09:44:40 | 显示全部楼层
ini_set('error_log','./php_errors.log');可以这样设置,让error_log输出到自己有权限的目录
发表于 2013-7-12 13:28:27 | 显示全部楼层
感谢作者分享这么好的一系列文章,希望作者写出更多关于CI坑爹的系列文章,哈哈。
只要是对大家有价值的文章都是好文章~

PS: 等下我整理下文章格式。
发表于 2013-7-16 14:11:32 | 显示全部楼层
本帖最后由 Raphael 于 2013-7-16 14:13 编辑

一般php工程師沒有權限去讀取php_error.log,
所以有沒有寫入差異不太大,
一但有錯通常都會有開發環境的主機可以使用,
所以這個做法不錯,
但實用性應讓不是很大.

相較於error.log,
應該更重視操作log.
发表于 2015-1-22 10:18:21 | 显示全部楼层
还有xss的坑
发表于 2015-1-22 10:24:38 | 显示全部楼层

XSS 有甚麼坑 {:soso_e103:}
发表于 2015-1-26 10:11:06 | 显示全部楼层
你开启了xss的东西,有些你不想过滤的词语,他帮你过滤了。

本版积分规则