Project

General

Profile

Actions
Copy link

Bug #72407

closed

Extbase\DebuggerUtility::var_dump: blacklist does not work as expected

Added by Tim Riemenschneider over 8 years ago. Updated over 5 years ago.

Status:
Closed
Priority:
Should have
Assignee:
-
Category:
Extbase
Target version:
-
Start date:
2015-12-23
Due date:
% Done:

100%

Estimated time:
TYPO3 Version:
6.2
PHP Version:
Tags:
Complexity:
Is Regression:
No
Sprint Focus:

Description

When trying to blacklist classes/properties from the output, the first argument is ignored. This stems from the fact, that strpos is used in Extbase\DebuggerUtility::isBlacklisted.

I.e. when dumping a class:

class DumpMe {
   /** @var string */
   protected $secretData = 'do not show me';
   /** @var string */
   protected $showMe = 'show me in debug';
}

with DebuggerUtility::var_dump($myObj, 'Debug Test', 8, FALSE, TRUE, FALSE, null, array('secretData')); the secretData is still shown.

isBlacklisted contains:
$result = (strpos(implode('|', self::$blacklistedPropertyNames), $value->getName()) > 0);
and since the string "secretData" is at position 0 in the imploded array, it is still shown.
dumping with DebuggerUtility::var_dump($myObj, 'Debug Test', 8, FALSE, TRUE, FALSE, null, array('dummy', 'secretData'));
or even with DebuggerUtility::var_dump($myObj, 'Debug Test', 8, FALSE, TRUE, FALSE, null, array('prefixDoesNotMattersecretData'));, it is hidden.

when using strpos, the return value should be checked with "!== FALSE".

However, why is strpos even used here? why not $result = in_array($value->getName(), self::$blacklistedPropertyNames);
(maybe guarded by if(is_array...))

Related issues 1 (0 open1 closed)

Related to TYPO3 Core - Bug #78511: DebuggerUtility changes global blacklistClosed2016-10-31

Actions
Actions
Copy link

Also available in: Atom PDF