var_dump()
to log can be risky if the variable contains sensitive information27 var_dump(PHP_73); // invalid: constant doesn't exist
28
29 var_dump(Version::php72());
30 var_dump(Version::PHP73());31
32 var_dump(htmlSpecialChars('<strong>Foo</strong>'));
33 }
var_dump()
to log can be risky if the variable contains sensitive information26 var_dump(PHP_74);
27 var_dump(PHP_73); // invalid: constant doesn't exist
28
29 var_dump(Version::php72());30 var_dump(Version::PHP73());
31
32 var_dump(htmlSpecialChars('<strong>Foo</strong>'));
var_dump()
to log can be risky if the variable contains sensitive information20 * Some comments
21 *
22 */
23 var_dump(php_80());24 var_dump(php_81()); // invalid: function doesn't exist
25
26 var_dump(PHP_74);
var_dump()
to log can be risky if the variable contains sensitive information21 *
22 */
23 var_dump(php_80());
24 var_dump(php_81()); // invalid: function doesn't exist25
26 var_dump(PHP_74);
27 var_dump(PHP_73); // invalid: constant doesn't exist
var_dump()
to log can be risky if the variable contains sensitive information23 var_dump(php_80());
24 var_dump(php_81()); // invalid: function doesn't exist
25
26 var_dump(PHP_74);27 var_dump(PHP_73); // invalid: constant doesn't exist
28
29 var_dump(Version::php72());
Debugging functions such as var_dump
, print_r
or var_export
should not be kept in production code. These functions display information about the variable, which can be helpful during development. However, if they contain any sensitive information, the presence of these functions in production code can expose that. Therefore, it is advised to avoid using it in production.
function getUser() {
$query = buildQuery('users', ['*']);
var_dump($query);
}
function getUser() {
$query = buildQuery('users', ['*']);
Log::info(print_r($query, true));
}