print_r()
to log can be risky if the variable contains sensitive information371 if ($this->do_debug >= 1) {
372 echo '<pre>';
373 foreach ($this->errors as $error) {
374 print_r($error);375 }
376 echo '</pre>';
377 }
Debugging functions such as var_dump
, print_r
or var_export
should not be kept in production code. These functions display information about the variable, which can be helpful during development. However, if they contain any sensitive information, the presence of these functions in production code can expose that. Therefore, it is advised to avoid using it in production.
function getUser() {
$query = buildQuery('users', ['*']);
var_dump($query);
}
function getUser() {
$query = buildQuery('users', ['*']);
Log::info(print_r($query, true));
}