<?php /** * @link http://www.yiiframework.com/ * @copyright Copyright (c) 2008 Yii Software LLC * @license http://www.yiiframework.com/license/ */ namespace yii\debug; use Yii; use yii\base\Application; use yii\base\BootstrapInterface; use yii\helpers\Url; use yii\web\View; use yii\web\ForbiddenHttpException; /** * The Yii Debug Module provides the debug toolbar and debugger * * @author Qiang Xue <qiang.xue@gmail.com> * @since 2.0 */ class Module extends \yii\base\Module implements BootstrapInterface { /** * @var array the list of IPs that are allowed to access this module. * Each array element represents a single IP filter which can be either an IP address * or an address with wildcard (e.g. 192.168.0.*) to represent a network segment. * The default value is `['127.0.0.1', '::1']`, which means the module can only be accessed * by localhost. */ public $allowedIPs = ['127.0.0.1', '::1']; /** * @inheritdoc */ public $controllerNamespace = 'yii\debug\controllers'; /** * @var LogTarget */ public $logTarget; /** * @var array list of debug panels. The array keys are the panel IDs, and values are the corresponding * panel class names or configuration arrays. This will be merged with [[corePanels()]]. * You may reconfigure a core panel via this property by using the same panel ID. * You may also disable a core panel by setting it to be false in this property. */ public $panels = []; /** * @var string the directory storing the debugger data files. This can be specified using a path alias. */ public $dataPath = '@runtime/debug'; /** * @var integer the maximum number of debug data files to keep. If there are more files generated, * the oldest ones will be removed. */ public $historySize = 50; /** * @var boolean whether to enable message logging for the requests about debug module actions. * You normally do not want to keep these logs because they may distract you from the logs about your applications. * You may want to enable the debug logs if you want to investigate how the debug module itself works. */ public $enableDebugLogs = false; /** * Returns Yii logo ready to use in `<img src="` * * @return string base64 representation of the image */ public static function getYiiLogo() { return ''; } /** * @inheritdoc */ public function init() { parent::init(); $this->dataPath = Yii::getAlias($this->dataPath); $this->initPanels(); } /** * Initializes panels. */ protected function initPanels() { // merge custom panels and core panels so that they are ordered mainly by custom panels if (empty($this->panels)) { $this->panels = $this->corePanels(); } else { $corePanels = $this->corePanels(); foreach ($corePanels as $id => $config) { if (isset($this->panels[$id])) { unset($corePanels[$id]); } } $this->panels = array_filter(array_merge($corePanels, $this->panels)); } foreach ($this->panels as $id => $config) { $config['module'] = $this; $config['id'] = $id; $this->panels[$id] = Yii::createObject($config); } } /** * @inheritdoc */ public function bootstrap($app) { $this->logTarget = Yii::$app->getLog()->targets['debug'] = new LogTarget($this); // delay attaching event handler to the view component after it is fully configured $app->on(Application::EVENT_BEFORE_REQUEST, function () use ($app) { $app->getView()->on(View::EVENT_END_BODY, [$this, 'renderToolbar']); }); $app->getUrlManager()->addRules([ $this->id => $this->id, $this->id . '/<controller:\w+>/<action:\w+>' => $this->id . '/<controller>/<action>', ], false); } /** * @inheritdoc */ public function beforeAction($action) { if (!$this->enableDebugLogs) { foreach (Yii::$app->getLog()->targets as $target) { $target->enabled = false; } } if (!parent::beforeAction($action)) { return false; } // do not display debug toolbar when in debug view mode Yii::$app->getView()->off(View::EVENT_END_BODY, [$this, 'renderToolbar']); if ($this->checkAccess()) { $this->resetGlobalSettings(); return true; } elseif ($action->id === 'toolbar') { // Accessing toolbar remotely is normal. Do not throw exception. return false; } else { throw new ForbiddenHttpException('You are not allowed to access this page.'); } } /** * Resets potentially incompatible global settings done in app config. */ protected function resetGlobalSettings() { Yii::$app->assetManager->bundles = []; } /** * Renders mini-toolbar at the end of page body. * * @param \yii\base\Event $event */ public function renderToolbar($event) { if (!$this->checkAccess() || Yii::$app->getRequest()->getIsAjax()) { return; } $url = Url::toRoute(['/' . $this->id . '/default/toolbar', 'tag' => $this->logTarget->tag, ]); echo '<div id="yii-debug-toolbar" data-url="' . $url . '" style="display:none"></div>'; /** @var View $view */ $view = $event->sender; echo '<style>' . $view->renderPhpFile(__DIR__ . '/assets/toolbar.css') . '</style>'; echo '<script>' . $view->renderPhpFile(__DIR__ . '/assets/toolbar.js') . '</script>'; } /** * Checks if current user is allowed to access the module * @return boolean if access is granted */ protected function checkAccess() { $ip = Yii::$app->getRequest()->getUserIP(); foreach ($this->allowedIPs as $filter) { if ($filter === '*' || $filter === $ip || (($pos = strpos($filter, '*')) !== false && !strncmp($ip, $filter, $pos))) { return true; } } Yii::warning('Access to debugger is denied due to IP address restriction. The requested IP is ' . $ip, __METHOD__); return false; } /** * @return array default set of panels */ protected function corePanels() { return [ 'config' => ['class' => 'yii\debug\panels\ConfigPanel'], 'request' => ['class' => 'yii\debug\panels\RequestPanel'], 'log' => ['class' => 'yii\debug\panels\LogPanel'], 'profiling' => ['class' => 'yii\debug\panels\ProfilingPanel'], 'db' => ['class' => 'yii\debug\panels\DbPanel'], 'mail' => ['class' => 'yii\debug\panels\MailPanel'], ]; } }