Hey,
I noticed in rollbar panel I should update rollbar library. I updated but message didn't dissapeared. Then I discovered there is wrong version typed in release
https://github.com/rollbar/rollbar-php/blob/v0.17.0/src/rollbar.php#L93

Hi,
I needed to change this method, because my system (nginx+php5-fpm) i have $last_error['type'] = 4 instead of 1 (E_ERROR).

Can you give help me or give information about that, because i want to use rollbar if some syntax error appear.

public static function report_fatal_error() {
        // Catch any fatal errors that are causing the shutdown
        $last_error = error_get_last();


        if (!is_null($last_error)) {
             $last_error['type'] = E_ERROR;
            switch ($last_error['type']) {
                case E_ERROR:
                    self::$instance->report_php_error($last_error['type'], $last_error['message'], $last_error['file'], $last_error['line']);
                    break;
            }
        }
    }

Is there any reason to check access_token, when handler is set to "agent" ?

It was confusing for me that I have to set token when my code does not connect to Rollbar directly.

Hi,

in production we don't want to stop rendering the page in case of whatever error has happened, and redirect to a nice error message page instead. I failed to locate anything in this direction in the notifier, is there a best-practice approach for this?

thanks!

Would be nice if the call to person_fn callable would be wrapped in a try-catch block, and swallow the exception (logging it with log_error).

The problem I had:

• PHP error was generated from PHP-PDO layer (connection warning)
• person_fn was called, which checks if a session exists and returns user information
• Sessions are stored in database, meaning that the session checking would again result in a PDO warning
• This would fail, as report_php_error would fail with "Exception while reporting php error".

Can it be that Rollbar::report_message is not listening to the 'level' parameter?

This is my code:

$error_message = "404 page not found";
Rollbar::report_message($error_message, 'info');

This is not showing up in the dashboard, I've tried 'critical', 'debug', 'info', 'warning'.

When i change it to 'error', it does:

$error_message = "404 page not found";
Rollbar::report_message($error_message, 'error');

API error: Invalid format. data.body must not be undefined. Instead, it should be an object with a 'message', 'trace', 'trace_chain', or 'crash_report' key.

tried different versions:
baibaratsky/yii2-rollbar:1.4.* (rollbar-php:0.18.2)
baibaratsky/yii2-rollbar:1.1.0 (rollbar-php:0.15.0)

As per #112 scrubbing does not work correctly. There is one test for scrubbing and it obviously does not cover a reasonable amount of surface area. We need better tests around how things are scrubbed.

The logger throws:

 iconv(): Wrong charset, conversion from `UTF-8' to `UTF-8//IGNORE' is not allowed in /var/www/vendor/rollbar/rollbar/src/rollbar.php on line 374

When run in an alpine linux docker container.

The issue can temporarily be circumvented by using the config:

'enable_utf8_sanitization' => false, although this is not desierable

Everytime I run a code check I am getting this:

The yellow represents rollbar which if you can't read, has 1,216

This may not be the direction you guys are shooting for, so feel free to deny the pull request and close this out, although we had to modify this on our copy of rollbar.php to work in our environment. The current file name for the rollbar agent log is generated based on the process id of the current php process. In a high transaction environment, these could very well overlap. I'm proposing and adding a pull request in the new few moments that appends the timestamp to the process id to make sure a unique file name is generated. Thanks in advance for your consideration.

Similar issue to the $_GET/$_POST values, but now it's on the keys. Can be seen with common vulnerability scanners. Example:

http://{yourdomainname.com}/{somepath}?acux8277%C0%BEz1%C0%BCz2a%90bcxuca8277

With:
display_errors Off (this is the only condition that causes the json_encode warning to happen)

Pull request coming shortly

What's about supporting PSR?
https://github.com/php-fig/fig-standards/tree/master/accepted

What is the difference between $extra_data and $payload_data arguments in report_exception function ?

I noticed in web interface rollbar appending trace.extra. for $extra_data. Is there any other difference?

ERROR: Uncaught TypeError: Argument 2 passed to RollbarException::__construct() 
must be an instance of Exception, instance of Error given, 
called in .../vendor/rollbar/rollbar/src/rollbar.php on line 345 
and defined in .../vendor/rollbar/rollbar/src/rollbar.php:91

One type hint was not removed but probably it is better to use class_alias() instead of define, it will also help to restore class hinting removed here 7b7cae9

As I understand, Rollbar is built with the assumption of an HTTP request. Still, it would be good to have at least some support for command line programs.

Now it just sets the URL to http://unknown/ and everything else to None. It makes very hard to determine in what context the error has occurred.

It would be nice if at least the command line arguments were included in the error details.

Should be a small change here: https://github.com/rollbar/rollbar-php/blob/master/rollbar.php#L437

This will make things work better when php is running behind nginx. (Still requires configuring nginx to send the header).

Hi.

In docs 'scrub_fields
Array of field names to scrub out of _POST and _SESSION. Values will be replaced with asterisks. If overridiing, make sure to list all fields you want to scrub, not just fields you want to add to the default. Param names are converted to lowercase before comparing against the scrub list.'

But actually comparing worked as case sensitivity in case target key is not defined in scrub_fields as regular expressions. And in session params not converting to lowercase.

I'm using this with the rollbar agent, and it seems to be writing an empty file a considerable amount of the time.

Hi. I run the code from your example and get just such error. I use composer

PHP Fatal error: Uncaught TypeError: Argument 3 passed to Rollbar\RollbarLogger::log() must be of the type array, null given, called in /home/dev/wwwroot/hotwork/vendor/rollbar/rollbar/src/Rollbar.php on line 57 and defined in /home/dev/wwwroot/hotwork/vendor/rollbar/rollbar/src/RollbarLogger.php:30

Ran into a bug where I used one of the Level constants before accessing the rollbar class. I'm using an autoloader, so the files are only loaded when required.

As the first line in rollbar.php is to include Level.php, which had already been loaded by that point, it tried to redeclare the class, causing a Fatal error

I'd like to know whether my log request to rollbar was successful or not, so that I could log to a file or send a mail (or react in other ways), when the request failed.
Currently, the result is only logged via your own logger (which isn't even PSR-3 compliant).

My scenario: I need to filter the source of an error and want to prevent certain files to log errors.

Therefore It would be amazing to deliver a callback function to the Rollbar::init($config); which handles the final result and I can check / edit or refuse the api call.

It would be great if exception stack trace args were shown in rollbar.

For example:

#4 [internal function]: Illuminate\Cache\Repository->put('x', Array, Object(Carbon\Carbon))
#5 /vendor/laravel/framework/src/Illuminate/Cache/CacheManager.php(296): call_user_func_array(Array, Array)
#6 /bootstrap/cache/compiled.php(6199): Illuminate\Cache\CacheManager->__call('put', Array)
#7 /bootstrap/cache/compiled.php(6199): Illuminate\Cache\CacheManager->put('x', Array, Object(Carbon\Carbon))

Just saw this come through, any ideas?

E_NOTICE: iconv(): Detected an illegal character in input string
  File "/srv/www/commando.io/lib/rollbar/Rollbar.php", line 265, in _sanitize_utf8
  File "<internal>", line unknown, in report_message
  File "/srv/www/commando.io/classes/Error.php", line 65, in rollbar
  File "/srv/www/commando.io/classes/Error.php", line 85, in halt
  File "/srv/www/commando.io/classes/Error.php", line 125, in show
  File "/srv/www/commando.io/classes/MongoConnection.php", line 139, in insert

rollbar-gem does this: https://github.com/rollbar/rollbar-gem/blob/master/lib/rollbar.rb#L400-L410 . We should do something similar here.

We got rollbar through composer and the file exists. When we try include autoload.php it can not find the Rollbar class.

[Fri Apr 08 04:56:06.625637 2016] [:error] [pid 7389] [client xxx.xxx.xxx.xxx:57535] PHP Fatal error: Class 'Rollbar' not found in /var/www/somepath/htdocs/test.php on line 10

However if we include the rollbar.php file directly it works fine. See example below

// Does not work
//require_once '../vendor/autoload.php';

// Does owrk
require_once '../vendor/rollbar/rollbar/src/rollbar.php';

$config['access_token'] = '.....';
Rollbar::init($config);

I am unsure why as
"classmap": ["src/rollbar.php"]
matches what some other projects use just fine.

Unfortunately, it doesn't seem like php is going to bake this in to the language anytime soon. json_encode can occasionally fail when there is an invalid (non utf-8) character in the request/headers/etc, and will trigger a warning (also resulting in a null value for the field). I'm going to issue a pull request to sanitize fields in the payload by scrubbing non utf-8 characters, but I want to test this in our environment for a short time to ensure it corrects the issue.

As it is, included_errno parameter is not sufficient. For example, if you set it to include E_NOTICE, it will report ALL notices, even ones that were suppressed by changing error_reporting level.

I think when filtering which errors to report, the effective error_reporting() level should be used by default.

The Forwarded header is the new standard (RFC 7239) als alternative for the common (but non-standard) X-Forwarded-* headers.

This document defines an HTTP extension header field that allows
proxy components to disclose information lost in the proxying
process, for example, the originating IP address of a request or IP
address of the proxy on the user-agent-facing interface. In a path
of proxying components, this makes it possible to arrange it so that
each subsequent component will have access to, for example, all IP
addresses used in the chain of proxied HTTP requests.

It is passed to PHP as $_SERVER['HTTP_FORWARDED']. It needs to be parsed to extract the different parts.

  X-Forwarded-For: 192.0.2.43, 2001:db8:cafe::17

becomes:

  Forwarded: for=192.0.2.43, for="[2001:db8:cafe::17]"

Via @nodesocket:

If I use the PHP @ symbol, which is a special and indicates to suppress errors (warnings, etc), the event still get's pushed to Rollbar. This is not the desired behavior. If I suppress with @, I don't want it pushed to Rollbar. Can you guys fix this? Perhaps this should be an optional flag passed into the Rollbar constructor.

Here is more information about @ symbol behavior:

http://php.net/manual/en/language.operators.errorcontrol.php

Unless there's objection from the community, let's make this change, make it the default behavior, and bump the version to 0.6.0. The old behavior should be available via a config flag.

I can't find any documentation that can tell me how I can tell if my logs are being submitted via the rollbar-agent. The agent is running and error logs are being generated then deleted once they've been consumed, but I cannot see anything within the report to indicate that it was in fact submitted via the agent. I'm not sure if there's a key I should be looking for or if it's just that seemless that you can't tell. Any help would be welcomed.

Here's my notifier config:

<?php
// Rollbar Config
$rbConfig = [
    'access_token' => ROLLBAR_API,
    'environment' => SERVER,
    'root' => ABS_PATH,
    'checkIgnore' => function ($isUncaught, $exception, $payload) {
        logError($exception->getMessage());
        return false;
    },
    'handler' => 'agent',
    'agent_log_location' => ABS_PATH .'logs'
];

// Initialize Rollbar
Rollbar::init($rbConfig);

In 5.x, we extended RollbarNotifier::build_request_data to strip the session id from the cookie data. In 6.x, that method and the member _request_data have been made private, so we cannot touch that. (Which is exactly why I dislike "private by default")

RollbarNotifier::scrub_fields only applies to $_POST and $_SESSION, so that can't be used either.

I would propose that Rollbar strip the sesion id ($_COOKIE[session_name()]) to prevent session ids from leaking, which is a security risk (because it enables session hijacking). More generally, if scrub_fields were applied to headers, users could filter out whatever they want to.

It would be nice if calls to Rollbar::report_message() could also capture the stack trace.

This should probably be available both as a per-call param, and as a config param.

I'm seeing notifications for version 0.16.0 on Rollbar:

However Github doesn't show 0.16.0 as released, the code still shows 0.15.0.

class RollbarNotifier {
    const VERSION = "0.15.0";

The changelog doesn't show this either.

Is it safe or recommended to update to 0.16.0 and manually edit the rollbar.php file with the correct version number? Or should we just ignore the messages in our control panel?

Please make sure that Rollbar update notifications accurately reflect the latest released version, otherwise it's just creating unnecessary work for us.

In PHP 7 there are various predefined/reserved exceptions, which are not currently handled by the Rollbar package.

• Error
• ArithmeticError
• AssertionError
• DivisionByZeroError
• ParseError
• TypeError

Error is the base class for all internal PHP errors, so could be caught via instance type checking. Whilst there is no common interface defined, the interfaces do actually match exactly with the standard Exception class.

When passing custom $extra_data into report_message() do the settings scrub fields apply, i.e. mask those values?

That would allow the report_exception() to automatically add extra_data and payload_data if the reported exception implements the RollbarExceptionInterface.

What do you think ?

Hi there!

The current stable tag has the following autoload:

  "autoload": {
    "files": ["ratchetio.php"]
  }

I noticed that it's fixed in the master. Could we have a tag please? :)

Thanks!

I'm using rollbar with great success but today I've noticed something that bothers me.

My code is using exception to report invalid GET parameters.
In dev, when I call an invalid URL, I get a 500 error and the error is logged by php.
In prod, where rollbar is enabled, I obtain a blank page with a 200 status.

Having a 200 status can be an issue for a number of reasons (for example because it means a search engine could index pages whose URL is invalid).

In my opinion, most people would like the server to return a 5XX status, so it makes sense to implement this in rollbar's error_handler.

Do you think that's a good idea ?

I'm unsure if this is an issue with this package or something within Rollbar. I just added this to my Laravel 5 project using https://github.com/jenssegers/laravel-rollbar and am testing things out and Rollbar is seeing an exception, but it's not the one I'm throwing.

I've verified that the exception and appropriate context is being passed to the rollbar-php package.

@dlsteuer began investigating this issue with me and we've narrowed it down to https://github.com/rollbar/rollbar-php/blob/master/src/rollbar.php#L342-L343 being the cause of the issue. I've created this ticket for tracking purposes.

Is there any reason you don't read the PHP environment to get the default error reporting level to use for included_errno?

For example, default should just get error_reporting(), not default to:

 define('ROLLBAR_INCLUDED_ERRNO_BITMASK', E_ERROR | E_WARNING | E_PARSE | E_CORE_ERROR | E_USER_ERROR | E_RECOVERABLE_ERROR);

class RollbarNotifier {
    const VERSION = "0.9.7";

Should be 0.9.8.

It would be great if the config option checkIgnore was implemented for PHP!

If using the dev version dashboard is flooded with Rollbar's own errors:

API error: Invalid format. data.body.trace.exception.class is missing and it is required.

Hi, I have built a package that integrates rollbar with laravel: https://github.com/jenssegers/Laravel-Rollbar

I did run into some trouble because your classes are not namespaced.

The scrub_fields param should also look at $_COOKIE to exclude custom session cookies containing sensitive information. Maybe a scrub_cookies param?