I've made application in Symfony 4.0. When I try to access key in array, which does not exist, in "dev" mode, PHP throws exception as you would expect. But when I switch to "prod" mode, it starts to act strangely.
"dev" mode:
$var = $array["key_which_does_not_exist"];
//this throws exception
"prod" mode:
$var = $array["key_which_does_not_exist"]["another_key_which_does_not_exist"][0]
//in $var is null
This is expected as symfony prod environnement has debugging set to false by default.
In fact, this is PHP's behaviour that is overriden by Symfony. You can override how PHP handles your errors.
http://www.php.net/manual/en/errorfunc.configuration.php#ini.error-reporting
Symfony uses this feature to override this behaviour whether if you have debugging activated or not. It is not in prod environment, and it is in dev as you can easily spot your errors
I recently discovered that my profiler is not working. Every time I try to open the profiler from /app_dev.php/_profiler/empty/search/results?ip=&limit=10 I get this empty profiler page:
With default and customc onfiguration. Here the custom one:
framework:
profiler:
dsn: 'file:/tmp/symfony-profiler'
And here a more precise configuration:
framework:
profiler:
dsn: "file:%kernel.root_dir%/../var/cache/%kernel.environment%/profiler"
No calls are stored in theprofiler. No log keep trace of what happens under the carpet.
Symfony needs the same file permissions to write the profiling data as it would for logs or the cache. Does Symfony write the files if the DSN is left at the default which would write them into var/cache/dev/profiler (or app/var with an older version).
It's also possible that the profiler service has been overridden, which can be checked with bin/console debug:container profiler and other such tools.
I'm using Symfony for a project and I have been trying to get the login to work on production server with no success for the past 2 days. I keep getting the error
Authentication request could not be processed due to a system problem.
I have followed the guide here (http://symfony.com/doc/current/cookbook/security/entity_provider.html) to setup loading users from database.
My security.yml file:
security:
encoders:
Symfony\Component\Security\Core\User\User: plaintext
Acceptme\UserBundle\Entity\User: plaintext
role_hierarchy:
ROLE_SUPER_ADMIN: [ROLE_ADMIN, ROLE_ALLOWED_TO_SWITCH]
providers:
in_memory:
memory:
users:
patricia:
password: patricia
roles: 'ROLE_ADMIN'
users:
name: user_provider
entity: { class: AcceptmeUserBundle:User, property: username }
firewalls:
user_area:
pattern: ^/
anonymous: ~
provider: user_provider
form_login:
login_path: login_route
check_path: _login_check
default_target_path: homepage
dev:
pattern: ^/(_(profiler|wdt|error)|css|images|js)/
security: false
default:
anonymous: ~
http_basic: ~
access_control:
- { path: ^/admin, roles: ROLE_ADMIN }
My SecurityController.php:
namespace AppBundle\Controller;
use Symfony\Component\HttpFoundation\Request;
use Sensio\Bundle\FrameworkExtraBundle\Configuration\Route;
use Symfony\Bundle\FrameworkBundle\Controller\Controller;
use Sensio\Bundle\FrameworkExtraBundle\Configuration\Template;
use Sensio\Bundle\FrameworkExtraBundle\Configuration\Security;
use Symfony\Component\Security\Core\SecurityContext;
class SecurityController extends Controller
{
/**
* #Route("/login", name="login_route")
* #Template("security/login.html.twig")
*/
public function loginAction(Request $request)
{
if ($request->attributes->has(SecurityContext::AUTHENTICATION_ERROR)) {
$error = $request->attributes->get(SecurityContext::AUTHENTICATION_ERROR);
} else {
$error = $request->getSession()->get(SecurityContext::AUTHENTICATION_ERROR);
}
return array(
'last_username' => $request->getSession()->get(SecurityContext::LAST_USERNAME),
'error' => $error,
);
}
/**
* #Route("/login_check", name="_login_check")
*/
public function securityCheckAction()
{
// this controller will not be executed,
// as the route is handled by the Security system
}
}
I have tried uploading the project on 2 different web hosts (FatCow & GoDaddy) and the problem remains. Locally i am using PHP 5.4.19 (FatCow uses 5.3.2 and GoDaddy uses 5.4.37). Keep in mind that when working on localhost with XAMPP everything works fine!
I've confirmed that PDO is enabled in both cases. I've confirmed that the database username, password and host are correct in the parameters.yml file. Error logs on both local and remote servers show nothing.
I have followed all directions from this previous post Deploying Symfony2 app getting fosuserbundle errors and still no success.
It looks like that the error:
Authentication request could not be processed due to a system problem.
is too generic and does not tell anything about where the problem is (there is an issue opened about this matter here).
I solved my issue by checking the logs and see what happened (in var/logs/dev.log), hoping this helps someone.
In my specific case, there was a wrong parameter in parameters.yml about database connection. But, again, the error is too generic and does not necessarily imply that the problem is related with database connection.
This problem can be fixed running command: php bin/console cache:clear --env=prod --no-debug
UPDATE: Issue solved. The issue was that a table in the entity php file was named with upper case letters while the database table was named with lower case. +1 to ClémentBERTILLON for pointing in the right direction, namely prod.log
AS #ShinDarth mention it. It is too generic and log inspection will help people in our case to get throught this.
If it can help in my situation it was :
After an SonataUserBundle installation in SF3, I had to
bin/console doctrine:schema:update --force
My context is particular, I have had already installed and used FOSUserBundle before to install SonataUserBundle. (Because of SF3 compatibility with FOSUser/SonataUSer...
Database have been taken 16 queries after that. Working great.
You probably used the template given by Symfony docs here :
{% if error %}
<div class="alert alert-danger">{{ error.messageKey|trans(error.messageData, 'security') }}</div>
{% endif %}
Which actually gives you this error message. The most simple and reliable way to fix this issue is to replace this line by the following :
<div class="alert alert-danger">{{ error }}</div>
Which will give you the full stack-trace for your error and (hopefully) help you debug your application. Don't forget to revert this before going to production!
In my case, I changed user entity and then I forgot to update table.
for table update:
php bin/console doctrine:schema:update --force
Currently there is a bug in Symfony and on production IF during authentication system error occurs (missing table, missing column or any other exception) - it's logged as INFO instead of ERROR and with default error logging options it's not logged at all.
https://github.com/symfony/symfony/pull/28462
I think there are two options right now - temporary log everything (including INFO) on production until you find the real error.
Second option: use this patch or debug directly on production.
I'm sure that this error is too generic. In my case, The follow is incorrect:
class: App/Entity/User;
Correction:
class: App\Entity\User;
This solution is correct for me: https://stackoverflow.com/a/39782535/2400373
But If you do not have access to the terminal, you can enter the server and delete the folders that are inside var/cache.
Another solution if you have access to the console is to type
#rm -rf var/cache/*
or
$sudo rm -rf var/cache/*
this solution works on symfony 3
In my case the issue was fixed by correcting a typo in connection details in the .env file.
Another possible cause could be MySQL Server. In my case I forgot to start MAMP / MySQL Server and Symfony resulted with this message.
It's a bug on Symfony 5.3 that happens only on the Internet server. On my local server, no problem. Try to downgrade to 4.5 or 5.0. Then try the authentication again. In my case, the token to authenticate the user can't create and is unable to make a query to the database to validate that the user password is correct.
To extend on answer given by gogaz, Symfony's security bundle doesn't seem to be logging these errors by default as (I guess) it's assumed they will be authentication issues.
It might be worth it to inject a logger into your action and (conditionally) log the errors.
public function loginAction(AuthenticationUtils $authenticationUtils, LoggerInterface $logger): Response
{
if (($error = $authenticationUtils->getLastAuthenticationError()) && ($error instanceof AuthenticationServiceException)) {
$logger->critical($error->getMessage(), $error->getTrace());
}
...
}
Do note that you might have to extend the logging if your security implementation can throw other error types you may want to log.
How to disable profiler in Symfony2 in production?
I do not mean the toolbar - I mean the profiler.
I want to disable it in production, I use it extensively for development so the solution with removing its bundle is a no-go.
I have tried setting framework.profiler.only_exceptions to true. I have tried removing the framework.profiler section altogether. No matter what the profiler.db is growing after every request and every response contains x-debug-token header.
I have double-checked the config files (config.yml and config_prod.yml) and everything seems to be fined.
What's more the command app/console router:dump-apache --no-debug always dumps the _wdt and _profiler routes, but I don't have them in my routing_prod.yml and they don't seem to be present when trying to access them from the browser (404).
I'm running symfony 2.0 and I won't upgrade right now because of some major changes in 2.1 which would require a rewrite of many elements. It wouldn't be wise to start it just before initial deployment.
Symfony >= 2.2
As of Symfony 2.2 the profiler supports an enabled flag in the framework's configuration and is disabled by default in the test environment.
# app/config/config_test.yml
framework:
profiler:
enabled: false
See this Blog entry about Profiling by Fabien Potencier and the FrameworkBundle configuration reference for more details.
Update: This flag is still valid in Symfony 4.0.
Symfony <= 2.1
In Symfony <= 2.1 The profiler is disabled entirely if there's no framework.profilerkey in the configuration.
You can see this in the ProfilerPass of the Symfony2 FrameworkBundle configuration.
This is the case for the default config.yml and config_prod.yml (which includes the former). So if you didn't tinker with the default configurations you're fine.
In config_dev.yml however the default setting is:
framework:
profiler: { only_exceptions: false }
Which enables profiling for the dev environment and all enviroments that import config_dev.yml like config_test.yml.
If you want to unset the profiler value in a subsequent configuration use:
framework:
profiler: false
Values like {} or ~ won't unset the value. You have to use false.
Did you try this (enable only for development)
As the profiler adds some overhead, you might want to enable it only
under certain circumstances in the production environment. The
only-exceptions settings limits profiling to 500 pages, but what if
you want to get information when the client IP comes from a specific
address, or for a limited portion of the website? You can use a
request matcher:
framework:
profiler:
matcher: { ip: 192.168.0.0/24 }
http://symfony.com/doc/current/book/internals.html#profiler
or
the profiler can be disabled on a per-action basis by doing something like:
if(in_array($this->container->get('kernel')->getEnvironment(), array('prod'))) {
$this->container->get('profiler')->disable();
}
I figured it out, but still I'm not sure why the profiler settings didn't work. I did clear the cache with --no-debug after each change of the configuration.
Firstly I examined the Configuration of FrameworkBundle and found out that profiler conf node has canBeDisabled(). Then I checked what does it mean exactly.
It turns out that each canBeDisabled node has an implied child node enabled with default value set to true. You can either override it or set the parent node directly to false or null to disable the section. If you simply omit the profiler section then it is enabled by default.
Maybe I missed it in the docs, but I'm pretty sure it should be mentioned here. Also, in my opinion profiler should be disabled by default in production. I can't imagine a scenario when it would be beneficial to run profiler in production in the long run. I'll be happy if anybody proves me wrong.
BTW I noticed then as the profiler.db grows then each request becomes slower, but that may not be the case in prod.
After some time I always get an internal server error 500 when reloading the page a second time.
Clearing the cache fixes to problem for about 10 hours
Switching the browser lets me again load the page, gives me the error on second reload
Caching is not enabled for the search action.
Only one module is affected, other modules work during the time the site is down.
Any ideas where to look? The symfony error logs are not really helpful the request does not even reach symfony.
This could be related to route caching. Try disabling your route cache in factories.yml and see if this helps.
For Example:
routing:
class: sfPatternRouting
param:
load_configuration: true
suffix: ''
default_module: default
default_action: index
debug: %SF_DEBUG%
logging: %SF_LOGGING_ENABLED%
generate_shortest_url: true
extra_parameters_as_query_string: true
cache: ~