A (unofficial) WordPress plugin reporting PHP and JavaScript errors to Sentry.

Overview

WordPress Sentry (wp-sentry)

A (unofficial) WordPress plugin to report PHP and JavaScript errors to Sentry.

What?

This plugin can report PHP errors (optionally) and JavaScript errors (optionally) to Sentry and integrates with its release tracking.

It will auto detect authenticated users and add context where possible. All context/tags can be adjusted using filters mentioned below.

Requirements & Sentry PHP SDK

This plugin requires PHP 7.2+ but urges users to use a PHP version that is not end of life (EOL) and no longer supported. For an up-to-date list of PHP versions that are still supported see: http://php.net/supported-versions.php.

  • Version 2.1.* of this plugin will be the last to support PHP 5.3.
  • Version 2.2.* of this plugin will be the last to support PHP 5.4.
  • Version 3.11.* of this plugin will be the last to support PHP 7.1.

Please note that version 4.x is the most recent version of the wp-sentry plugin and only supports PHP 7.2 and up. If you need PHP 5.4-7.1 support check out version 2.x or 3.x but do keep in mind there are a lot of differences in the Sentry PHP SDK used.

  • Version 2.x of the wp-sentry plugin uses the 1.x version of the official Sentry PHP SDK.
  • Version 3.x of the wp-sentry plugin uses the 2.x version of the official Sentry PHP SDK.
  • Version 4.x of the wp-sentry plugin uses the 3.x version of the official Sentry PHP SDK.

Usage

  1. Install this plugin by cloning or copying this repository to your wp-contents/plugins folder
  2. Configure your DSN as explained below
  3. Activate the plugin through the WordPress admin interface

Note: this plugin does not do anything by default and has no admin interface. A DSN must be configured first.

Configuration

(Optionally) track PHP errors by adding this snippet to your wp-config.php and replace PHP_DSN with your actual DSN that you find inside Sentry in the project settings under "Client Keys (DSN)":

define( 'WP_SENTRY_PHP_DSN', 'PHP_DSN' );

Note: Do not set this constant to disable the PHP tracker.

Note: This constant was previously called WP_SENTRY_DSN and is still supported.


(Optionally) set the error types the PHP tracker will track:

define( 'WP_SENTRY_ERROR_TYPES', E_ALL & ~E_DEPRECATED & ~E_NOTICE & ~E_USER_DEPRECATED );

(Optionally) If this flag is enabled, certain personally identifiable information is added by active integrations. Without this flag they are never added to the event, to begin with.

If possible, it’s recommended to turn on this feature and use the server side PII stripping to remove the values instead.

When enabled the current logged in user and IP address will be added to the event.

define( 'WP_SENTRY_SEND_DEFAULT_PII', true );

(Optionally) track JavaScript errors by adding this snippet to your wp-config.php and replace JS_DSN with your actual DSN that you find inside Sentry in the project settings under "Client Keys (DSN)":

define( 'WP_SENTRY_BROWSER_DSN', 'JS_DSN' );

Note: Do not set this constant to disable the JavaScript tracker.

Note: This constant was previously called WP_SENTRY_PUBLIC_DSN and is still supported.


(Optionally) enable JavaScript performance tracing by adding this snippet to your wp-config.php and replace 0.3 with your desired sampling rate (0.3 means sample ~30% of your traffic):

define( 'WP_SENTRY_BROWSER_TRACES_SAMPLE_RATE', 0.3 );

Note: Do not set this constant or set it to 0.0 to disable the JavaScript performance tracing.


(Optionally) define a version of your site; by default the theme version will be used. This is used for tracking at which version of your site the error occurred. When combined with release tracking this is a very powerful feature.

define( 'WP_SENTRY_VERSION', 'v4.4.1' );

(Optionally) define an environment of your site. Defaults to unspecified.

define( 'WP_SENTRY_ENV', 'production' );

Filters

This plugin provides the following filters to plugin/theme developers.

Please note that some filters are fired when the Sentry trackers are initialized so they won't fire if you define them in your theme or in a plugin that loads after WP Sentry does.

Common to PHP & JavaScript trackers

wp_sentry_user_context (array)

You can use this filter to extend the Sentry user context for both PHP and JS trackers.

WARNING: These values are exposed to the public in the JS tracker, so make sure you do not expose anything private!

Example usage:

/**
 * Customize sentry user context.
 *
 * @param array $user The current sentry user context.
 *
 * @return array
 */
function customize_sentry_user_context( array $user ) {
    return array_merge( $user, array(
        'a-custom-user-meta-key' => 'custom value',
    ));
}
add_filter( 'wp_sentry_user_context', 'customize_sentry_user_context' );

Note: This filter fires on the WordPress set_current_user action and only if the WP_SENTRY_SEND_DEFAULT_PII constant is set to true.

Specific to PHP tracker:

wp_sentry_dsn (string)

You can use this filter to override the Sentry DSN used for the PHP tracker.

Example usage:

/**
 * Customize sentry dsn.
 *
 * @param string $dsn The current sentry DSN.
 *
 * @return string
 */
function customize_sentry_dsn( $dsn ) {
    return 'https://:@sentry.io/';
}
add_filter( 'wp_sentry_dsn', 'customize_sentry_dsn' );

Note: This filter fires on the WordPress after_setup_theme action. It is discouraged to use this and instead define the DSN in the wp-config.php using the WP_SENTRY_PHP_DSN constant


wp_sentry_scope (void)

You can use this filter to customize the Sentry scope.

Example usage:

/**
 * Customize Sentry PHP SDK scope.
 *
 * @param \Sentry\State\Scope $scope
 *
 * @return void
 */
function customize_sentry_scope( \Sentry\State\Scope $scope ) {
	$scope->setTag('my-custom-tag', 'tag-value');
}
add_filter( 'wp_sentry_scope', 'customize_sentry_scope' );

Note: This filter fires on the WordPress after_setup_theme action.


wp_sentry_options

You can use this filter to customize the Sentry options.

Example usage:

/**
 * Customize sentry options.
 *
 * @param \Sentry\Options $options The current sentry options.
 *
 * @return void
 */
function customize_sentry_options( \Sentry\Options $options ) {
    // Only sample 90% of the events
    $options->setSampleRate(0.9);
}
add_filter( 'wp_sentry_options', 'customize_sentry_options' );

Note: This filter fires on the WordPress after_setup_theme action.

Specific to JS tracker

wp_sentry_public_dsn (string)

You can use this filter to override the Sentry DSN used for the JS tracker.

WARNING: This value is exposed to the public, so make sure you do not use your private DSN!

Example usage:

/**
 * Customize public sentry dsn.
 *
 * @param string $dsn The current sentry public dsn.
 *
 * @return string
 */
function customize_public_sentry_dsn( $dsn ) {
    return 'https://@sentry.io/';
}
add_filter( 'wp_sentry_public_dsn', 'customize_public_sentry_dsn' );

wp_sentry_public_options (array)

You can use this filter to customize/override the Sentry options used to initialize the JS tracker.

WARNING: These values are exposed to the public, so make sure you do not expose anything private !

Example usage:

/**
 * Customize public sentry options.
 *
 * Note: Items prefixed with `regex:` in blacklistUrls and whitelistUrls option arrays
 * will be translated into pure RegExp.
 *
 * @param array $options The current sentry public options.
 *
 * @return array
 */
function customize_sentry_public_options( array $options ) {
    return array_merge( $options, array(
        'sampleRate' => '0.5',
        'blacklistUrls' => array(
            'https://github.com/',
            'regex:\\w+\\.example\\.com',
        ),
    ));
}
add_filter( 'wp_sentry_public_options', 'customize_sentry_public_options' );

wp_sentry_public_context (array)

You can use this filter to customize/override the Sentry context, you can modify the user, tags and extra context.

WARNING: These values are exposed to the public, so make sure you do not expose anything private !

Example usage:

/**
 * Customize public sentry context.
 *
 * @param array $context The current sentry public context.
 *
 * @return array
 */
function customize_sentry_public_context( array $context ) {
    $context['tags']['my-custom-tag'] = 'tag-value';

    return $context;
}
add_filter( 'wp_sentry_public_context', 'customize_sentry_public_context' );

Advanced usages

High volume of notices

Many plugin in the WordPress ecosystem generate notices that are captured by the Sentry plugin.

This can cause a high volume of events and even slower page loads because of those events being transmitted to Sentry.

The prevent this you can set the following in your wp-config.php to filter out errors of the notice type.

define( 'WP_SENTRY_ERROR_TYPES', E_ALL & ~E_NOTICE );

Capturing handled exceptions

The best thing to do with an exception is to capture it yourself, however you might still want to know about it.

The Sentry plugin only captures unhandled exceptions and fatal errors, to capture handled exception you can do the following:

try {
	myMethodThatCanThrowAnException();
} catch ( \Exception $e ) {
	// We are using wp_sentry_safe to make sure this code runs even if the Sentry plugin is disabled
	if ( function_exists( 'wp_sentry_safe' ) ) {
		wp_sentry_safe( function ( \Sentry\State\HubInterface $client ) use ( $e ) {
			$client->captureException( $e );
		} );
	}

	wp_die( 'There was an error doing this thing you were doing, we have been notified!' );
}

If you need to attach extra data only for the handled exception, you could add Structured Context:

$e = new Exception('Some exception I want to capture with extra data.');

if (function_exists('wp_sentry_safe')) {
    wp_sentry_safe(function (\Sentry\State\HubInterface $client) use ($e) {
        $client->withScope(function (\Sentry\State\Scope $scope) use ($client, $e) {
            $scope->setExtra('user_data', $e->getData());
            $client->captureException($e);
        });
    });
}

If you need to add data to the scope in every case use configureScope in wp_sentry_scope filter.

Capturing plugin errors

Since this plugin is called wp-sentry-integration it loads a bit late which could miss errors or notices occuring in plugins that load before it.

You can remedy this by loading WordPress Sentry as a must-use plugin by creating the file wp-content/mu-plugins/wp-sentry-integration.php (if the mu-plugins directory does not exist you must create that too).



/**
 * Plugin Name: WordPress Sentry
 * Plugin URI: https://github.com/stayallive/wp-sentry
 * Description: A (unofficial) WordPress plugin to report PHP and JavaScript errors to Sentry.
 * Version: must-use-proxy
 * Author: Alex Bouma
 * Author URI: https://alex.bouma.dev
 * License: MIT
 */

$wp_sentry = __DIR__ . '/../plugins/wp-sentry-integration/wp-sentry.php';

if ( ! file_exists( $wp_sentry ) ) {
	return;
}

require $wp_sentry;

define( 'WP_SENTRY_MU_LOADED', true );

Now wp-sentry-integration will load always and before all other plugins.

Note: We advise you leave the original wp-sentry-integration in the /wp-content/plugins folder to still have updates come in through the WordPress updater. However enabling or disabling does nothing if the above script is active (since it will always be enabled).

Capturing errors only from certain theme and/or plugin

This is an example on how to use the before_send callback of the Sentry SDK to only capture errors occuring in a certain theme or plugin.

See also the filter docs: wp_sentry_option.

add_filter( 'wp_sentry_options', function ( \Sentry\Options $options ) {
	$options->setBeforeSendCallback( function ( \Sentry\Event $event ) {
		$exceptions = $event->getExceptions();

		// No exceptions in the event? Send the event to Sentry, it's most likely a log message
		if ( empty( $exceptions ) ) {
			return $event;
		}

		$stacktrace = $exceptions[0]->getStacktrace();

		// No stacktrace in the first exception? Send it to Sentry just to be safe then
		if ( $stacktrace === null ) {
			return $event;
		}

		// Little helper and fallback for PHP versions without the str_contains function
		$strContainsHelper = function ( $haystack, $needle ) {
			if ( function_exists( 'str_contains' ) ) {
				return str_contains( $haystack, $needle );
			}

			return $needle !== '' && mb_strpos( $haystack, $needle ) !== false;
		};

		foreach ( $stacktrace->getFrames() as $frame ) {
			// Check the the frame happened inside our theme or plugin
			// Change THEME_NAME and PLUGIN_NAME to whatever is required
			// And / or modify this `if` statement to detect other variables
			if ( $strContainsHelper( $frame->getFile(), 'themes/THEME_NAME' )
			     || $strContainsHelper( $frame->getFile(), 'plugins/PLUGIN_NAME' )
			) {
				// Send the event to Sentry
				return $event;
			}
		}

		// Stacktrace contained no frames in our theme and/or plugin? We send nothing to Sentry
		return null;
	} );
} );

Client side hook

When using the Sentry Browser integration it is possible to do some work in the client browser before Sentry is initialized to change options and/or prevent the Browser SDK from initializing at all.

You do this by defining a wp_sentry_hook JavaScript function before the Sentry Browser JavaScript file is included (keep this function small and easy since any errors that occur in there are not tracked by the Browser SDK).

A quick example on how you would disable the Browser SDK using wp_add_inline_script:

add_action( 'wp_enqueue_scripts', function () {
    wp_add_inline_script( 'wp-sentry-browser', 'function wp_sentry_hook(options) { return someCheckInYourCode() ? true : false; }', 'before' );
} );

When the wp_sentry_hook function returns false the initialization of the Sentry Brower SDK will be stopped. Any other return value will be ignored.

To modify the options you can modify the object passed as the first argument of the wp_sentry_hook, this object will later be passed to Sentry.init to initialize the Browser SDK.

Security Vulnerabilities

If you discover a security vulnerability within WordPress Sentry (wp-sentry), please send an e-mail to Alex Bouma at [email protected]. All security vulnerabilities will be swiftly addressed.

License

The WordPress Sentry (wp-sentry) plugin is open-sourced software licensed under the MIT license.

Comments
  • WP_SENTRY_BROWSER_DSN and WP_SENTRY_VERSION not working

    WP_SENTRY_BROWSER_DSN and WP_SENTRY_VERSION not working

    HI everyone, I have activated the plugin and I have setup the configuration key on wp-config.php like this:

    define('WP_SENTRY_PHP_DSN', 'MY_PHP_URL');
    define('WP_SENTRY_BROWSER_DSN', 'MY_JS_URL');
    

    This is a screen from admin panel:

    Schermata 2021-06-29 alle 14 34 41

    As you can see the js tracing is not enabled. I also tested WP_ENVIRONMENT_TYPE that is not working.

    How can I solve this?

    :question: question 
    opened by Giacomo92 26
  • PHP Performance Monitoring / Tracing support

    PHP Performance Monitoring / Tracing support

    As originally request by @archon810 on getsentry/sentry-php#1062.


    Hi,

    This is a follow-up to https://github.com/getsentry/sentry-laravel/pull/358#issuecomment-669804042, with the goal of adding the new PHP Tracing/Performance support specifically for WordPress.

    Thanks.

    :ok_hand: enhancement 
    opened by stayallive 19
  • PHP Fatal error v3.4.2

    PHP Fatal error v3.4.2

    This error occurred when plugin updated to 3.4.2.

    [02-Apr-2020 01:42:38 UTC] PHP Fatal error:  Uncaught Error: Call to undefined function WPSentry\ScopedVendor\GuzzleHttp\Psr7\uri_for() in /var/www/vhosts/mywebsite.org/httpdocs/wp-content/plugins/wp-sentry-integration/build/vendor/php-http/message/src/UriFactory/GuzzleUriFactory.php:19
    Stack trace:
    #0 /var/www/vhosts/mywebsite.org/httpdocs/wp-content/plugins/wp-sentry-integration/build/vendor/sentry/sentry/src/HttpClient/HttpClientFactory.php(99): WPSentry\ScopedVendor\Http\Message\UriFactory\GuzzleUriFactory->createUri('https://sentry....')
    #1 /var/www/vhosts/mywebsite.org/httpdocs/wp-content/plugins/wp-sentry-integration/build/vendor/sentry/sentry/src/Transport/DefaultTransportFactory.php(42): Sentry\HttpClient\HttpClientFactory->create(Object(Sentry\Options))
    #2 /var/www/vhosts/mywebsite.org/httpdocs/wp-content/plugins/wp-sentry-integration/build/vendor/sentry/sentry/src/ClientBuilder.php(238): Sentry\Transport\DefaultTransportFactory->create(Object(Sentry\Options))
    #3 /var/www/vhosts/mywebsite.org/httpdocs/wp-content/plugins/wp-sentr in /var/www/vhosts/mywebsite.org/httpdocs/wp-content/plugins/wp-sentry-integration/build/vendor/php-http/message/src/UriFactory/GuzzleUriFactory.php on line 19
    
    :bug: bug 
    opened by robgeorgeuk 14
  • `trigger_error()` errors not being logged to Sentry when also running the Query Monitor plugin

    `trigger_error()` errors not being logged to Sentry when also running the Query Monitor plugin

    I have setup the plugin as adviced including must-use-proxy in wp-content/mu-plugins dir.

    Works well for general errors and unhandled exceptions, however if I use throw_error() nothing is being logged in Sentry, only in server log.

    In my wp-config.php:

    define( 'WP_SENTRY_DSN', 'https://.....@....' );
    define( 'WP_SENTRY_ERROR_TYPES', E_ALL );
    define( 'WP_SENTRY_SEND_DEFAULT_PII', true );
    define( 'WP_SENTRY_PUBLIC_DSN', 'https://.....@....' );
    define( 'WP_SENTRY_ENV', 'production' );
    

    Exception gets logged:

    add_action( 'wp_head', function() {
    	throw new \ErrorException('Hello World');
    }, 1 );
    

    However trigger_error doesn't:

    add_action( 'wp_head', function() {
    	trigger_error('Hello World', E_USER_WARNING); 
    	// tried also E_USER_NOTICE, E_USER_ERROR flags
    }, 1 );
    

    Thank you in advance for any help.

    :wave: help wanted 
    opened by lubo-makky 14
  • 3.0 proposal

    3.0 proposal

    PR Overview

    This is a proposed major re-write of the wp-sentry plugin which would effectively bring the new version of this plugin to 3.0.0. The aim of this release is to refactor the plugin to work with the latest available SDKs from Sentry while doing our best to minimize breaking changes inherent in such a significant re-write.

    Major Changes

    Quick Overview

    • wp-sentry plugin fully refactored with a strong focus on single responsibility, dependency injection, PSR4 standards, ES6 Standards, DRY principles, and ease of future maintenance.
    • PHP Requirement bumped to 7.0
    • Sentry PHP SDK 2.0.2 implemented
    • Sentry JS SDK 5.1.2 implemented
    • New Webpack Build process introduced with NPM

    Backend Notable Changes

    1. wp-sentry.php was simplified and cleaned up and improved with expanded constants
    2. Advanced constant definitions and plugin setup was moved to the new bootstrap dir
    3. All plugin classes rebuilt and re-organized according to PSR4 conventions.
    4. WPSentry namespacing introduced to project.
    5. Context handling was moved to its own Context class to better adhere to the single responsibility principle. This class is responsible for getting the default context, filtering it, updating it with additional context data and finally updating the context config file. We are calling this process hydration
    6. The TrackerBase abstract class was drastically simplified -- this new class effectively replaces WP_Sentry_Tracker_Base.
    7. The PHP and JS classes were drastically simplified. They are now only responsible for sending context and init data to Sentry and getting filtered init configurations. These new classes effectively replace WP_Sentry_Js_Tracker and WP_Sentry_Php_Tracker
    8. A new Config class and ConfigInterface were introduced to make handling getting and updating runtime configurations for our project classes dead simple and incredibly elegant.
    9. All defaults were moved to the new config/ dir. We introduced config/context.php and config/init.php to hold context defaults and default init options respectively.

    Build Process + Frontend Notable Changes

    1. The public directory was changed to dist
    2. Introduce a new JS build process including webpack and babel
    3. Include Sentry as NPM module
    4. Import Sentry as an ES6 module into JS file
    5. Rebuild JS File using a function-based approach and ES6 standards
    6. Create new assets directory to work with assets and build process
    7. Renamed working JS file with camel case for Webpack entry point reference
    8. When building assets, a manifest file is created in the dist directory via to webpack-assets-manifest. This manifest lets us reference a dynamically generated, hashed asset name. This gives us incredible control over caching and is far superior to query strings since they cause lots of caching problems.
    9. A new Manifest class was built to work with the asset manifest. it resolves dynamically hashed file names from a manifest key which we can easily use when enqueueing the asset!
    10. Sentry init and context options properly localized into enqueued file -- kept wp_sentry as local car name.

    Modified Actions & Filters

    Deprecated Filters (Removed)

    • wp_sentry_on_send_data -- this filter is no longer relevant to the latest SDK

    • wp_sentry_dsn -- DSN for PHP is no longer directly filtered. It can, however, be accessed and modified via the filter wp_sentry_options

    • wp_sentry_public_dsn -- DSN for JS is no longer directly filtered. It can, however, be accessed and modified via the filter wp_sentry_public_options

    Modified Filters

    • wp_sentry_options -- This filter used to contain all properties available in one object (including all contexts and init options). It now only contains init properties. Context is handled separately due to how it is ultimately implemented in the new SDK

    • wp_sentry_public_options -- This filter used to contain all properties available in one object (including all contexts and init options). It now only contains init properties. Context is handled separately due to how it is ultimately implemented in the new SDK

    New Filters

    New filters were added to allow the Sentry contexts to be easily modified

    • wp_sentry_tags_context
    • wp_sentry_extra_context
    • wp_sentry_level_context

    New Actions

    These action hooks fire after each respective context has been hydrated by its data. They are currently used to run the new Sentry configureScope methods.

    • wp_sentry_user_context_hydrated
    • wp_sentry_tags_context_hydrated
    • wp_sentry_extra_context_hydrated

    New Proposed Filter Usage (not updated in docs yet)

    Due to the separation of context and init options, we can simplify usage of the new filters by forgoing an array merge. An easier method is simply assigning your new value to the desired array key. Example:

    add_filter( 'wp_sentry_options', function( array $options ){
    
        $options['dsn'] = 'newdsnvalue';
        $options['sampleRate'] = '0.5';
        $options['blacklistUrls'] = [
            'https://github.com/',
        ];
    
         return $options;
    
    });
    

    New MU-Plugin Usage

    define( 'WP_SENTRY_MU_LOADED', true ); No longer has to be implemented manually.

    The constant define( 'WP_SENTRY_EXISTS', true ); is automatically set after we are sure the plugin is going to run. If the plugin is loaded as an MU-Plugin and then attempted to load again at any other point thereafter, it will fail to load without manual intervention --- see the following block located at the very top of wp-sentry.php

    // If the plugin was already loaded, do not load again.
    if ( defined( 'WP_SENTRY_EXISTS' ) ) {
    	return;
    }
    

    Still To Do

    • Make sure this rewrite aligns with the author's vision for the plugin
    • Work through required changes
    • Thoroughly test the plugin in multiple environments
    • Thoroughly test the upgrade process in multiple environments
    • Update documentation based on changes and include information about the migration process if needed.
    opened by codingwithchris 12
  • [WIP] Refactor implementation

    [WIP] Refactor implementation

    Short Description

    This is a proposal for a major refactoring of the project to enable better integration with WordPress.

    Common Features

    • [x] Make plugin work under mu-plugins folder.
    • [x] Make plugin work when symlinked.
    • [x] Set user context when it is available.
    • [x] Add wordpress version tag
    • [x] Add wp_sentry_user_context filter to allow customization.
    • [x] Enable context manipulation on Tracker class instances.

    PHP Tracker Features

    • [x] Load Raven PHP client as early as possible.
    • [x] Add php version tag
    • [x] Add wp_sentry_dsn filter to allow customization.
    • [x] Add wp_sentry_options filter to allow customization.

    JS Tracker Features

    • [x] Update Raven JS client to v3.8.0
    • [x] Load Raven JS client as early as possible.
    • [x] Load Raven JS client on admin.
    • [x] Load Raven JS client on login.
    • [x] Add wp_sentry_public_dsn filter to allow customization.
    • [x] Add wp_sentry_public_options filter to allow customization.

    Installation

    Now the plugin can be installed/symlinked in plugins/mu-plugins directory and work as expected.

    In order to make best use of the error reporting the suggested installation is in the mu-plugins directory loading it before all other mu-plugins. The following example stub should work load the plugin from the mu-plugins directory (wp_register_plugin_realpath is needed if symlinked)

    wp_register_plugin_realpath( WPMU_PLUGIN_DIR . '/wp-sentry-client/wp-sentry.php');
    require_once( WPMU_PLUGIN_DIR . '/wp-sentry-client/wp-sentry.php');
    

    If you use Bedrock or similar composer based implementation you can use the following composer installers configuration:

    "require": {
        "composer/installers": "^1.2",
        "wpackagist-plugin/wp-sentry-integration": "~1.0"
    },
    "extra": {
        "installer-paths": {
          "web/app/mu-plugins/_sentry": [
            "wpackagist-plugin/wp-sentry-integration"
          ]
        }
    }
    
    opened by ikappas 11
  • JavaScript failed to send test event.

    JavaScript failed to send test event.

    JS test returns

    JavaScript failed to send test event. Check your configuration to make sure your DSN is set correctly.

    DSNs are set correctly, even the legacy way:

    define( 'WP_SENTRY_ENV', 'production' );
    define( 'WP_SENTRY_PHP_DSN', '...' );
    define( 'WP_SENTRY_ERROR_TYPES', E_ALL & ~E_DEPRECATED & ~E_NOTICE & ~E_USER_DEPRECATED );
    define( 'WP_SENTRY_SEND_DEFAULT_PII', false );
    define( 'WP_SENTRY_BROWSER_DSN', '...');
    define( 'WP_SENTRY_PUBLIC_DSN', '...' );
    

    Are there any known interferrences with other plugins or any approaches on debugging this?

    :question: question 
    opened by ValeSauer 10
  • 4.x does not report notices despite E_ALL

    4.x does not report notices despite E_ALL

    I just updated to 4.0.1 but it seems that for PHP only fatal errors are reported by sentry.

    I have define( 'WP_SENTRY_ERROR_TYPES', E_ALL ); set.

    e.g. in 3.11.1 for following code:

    echo $helloworld;
    
    call_this();
    exit;
    

    I would get 2 errors in sentry:

    Undefined variable: helloworld Call to undefined function call_this()

    However in 4.0.1, sentry.io only shows:

    Call to undefined function call_this()

    Not sure if this is an issue by wp-sentry-integration or the underlying SDK though.

    :bug: bug 
    opened by kkmuffme 10
  • Cannot configure in wp-config.php

    Cannot configure in wp-config.php

    https://github.com/stayallive/wp-sentry#loading-sentry-before-wordpress says you can now add the call to sentry in wp-config, but it throws an error:

    PHP Fatal error:  Uncaught Error: Call to undefined function get_bloginfo() in /var/www/www/wp-content/plugins/wp-sentry-integration/src/class-wp-sentry-js-tracker.php:134
    Stack trace:
    #0 /var/www/www/wp-content/plugins/wp-sentry-integration/src/class-wp-sentry-js-tracker.php(47): WP_Sentry_Js_Tracker->get_default_context()
    #1 /var/www/www/wp-content/plugins/wp-sentry-integration/src/class-wp-sentry-js-tracker.php(36): WP_Sentry_Js_Tracker->__construct()
    #2 /var/www/www/wp-content/plugins/wp-sentry-integration/wp-sentry.php(99): WP_Sentry_Js_Tracker::get_instance()
    #3 /var/www/www/wp-config.php(102): require_once('...')
    #4 /var/www/www/wp-load.php(50): require_once('...')
    #5 /var/www/www/wp-blog-header.php(13): require_once('...')
    #6 /var/www/www/index.php(17): require('...')
    #7 {main}
      thrown in /var/www/www/wp-content/plugins/wp-sentry-integration/src/class-wp-sentry-js-tracker.php on line 134
    

    Please either correct the documentation, or find out how you can replace the call to a function that isn't defined until wordpress is fully loaded.

    :bug: bug 
    opened by androidacy-user 9
  • Remove IE polyfill

    Remove IE polyfill

    WP has dropped IE11 support with WP 5.8 a year ago. I think the polyfill in wp-sentry-browser .js can be removed too?

    Perhaps not run sentry at all if if (!String.prototype.startsWith) { ?

    opened by kkmuffme 8
  • Wouldn't report with

    Wouldn't report with "new" DSN

    Just setup the module and using the test page, sent a series of test exceptions. They submit successfully, however are not visible on the sentry dashboard. They are even given an event ID.

    In looking up the DSN again to make sure it was correct, I found that there is a now a "Deprecated DSN" listed in the Client Keys section. I changed the key to the Deprecated DSN and it is now reporting correctly and tests work.

    image

    opened by midweste 8
  • WP_SENTRY_VERSION not using theme version any longer

    WP_SENTRY_VERSION not using theme version any longer

    Hi Alex,

    As per the docs I am not defining WP_SENTRY_VERSION on my websites to make sure the theme version will be used:

    (Optionally) define a version of your site; by default the theme version will be used. This is used for tracking at which version of your site the error occurred. When combined with release tracking this is a very powerful feature.

    define( 'WP_SENTRY_VERSION', 'v6.0.0' );

    It seems that at least the last 90 days the version is not reported any longer to Sentry events. Other variables like browser, environment and the WordPress version are still working fine.

    I have defined the following in the WordPress config file (with the DSN keys redacted):

    /** Configure Sentry */
    define( 'WP_SENTRY_PHP_DSN', 'https://**************@********.ingest.sentry.io/*******' );
    define( 'WP_SENTRY_BROWSER_DSN', 'https://**************@********.ingest.sentry.io/*******' );
    define( 'WP_SENTRY_ENV', 'staging' );
    define( 'WP_SENTRY_ERROR_TYPES', E_ALL & ~E_NOTICE );
    

    As you can see WP Sentry does not recognize the default version from the theme: wp-sentry-staging

    If you're not able to reproduce this behavior, could you please suggest how to debug this?

    Thanks!

    :bug: bug :book: documentation 
    opened by Visnetje 5
  • Tracking of SQL queries

    Tracking of SQL queries

    If WordPress query log is enabled (constant SAVEQUERIES), send query logs to Sentry.
    This is really useful to debug queries that take too much time, are too complex, or can cause errors.

    Similar to https://github.com/getsentry/sentry-laravel/blob/5faaa4133265c430c5c14f9128a1c9e8bd538649/src/Sentry/Laravel/EventHandler.php#L345

    :wave: help wanted :chart_with_upwards_trend: performance :sparkles: new-feature 
    opened by alexandre67fr 8
Releases(v6.5.0)
Owner
Alex Bouma
PHP artisan, full stack developer and server lover | Founder @simulise | Building chief.app @irongate | Laravel / PHP SDK developer @getsentry
Alex Bouma
WordPress plugin that provides instant switching between user accounts.

User Switching Stable tag: 1.5.7 Requires at least: 3.7 Tested up to: 5.7 Requires PHP: 5.3 License: GPL v2 or later Tags: users, profiles, user switc

John Blackbourn 166 Dec 4, 2022
WPHunter A Wordpress Vulnerability Scanner

WPHunter Tool ☣ WPHunter A Wordpress Vulnerability Scanner You can use this tool on your wordpress website to check the security of your website by fi

Jamal Eddine 140 Dec 24, 2022
ChestRandomBP: This plugin generates chests in random places within a specific world. Where you can customize what each one of them contains, the time and the world of spawning.

ChestRandomBP ChestRandomBP: This plugin generates chests, it works PocketMine-MP and random places within a specific world. Where you can customize w

null 5 Sep 19, 2021
A cosmetics plugin that is highly incomplete & unoptimized (as it was roughly coded in a small period of time due to IRL issues), that I got scammed for,

CosmeticsPlus A cosmetics plugin that is highly incomplete and; unoptimized (as it was roughly coded in a small period of time due to IRL issues), tha

Seekherr 5 Feb 7, 2022
Laravel Sail plugin to enable SSL (HTTPS) connection with Nginx.

Laravel Sail plugin to enable SSL (HTTPS) connection with Nginx.

Ryo Kobayashi 51 Dec 19, 2022
PHPIDS (PHP-Intrusion Detection System) is a simple to use, well structured, fast and state-of-the-art security layer for your PHP based web application

PHPIDS PHPIDS (PHP-Intrusion Detection System) is a simple to use, well structured, fast and state-of-the-art security layer for your PHP based web ap

null 752 Jan 3, 2023
Automatic Encrypt and Decrypt your database data. Tested and used on Laravel 8

Laravel Encrypt Database Automatic Encrypt and Decrypt your database data. Tested and used on Laravel 8. I'm yet building the tests. Important Note th

Wellington Barbosa 2 Dec 15, 2021
Laravel Security was created by, and is maintained by Graham Campbell, and is a voku/anti-xss wrapper for Laravel, using graham-campbell/security-core

Laravel Security Laravel Security was created by, and is maintained by Graham Campbell, and is a voku/anti-xss wrapper for Laravel, using graham-campb

Graham Campbell 170 Nov 20, 2022
A cryptography API wrapping the Sodium library, providing a simple object interface for symmetrical and asymmetrical encryption, decryption, digital signing and message authentication.

PHP Encryption A cryptography API wrapping the Sodium library, providing a simple object interface for symmetrical and asymmetrical encryption, decryp

null 19 Dec 31, 2022
PHP 5.x support for random_bytes() and random_int()

random_compat PHP 5.x polyfill for random_bytes() and random_int() created and maintained by Paragon Initiative Enterprises. Although this library sho

Paragon Initiative Enterprises 8k Jan 5, 2023
TCrypto is a simple and flexible PHP 5.3+ in-memory key-value storage library

About TCrypto is a simple and flexible PHP 5.3+ in-memory key-value storage library. By default, a cookie will be used as a storage backend. TCrypto h

timoh 57 Dec 2, 2022
Ransomware with automatic Coinbase Commerce integration created in C# (Console) and PHP

AWare — C# Ransomware Ransomware with automatic Coinbase Commerce integration created in C# (Console) and PHP PD: AWare is just a proof of concept, wi

in the space 26 Sep 16, 2022
A simple php (lumen) app for sharing sensitive text (basically like onetimesecret), but with full end-to-end AES-256-GCM encryption so even the server has no access to the data, and developed with very simple deployment in mind.

A simple php (lumen) app for sharing sensitive text (basically like onetimesecret), but with full end-to-end AES-256-GCM encryption so even the server has no access to the data, and developed with very simple deployment in mind.

Alan Woo 51 Nov 21, 2022
A simple PHP web backdoor allows you to retrieve directory/file contents and upload file(s) from the local machine or remote URL.

Simple PHP Web Backdoor A simple PHP web backdoor allows you to retrieve directory/file contents and upload file(s) from the local machine or remote U

Aqhmal Hafizi 15 Oct 7, 2022
Antware NinjaCrypter is an experimental username and password cookie string class for PHP

Antware NinjaCrypter is an experimental username and password cookie string class for PHP. For study case this crypter is based on password crypting ideology but can also encrypt username and password for storing cookie string that way your login details will not be exposed by hackers that search through cookie string.

Chukwu Remijius 1 Nov 25, 2021
JSON Object Signing and Encryption library for PHP.

NAMSHI | JOSE Deprecation notice Hi there, as much as we'd like to be able to work on all of the OSS in the world, we don't actively use this library

Namshi 1.7k Dec 22, 2022
phpcs-security-audit is a set of PHP_CodeSniffer rules that finds vulnerabilities and weaknesses related to security in PHP code

phpcs-security-audit is a set of PHP_CodeSniffer rules that finds vulnerabilities and weaknesses related to security in PHP code.

Floe design + technologies 654 Dec 28, 2022
A PHP utility for managing secrets in the cloud using AWS KMS and DynamoDB

CredStash for PHP This is a PHP port of original CredStash (written in python). Encryption and DynamoDB storage are compatible with python version so

Global Media Outreach 21 Nov 15, 2022
AES 128 bit Encryption and Decryption algorithm excuted purely on PHP with no external libraries.

AES128 Executed with PHP Advanced Encryption Standard (AES) is a specification for the encryption of electronic data established by the U.S National I

Ahmed Mohamed Mostafa 2 Aug 8, 2022