search

verbb / postie

A Craft Commerce shipping calculator plugin.
Other
12 stars 18 forks source link

Postie Seems to be Logging a Lot (UPS) #100

Closed RitterKnightCreative closed 4 months ago

RitterKnightCreative commented 1 year ago

Describe the bug

Postie seems to be logging everything (UPS), it's like debug mode got turned in the code?

I don't have a postie.php config so more or less default settings. (I haven't tried manually setting debug to off.)

2022-12-17 17:23:36 [-][-][-][info][postie] UPS: No line items for order.
2022-12-17 17:23:36 [-][-][-][info][postie] UPS: No line items for order.
2022-12-17 17:23:36 [-][-][-][info][application] $_GET = []

2022-12-17 11:20:10 [-][-][-][info][postie] UPS: No shipping address for order.
2022-12-17 11:20:10 [-][-][-][info][postie] UPS: No shipping address for order.
2022-12-17 11:20:10 [-][-][-][info][postie] UPS: Sending payload: `{"PickupType":{"Code":"01","Description":null},"Shipment":{}}`.
2022-12-17 11:20:10 [-][-][-][error][postie] UPS: API error: “Failure: No packages in shipment (110002)” /home/www/vendor/gabrielbull/ups-api/src/Request.php:145
2022-12-17 11:20:10 [-][-][-][info][application] $_GET = []

Everything seems to work as expected otherwise that I can tell.

Steps to reproduce

  1. Setup UPS plugin
  2. Browse around/check out/etc

Craft CMS version

Craft CMS 3.7.61

Plugin version

2.4.21

Multi-site?

No response

Additional context

No response

engram-design commented 1 year ago

This would be normal behaviour (I suppose), because we're registering a shipping method with Commerce carts. Whenever a cart call is made {{ commerce.carts.getCart() }} it'll try and fetch all the available shipping methods set in Commerce, and any provided by Postie. Sometimes multiple times on paid load (which is a massive pain-point for Postie, but we handle that).

I suppose we can add a "quiet" mode where info category logging is turned off, if you find it too noisy? But it's really there to help people determine why rates might not be showing. You can see the progression of an order (no line items first, then when there are some, no shipping address, then when there is rates can be fetched).

RitterKnightCreative commented 1 year ago

yeh a quiet mode would be great or least enable the current behavior only in debug mode?

A lot of users just browse around the site while never placing an order so the debugging info like this isn't especially helpful:

$_POST = []
2022-12-11 00:01:50 [-][-][-][info][postie] UPS: No line items for order.
2022-12-11 00:01:50 [-][-][-][info][postie] UPS: No line items for order.
2022-12-11 00:01:50 [-][-][-][info][application] $_GET = []

A bigger issue for me is Postie is also leaking user info in some cases:

2022-12-18 13:55:33 [-][-][-][info][postie] UPS: No shipping address for order.
2022-12-18 13:55:33 [-][-][-][info][postie] UPS: No shipping address for order.
2022-12-18 13:55:33 [-][-][-][info][postie] UPS: Sending payload: `{"PickupType":{"Code":"01","Description":null},"Shipment":{}}`.
2022-12-18 13:55:33 [-][-][-][error][postie] UPS: API error: “Failure: No packages in shipment (110002)” /home/whitetail/NEW/vendor/gabrielbull/ups-api/src/Request.php:145
2022-12-18 13:55:33 [-][-][-][info][application] $_GET = []

$_POST = [
    'CRAFT_CSRF_TOKEN' => '••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••'
    'action' => 'commerce/cart/update-cart'
    'shippingMethodHandle' => 'ground'
    'gatewayId' => '5'
    'redirect' => '92dec4846d4bde3be4219fcc3b0a196ef5ed02772bb29225d4a95c417f0180d5checkout/payment'
    'email' => 'user@icloud.com'
    'shippingAddress' => [
        'phone' => '******'
        'countryId' => '233'
        'firstName' => '***'
        'lastName' => '****'
        'address1' => '****'
        'address2' => ''
        'city' => '***'
        'stateId' => '44'
        'zipCode' => '49327-8775'
    ]
    'billingAddress' => [
        'countryId' => '233'
        'firstName' => ''
        'lastName' => ''
        'address1' => ''
        'address2' => ''
        'city' => ''
        'stateId' => '22'
        'zipCode' => ''
    ]
    'billingAddressSameAsShipping' => 'on'
]

2022-12-18 08:51:40 [-][2809203][-][info][application] $_GET = []

$_POST = [
    'CRAFT_CSRF_TOKEN' => '••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••'
    'action' => 'users/login'
    'loginName' => '****@charter.net'
    'password' => '••••••••••'
]

Granted if a hacker got access to a server, they'd get the same info from the db anyway but very useful for debugging though.

engram-design commented 4 months ago

Logging has been revamped in 4.0.0, in particular a pane in the Craft debug bar now includes a lot of this information.