Debugging PHP code with vscode

INMUNE7
5 min readAug 7, 2020

--

Introduction

An important resource during a source code review is an environment to perform debugging, in this article, we will mention the installation and configuration of vscode a development environment widely used these days that has interesting features for debugging.

Vscode installation

To install vscode we download the package distribution according to our linux flavor.

We execute the command dpkg -i code_1.45.1–1589445302_amd64.deb.

After the installation is complete, we can start Visual Studio at Applications -> Common Applications -> Development -> Visual Studio Code or simply write the name of the program (code) in a terminal and press enter.

xDebug Installation

Once Visual Studio Code is open, we go to the extensions and look for php-debug to install it.

Next, we start apache with the command systemctl start apache2. Then we go to the root of the www directory and create a simple php file with the following code:

Open a browser and go to http://localhost/info.php and copy the entire output (use Ctrl + a).

Go to https://xdebug.org/wizard, and paste the output (Ctrl + p) and press analyze phpinfo () output.

xDebug installation wizard

In this section, the xDebug page will analyze the phpinfo() output on our system and guide us through the installation process.

We followed the installation instructions:
1. Download xdebug-2.9.6.tgz.
2. Install the pre-requisites to install the compiled php components.
3. On a Debian system run: apt-get install php-dev autoconf automake.
4. Unpack the downloaded file with: tar -xvzf xdebug-2.9.6.tgz.
5. In a terminal, we execute cd xdebug-2.9.6.
6. And then this command: phpize.

Note: Debian and Ubuntu users should install the development packages with the command apt install php-dev. OpenSuse users can do it with zypper install php7-devel.

7. We run: ./configure.
8. We execute: make.
9. Copy the modules with the command: cp modules/xdebug.so /usr/lib/php/20180731.
(Edit the file php.ini) vim /etc/php/7.3/apache2/php.ini and add the line
zend_extension = /usr/lib/php/20180731/xdebug.so
We make sure that zend_extension = /usr/lib/php/20180731/xdebug.so is below the APcache line.
10. We also update the php.ini files in adjacent directories for both the command line and the webserver.
11. Enable remote debugging on your system in the php.ini file.

12. We restart our web server with systemctl restart apache2
We verify the installation of xdebug by using the output of phpinfo() in the XDebug section.
To do this we run php -m and check that the XDebug module is in the output.

Vscode Configuration

To configure vscode we first create a directory, give it the appropriate permissions and then create a .php file with the following code:

In Visual Studio code, open the folder with the .php file.

Go to the debugger tab and press the gear to later select PHP as the language. After that a configuration file (launch.json) will be created automatically with the following settings:

Go to the Explore section and select the PHP file, then select the breakpoint you want to configure by pressing Right Click > Add New Breakpoint.

Let’s run, for this we can select “Listen for Xdebug” or “Launch currently open script”
1. Debugging “Listen for Xdebug”: Press the button -> select “Listen for Xdebug” -> start the debugging. You will see a debugger toolbar.

2. Open a browser, find the php file and press Enter. Visual Studio code will reach the breakpoint. It is important to mention that it is not necessary to put the port number in the URl.

3. Debugging “Launch currently open script”: Click on the Execute button -> select “Launch currently open script” -> start the debugging. You will see a debugger toolbar and Visual Studio code will reach the configured breakpoint.

We hope that this new entry in our blog has been very useful, if you liked it, we invite you to share it, comment or recommend us.

Thank you

--

--

INMUNE7

INMUNE7 is a group of freelance hackers which offers classic black-box penetration test and white-box tests and source code audit on Web application and mobile.