Debug and run only files are totally different issues. A run only file does not stop debug being turned on. Setting <@assign request$debugmode value="forceoff"> as the first code in a taf is the only way to prevent any debug output.
On 14/11/03 1:16 PM, "Bill Conlon" <[EMAIL PROTECTED]> wrote: > This is all good info, and I will implement Steve and Phil's suggestions. > > My issue is with reverse engineering of the runtime appfiles by a > customer. I would prefer to keep the inner workings (including the SQL > queries) private, and making the appfile runtime only, the Dev Studio > cannot read them. But if the customer has the files, they could turn on > debug and obtain the essence of the appfile. > > So my question is, beyond encrypting (in some way) the app files, does > the server know not to debug run-only files? > >> Steve is correct. It is best to set DEBUGMODE in the witango.ini to >> ForceOff on all production servers. This actually is just initialising >> system$DEBUGMODE to be forceoff. This will ensure that all files will not >> produce debug code on the server. It also means that the DEBUGMODE setting >> can be over ridden by DEBUGMODE being defined in user or local scope >> variable. >> >> This can be very useful in debugging a production/staging system. Take for >> instance the following examples from the debug session at corroboree: >> >> --- >> >> Location based debug can turn debug on only when accessed from a particular >> address (be careful of proxy servers here): >> >> <@if '<@CGIPARAM CLIENT_IP> = "127.0.0.1"'> >> <@assign user$debugmode value="forceon"> >> </@if> >> >> --- >> >> Toggle Debug on and off throughout a taf to only show debug in particular >> actions. Just put this statement before and after the action(s) you wish to >> debug: >> >> <@assign request$debugmode value='<@IF >> "@@request$debugmode=ForceOn">ForceOff<@ELSE>ForceOn</@IF>'"> >> >> --- >> >> You can do Event based debugging. This can be less intrusive when >> troubleshooting an issue in a large taf. Place conditional debug code in >> different locations in a taf or tafs. >> >> <@ifempty '@@request$importantvar'> >> <@if '<@CGIPARAM CLIENT_IP> = "10.1.1.1"'> >> <@assign request$debugmode value="forceon"> >> </@if> >> <@debug> >> <hr> >> <font color="red">WARNING: request$importantvar is empty<br></font> >> <hr> >> </@debug> >> <@assign request$debugmode value="forceoff"> >> </@if> >> >> >> Phil >> >> On 14/11/03 12:16 PM, "Steve Smith" <[EMAIL PROTECTED]> wrote: >> >>> I haven't set the debug mode in any individual taf file in over 3 >>> years. I make use of the user-scope version of this variable. I use a >>> developer taf that contains a variety of IF actions and ELSEIF actions. >>> Two of them contain the following: >>> >>> <@ASSIGN SCOPE=USER NAME=debugMode VALUE=forceOn> >>> >>> and >>> >>> <@PURGE SCOPE=USER NAME=debugMode> >>> >>> This taf opens up and executes in a new window but because the >>> userreference is the same it controls whether debug is turned on in the >>> original window. This means that you can use this on a production site >>> which is such a bonus. >>> >>> The system configuration for all of my systems has debug set to off. By >>> using this method, I don't have to worry whether I have left debug on >>> or not when I'm saving a taf file. >>> >>> Hope this helps, >>> >>> Steve Smith >>> >>> Oakbridge Information Solutions >>> Office: (519) 624-4388 >>> GTA: (416) 606-3885 >>> Fax: (519) 624-3353 >>> Cell: (416) 606-3885 >>> Email: [EMAIL PROTECTED] >>> Web: http://www.oakbridge.ca >>> >>> >>> On Thursday, November 13, 2003, at 10:35 AM, Eric Weidl wrote: >>> >>>> Hi Bill, >>>> >>>> I recommend explicitly turning off debugging at the top of each TAF. >>>> Use syntax similar to the following: >>>> >>>> <@ASSIGN SCOPE="local" NAME="debugMode" VALUE="forceOff"> >>>> >>>> Since you are assigning the debugMode flag in local scope, it will >>>> override the global system setting. >>>> >>>> Eric >>>> >>>> >>>> At 12:32 PM 11/12/2003, you wrote: >>>>> If I deliver runtime only applications, I would also like to keep the >>>>> internal operations hidden. So when appfiles are encrypted for >>>>> runtime >>>>> only deployment, is debugging automatically disabled on the server? >>>>> >>>>> Or do I have to explicitly force debug off at the beginning of each >>>>> runtime appfile? >>>>> >>>>> >>>>> >>>>> Bill Conlon >>>>> >>>>> To the Point >>>>> 345 California Avenue Suite 2 >>>>> Palo Alto, CA 94306 >>>>> >>>>> office: 650.327.2175 >>>>> fax: 650.329.8335 >>>>> mobile: 650.906.9929 >>>>> e-mail: mailto:[EMAIL PROTECTED] >>>>> web: http://www.tothept.com >>>>> >>>>> >>>>> ______________________________________________________________________ >>>>> __ >>>>> TO UNSUBSCRIBE: Go to http://www.witango.com/maillist.taf >>>> >>>> _______________________________________________________________________ >>>> _ >>>> TO UNSUBSCRIBE: Go to http://www.witango.com/maillist.taf >>>> >>>> >>> >>> ________________________________________________________________________ >>> TO UNSUBSCRIBE: Go to http://www.witango.com/maillist.taf >> >> ________________________________________________________________________ >> TO UNSUBSCRIBE: Go to http://www.witango.com/maillist.taf >> > > > Bill Conlon > > To the Point > 345 California Avenue Suite 2 > Palo Alto, CA 94306 > > office: 650.327.2175 > fax: 650.329.8335 > mobile: 650.906.9929 > e-mail: mailto:[EMAIL PROTECTED] > web: http://www.tothept.com > > > ________________________________________________________________________ > TO UNSUBSCRIBE: Go to http://www.witango.com/maillist.taf ________________________________________________________________________ TO UNSUBSCRIBE: Go to http://www.witango.com/maillist.taf
