Searching for a bug in a haystack – cracking the codes of Inventory Management System

My work was in need of a simple inventory management system to keep track of the prototype components. I have been given a small budget to buy one. So I went on Internet to search for a reasonably priced inventory management system. Most of the solutions are a bit too powerful for what we need, thus are too expensive.

Three weeks ago, I came across an open-source inventory management system. So I downloaded the source files (mostly php files) and started running it. I ran into several issues but was able to resolve most of them – due to file/directory privilege and dos/unix file transfer issues. All except one: the default “date” in a part transaction are all showing up as “{NAME}” instead of the numbers on the month/day/year fileds. What’s going on there? This plunged me into the world of php, xml, ajax, css and etc. I borrowed books from library like “PHP/MySQL for dummies” and “PHP 5 Advanced” by Larry Ullman . Both were very nice books in helping me to understand the intricate interaction between PHP and MySQL. I learned a lot of object-oriented programming (OOP) and a little bit on Ajax. But having learned the basic probably helps me to start a small project on my own. Tackling a full-blown sophisticated software like IMS that I downloaded was a totally different story.

By far the worst part about developing or debugging a PHP software/module is the fact that you’re dealing with a software running on a remote host and displaying the output on a browser. It’s difficult to insert variable dumps along the way to keep pace with the program flow because there is no console screen and showing the raw variable values on the browser may screw up your display. Not an easy thing to do. So I searched the net to find a debugger. The most popular debugger is NuSphere’s PhpEd. I downloaded the trial version and started debugging. I never used a debugger before so I needed to get used to the interface plus interrogating the variables values while tracing the program steps. Overall, the software does its job well and is fairly powerful. I don’t think I could have found the bug without its help. I think I’ll buy the software. See below for the exact bug.

After tracing this software code, I was very impressed with the author’s programming style and his modular approach. Modular is nice because it’s readily expandable but it’s very difficult to follow due to the jumping around among the classes/files.

By working with the debugger, I now understands a little bit about how the program works. I was then able to modify the titles and changed the fields slightly to meet our needs. Proudly, I demo’ed the tool to my technician crew who will be using the software to track our inventory. And guess what? They wanted to add a “project” field and a search function. That’ll teach me a lesson to download a freeware. 🙂 I did learn a few things along the way but may end up supporting/expanding the software for the rest of my career 🙁

Here’s the bug I found around line 122 on “lib/html.php”:

if (is_array($extra_vars[$key])) {
$repl_array = array_merge($repl_array,$extra_vars[$key]); }
/* In the above “is_array($extra_vars)” got changed to “is_array($extra_vars[$key])” by Derek Tsai,
$repl_array kept getting NULL’ed due to array_merge with a NULL variable */