What does @ do?

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

Post Reply
f1nutter
Forum Contributor
Posts: 125
Joined: Wed Jun 05, 2002 12:08 pm
Location: London

What does @ do?

Post by f1nutter »

Hi,

I have just added PHP and MySQL to my hosting package. An example connection file was placed on the site for me to read. It is slightly different from the connection method I have been using for testing at home. This is what they suggest:

Code: Select all

$connection = @mysql_pconnect("host", "username", "password");
From the manual I see that this creates a persisten connection, and understand this. However, what puzzles me is the "@" symbol. I have tried searching for this character, but nothing shows up in the manual or forum. I know that it is used for documentation in Java, but not before a function call. Any ideas?

Thanks.
User avatar
jonsyd
Forum Commoner
Posts: 36
Joined: Fri Sep 20, 2002 9:28 am
Location: Oxford, UK

Post by jonsyd »

if you prepend @ to an expression, it turns off error reporting just for that expression. Its usually used if you want to handle errors yourself. You just need to remember to check for the errors later in the script. See:
http://uk.php.net/manual/en/features.error-handling.php
Jonny
User avatar
Sevengraff
Forum Contributor
Posts: 232
Joined: Thu Apr 25, 2002 9:34 pm
Location: California USA
Contact:

Post by Sevengraff »

woah, ive been wondering what the @ did for a while!
f1nutter
Forum Contributor
Posts: 125
Joined: Wed Jun 05, 2002 12:08 pm
Location: London

Post by f1nutter »

Like most people in this forum suggest, I have placed my db connection details in a file to be included with each script that uses my database.

There have been various discussions about the security of this method, and one problem I found, which wasn't mentioned, is what happens when the MySQL host goes down, but the PHP server stays running? (My host has a seperate "Web" server to the MySQL server.)

You cannot connect to your database and a warning comes back, "Cannot connect, error in file host/include/connection.php at line 3" or whatever.

Then, someone else knows where your connection file is located, and can include this file (absolute address) and get at your database.

By adding "@", this removes this problem and is one more way to foil an attack.

Hurrah!
User avatar
Takuma
Forum Regular
Posts: 931
Joined: Sun Aug 04, 2002 10:24 am
Location: UK
Contact:

Post by Takuma »

He can't view the PHP file though... So if you save it in ".php" they can't see the php code unless they hack your host.
f1nutter
Forum Contributor
Posts: 125
Joined: Wed Jun 05, 2002 12:08 pm
Location: London

Post by f1nutter »

They don't need to know whats "in" your file, just include the file and use the settings to connect to your database.

Code: Select all

<?php
include("http://somewhere.com/include/connection.php");

?>
and use your database.
User avatar
twigletmac
Her Royal Site Adminness
Posts: 5371
Joined: Tue Apr 23, 2002 2:21 am
Location: Essex, UK

Post by twigletmac »

If the host is set to localhost in the connection script then they won't be able to connect to your database from a remote server. If host is an IP address then they may be able to connect if your hosting company hasn't limited access with your username to the server on which your site files reside. The main issue that I could see is the fact that if you've got a bunch of variables like $user/$username and $pass/$password/$pword or the like they could echo them out and gain access to your database through something like http://www.yoursite.com/phpMyAdmin/.

Mac
User avatar
phice
Moderator
Posts: 1416
Joined: Sat Apr 20, 2002 3:14 pm
Location: Dallas, TX
Contact:

Post by phice »

*learns something everyday* :oops:
Image Image
Post Reply