Page 1 of 1
Supressing Error Ouput
Posted: Wed Apr 29, 2009 9:38 am
by SyntheticShield
Thanks to this site I have learned quite a bit lately and have made steady site making my first site that uses PHP. Im far far from being any type of coding fanatic but Im learning.
One of the things I have seen in doing this is that when you make a mistake in your coding, the warnings and errors (parse errors, files not found, etc.) give the full file path in the error message. Is there a way to always suppress that information? Can I do it globally?
I have a config file that I made that contains simple stuff like meta information, some simple code to state where my folders are like my include folder and so forth. Is there a line of code that I could add there, that when that file is included into the page it would suppress the file path part of any error messages?
Now, I completely understand the best way to suppress the errors is to not have any or fix those you find. I check everything as I go for this reason. I would just feel better if for some reason I miss something or something odd happen that the file path not be exposed.
Thanks in advance for your help and for all the help Ive received here.
Re: Supressing Error Ouput
Posted: Wed Apr 29, 2009 9:53 am
by divito
The PHP manual can help you get started. -
http://ca2.php.net/manual/en/function.e ... orting.php
What specifically you do to put it into practice is up to you. I'm sure others have some opinions on what you can do.
Re: Supressing Error Ouput
Posted: Wed Apr 29, 2009 10:16 am
by SyntheticShield
Excellent, thank you for the help.
If Im understanding the information correctly, I could just include:
In my config file and that would suppress all error reporting in the production environment. And of course I could disable that for testing purposes. Now I also saw this:
Code: Select all
<?php
function catchFatalErrors($p_OnOff='On'){
ini_set('display_errors','On');
$phperror='><div id="phperror" style="display:none">';
ini_set('error_prepend_string',$phperror);
$phperror='</div>><form name="catcher" action="/sos.php" method="post" ><input type="hidden" name="fatal" value=""></form> <script> document.catcher.fatal.value = document.getElementById("phperror").innerHTML; document.catcher.submit();</script>';
ini_set('error_append_string',$phperror);
}
catchFatalErrors();
?>
Now, I havent gotten into functions a lot. Ive been reading what I can but just havent gotten my head around them yet. But if I understand that function correctly, all I would have to do is create a file 'sos.php' that contained some error message I created, correct? I dont understand the use of the '> & <' the way it is used around the div tags, but I can catch up on that later.
Re: Supressing Error Ouput
Posted: Wed Apr 29, 2009 5:19 pm
by McInfo
The script changes some php.ini settings so that some extra HTML is added to the beginning and end of any error message that appears.
Here is an explanation of what the generated HTML does.
The extra greater-than signs look like typing errors to me. This is junk.
The div is used to hide the error, but the error is still visible in the HTML source code. Here is an example of such an error.
Code: Select all
<div id="phperror" style="display:none">
<br /><b>Warning</b>: Cannot modify header information - headers already sent ... on line <b>4</b><br />
</div>
This is more junk.
This is a form that will send a notification to sos.php with the POST variable "fatal" set.
Code: Select all
<form name="catcher" action="/sos.php" method="post">
<input type="hidden" name="fatal" value="">
</form>
This is some javascript that will set the value of the "fatal" input to the warning message in the div. It then submits the form, causing a page redirect.
Code: Select all
<script>
document.catcher.fatal.value = document.getElementById("phperror").innerHTML;
document.catcher.submit();
</script>
Note that this script will not catch parsing errors and possibly other kinds of errors that display error messages.
Edit: This post was recovered from search engine cache.
Re: Supressing Error Ouput
Posted: Wed Apr 29, 2009 5:34 pm
by SyntheticShield
Thank you for explaining all that. I thought those greater than signs were out of place, but I wasnt 100% sure. I figured, after some playing around with it, that I would just stick with
Code: Select all
ini_set("display_errors", 0);
ini_set("log_errors", 1);
Seems to work well enough and I can easily comment it out while Im testing pages out. I know it all seems redundant and if all the pages tested out good then I should have no trouble, but Im kinda anal about any mishap occurring and exposing the file paths.
Anyway, I GREATLY appreciate the help and especially the explanation and insight.