How to get rid of error or warning messages output by PHP in a programatic way for a production PHP web app

Lets say you’re on a shared hosting, or you’re only a programmer which you have NO control at all on the error warning messages output by PHP, such as those E_WARNING, E_ALL, E_STRICT etc.

The easiest way to get rid of error messages in your PHP program is to add the @ operator in front of each function you call in your PHP to suppress those error messages. For example a mysql_query() might trigger error messages output or an fopen() function will display lots of messages while the file is NOT found etc. For example the following code:

$fh=fopen($_REQUEST['remotefile'],’r');
if ($fh==false )die(“We don’t proceed”);
.
.

Even though the above code checks if the file handler returned by fopen function is valid or not, if it’s found invalid it’ll stop there without proceeding to the next few lines of codes. But the system still outputs some warning error messages if this is configured to do so with your webhost. But you definitely don’t want these errors for a production system. As some errors could reveal the file path of your PHP script which might present certain useful information to the hackers which they can then make use of that minimum info to guess and hack your website etc.

For a programmer’s level of control, the easiest way is to add a @ operator in front of the function such as the above now becomes as follows:

$fh=@fopen($_REQUEST['remotefile'],’r');
if ($fh==false )die(“We don’t proceed”);
.
.

Enter your email address to subscribe our newsletter or feed for FREE:

Delivered by FeedBurner


Bookmark with:

[Delicious]    [Digg]    [Reddit]    [Facebook]    [StumbleUpon]

0 Responses to “How to get rid of error or warning messages output by PHP in a programatic way for a production PHP web app”


  1. No Comments

Leave a Reply

You must login to post a comment.