Recipe 8.15 Hiding Error Messages from Users
8.15.1 Problem
You don't want PHP error messages visible to users.
8.15.2 Solution
Set the following values in your php.ini or web
server configuration file:
display_errors =off
log_errors =on
These settings tell PHP not to display errors as HTML to the browser
but to put them in the server's error log.
8.15.3 Discussion
When
log_errors is set to
on,
error messages are written
to the server's error log. If you want PHP errors to
be written to a separate file, set the error_log
configuration directive with the name of that file:
error_log = /var/log/php.error.log
If error_log is set to syslog,
PHP error messages are sent to the system logger using
syslog(3) on Unix and to the Event Log on Windows
NT.
There are lots of error messages you want to show your users, such as
telling them they've filled in a form incorrectly,
but you should shield your users from internal errors that may
reflect a problem with your code. There are two reasons for this.
First, these errors appear unprofessional (to expert users) and
confusing (to novice users). If something goes wrong when saving form
input to a database, check the return code from the database query
and display a message to your users apologizing and asking them to
come back later. Showing them a cryptic error message straight from
PHP doesn't inspire confidence in your web site.
Second, displaying these errors to users is a security risk.
Depending on your database and the type of error, the error message
may contain information about how to log in to your database or
server and how it is structured. Malicious users can use this
information to mount an attack on your web site.
For example, if your database server is down, and you attempt to
connect to it with mysql_connect( ), PHP generates
the following warning:
<br>
<b>Warning</b>: Can't connect to MySQL server on 'db.example.com' (111) in
<b>/www/docroot/example.php</b> on line <b>3</b><br>
If this warning message is sent to a user's browser,
he learns that your database server is called
db.example.com and can mount an attack on it.
8.15.4 See Also
Recipe 8.18 for how to log errors;
documentation on PHP configuration directives at
http://www.php.net/configuration.
|
