Hello and welcome to our community! Is this your first visit?
Register
Enjoy an ad free experience by logging in. Not a member yet? Register.
Results 1 to 7 of 7
  1. #1
    Regular Coder
    Join Date
    Nov 2011
    Location
    Preston, UK
    Posts
    131
    Thanks
    36
    Thanked 0 Times in 0 Posts

    Error reporting problem

    I am still having some problems with my error reporting:
    PHP Code:
    ini_set('display_errors'1);
    error_reporting(E_ALL); 
    I get different error showing depending on where I put this code in the script.

    I was advised that the code should remain in the script permanently.

    Can somebody please advise me where the code is supposed to be placed in the script.

    Thanks,
    The MAN, The MYTH, The LEGEND:
    John C
    ________________________________
    Support your local Country Music Club

  • #2
    Senior Coder
    Join Date
    Nov 2010
    Posts
    1,473
    Thanks
    279
    Thanked 32 Times in 31 Posts
    Most people put it at the top of the php file just after <?php assuming that <?php is the first thing in the top of the file which it should be.

  • #3
    God Emperor Fou-Lu's Avatar
    Join Date
    Sep 2002
    Location
    Saskatoon, Saskatchewan
    Posts
    16,994
    Thanks
    4
    Thanked 2,662 Times in 2,631 Posts
    I wouldn't indefinitely place error reporting in a production environment. The error reporting can give clues as to what type of data can be injected and is plainly visible to anyone that triggers it.
    Error reporting should be enabled E_ALL on a development machine, not a production one.

    As mentioned, set it at the top. If its < E_ALL to start with and you place it near the bottom, only executions in sequences below will be affected by the new level set.
    PHP Code:
    header('HTTP/1.1 420 Enhance Your Calm'); 
    Been gone for a few months, and haven't programmed in that long of a time. Meh, I'll wing it ;)

  • #4
    Regular Coder
    Join Date
    Nov 2011
    Location
    Preston, UK
    Posts
    131
    Thanks
    36
    Thanked 0 Times in 0 Posts
    Hi Guys...
    Thank you for your help.
    Quote Originally Posted by Fou-Lu View Post
    I wouldn't indefinitely place error reporting in a production environment. The error reporting can give clues as to what type of data can be injected and is plainly visible to anyone that triggers it.
    Error reporting should be enabled E_ALL on a development machine, not a production one.

    As mentioned, set it at the top. If its < E_ALL to start with and you place it near the bottom, only executions in sequences below will be affected by the new level set.
    It was suggested to me in a previous thread that it should be left in the script permanently.
    However, I can see the point of using it in development and removing it in production.

    Now for the reason for my thread. In a previous thread, somebody suggesed that if ANY errors are reported, they should be solved.:
    PHP Code:
    ini_set('display_errors'1);
    error_reporting(E_ALL); 
    If I set this code at the very top, I get all sorts of errors because nothing has been set:
    PHP Code:
    <?php

    ini_set
    ('display_errors'1);
    error_reporting(E_ALL);
        
    //Start session
        
    session_start();

        
    //Include database connection details
        
    require_once('config.php');

    $action $_GET['action'];
    $name $_GET['name'];
    $email $_GET['email'];
    $active $_GET['act'];
    So I move the error reporting further down:
    PHP Code:
         //Check for duplicate Subscribe ID
    ini_set('display_errors'1);
    error_reporting(E_ALL);

        if(
    $email != '') {
            
    $qry "SELECT * FROM bf_users WHERE email='$email'";
            
    $result mysqli_query($link$qry);
            if(
    $result) { 
    I only get 1 error:
    Notice: Undefined index: m in /home/ukzone/cws99.co.uk/html/mail/register-exec.php on line 91
    Here is the offending code:
    PHP Code:
      // create the MD5 hash 
      
    $secret_code 'countrymusic_secret';
      
    $formatted_email preg_replace("/(-|\@|\.)/"""$from);
      
    $hashed md5("$secret_code $formatted_email");

      
    // wait, are we verifying the email?
      
    if($_GET['m'] != "") {
        
    // this is validation routine
        
    if($hashed == $_GET['m']) { 
    Line 91 = if($_GET['m'] != "") {

    Up to now, m has not been generated.

    m is generated by:
    PHP Code:
    $hashed md5("$secret_code $formatted_email"); 
    and is inserted into the generated email which is sent to the subscriber for verification:
    PHP Code:
        $mail_body "Please DO NOT reply to this email. It is an unattended mailbox.\n\nTo validate your email address, please click the following link:\n\nhttp://cws99.co.uk/mail/register-exec.php?email=$from&act=$active&action=subscribe&name=$name&m=$hashed";

        
    mail($from"Validation Email"$mail_body"From: noreply@cws99.co.uk\n"); 
    Now back to the reason for this thread.
    I just cannot see how to resolve the problem since m hasn't been generated yet.

    Any advise will be gratefully appreciated.
    The MAN, The MYTH, The LEGEND:
    John C
    ________________________________
    Support your local Country Music Club

  • #5
    Senior Coder
    Join Date
    Feb 2011
    Location
    Your Monitor
    Posts
    4,474
    Thanks
    63
    Thanked 537 Times in 524 Posts
    Quote Originally Posted by countrydj View Post
    If I set this code at the very top, I get all sorts of errors because nothing has been set:

    So I move the error reporting further down:

    I only get 1 error:
    If its at the top, you are turning on error reporting for the whole script. That means that ANY error will be output. If you turn it on half way down the script it will only output errors from that bit of code and below. It will not output errors on code above it. Thats how code works - top to bottom and never backwards.

    As for the m problem, to test it against "" you are assuming that $_GET['m'] already exists. It may not and so by trying $_GET['m'] != "" your code will output an error or notice because $_GET['m'] doesn't actually exist to even test.

    To deal with that you use the isset() function. This literally determines if $_GET['m'] "is set" - in other words was actually sent by the browser - like this:

    PHP Code:
    if ((isset($_GET['m'])) and ($_GET['m'] != '')) 
    If it is not set, the if conditional will return false and will output no error or run that piece of code.

    This concept can be a bit confusing initially but basically if the browser doesn't send it, then to PHP it doesn't exist. It's a bit like me saying to you, use http.exe to debug your ouput. You've no idea what http.exe is because its my own program that I use. IfI sent it to you by email, you would know what it is and so http.exe "is set" in your mind and it now exists. If I don't send it to you then you've no idea what it is, what it does, how to use it etc and in reality as far as you're concerned it doesn't exist.
    Last edited by tangoforce; 02-09-2013 at 02:36 PM.
    I can't really think of anything to write here now...

  • Users who have thanked tangoforce for this post:

    countrydj (02-09-2013)

  • #6
    Regular Coder
    Join Date
    Nov 2011
    Location
    Preston, UK
    Posts
    131
    Thanks
    36
    Thanked 0 Times in 0 Posts
    Hi tangoforce ...

    Thanks very much for your quick reply.

    The solution was so simple (if I knew how).

    My code now reads:
    PHP Code:
      if ((isset($_GET['m'])) and ($_GET['m'] != '')) {
        
    // this is validation routine
        
    if($hashed == $_GET['m']) { 
    And I have no error messages.

    At last I can sleep peacefully.

    P.S. I won't ask you what
    PHP Code:
    //Please don't use this for your form processing:
    if (isset($_POST['submit']))
    //Internet explorer has a bug and does not always send the submit value. 
    means - AGAIN !!!

    Thank you very much.
    The MAN, The MYTH, The LEGEND:
    John C
    ________________________________
    Support your local Country Music Club

  • #7
    Senior Coder
    Join Date
    Feb 2011
    Location
    Your Monitor
    Posts
    4,474
    Thanks
    63
    Thanked 537 Times in 524 Posts
    Quote Originally Posted by countrydj View Post
    P.S. I won't ask you what
    PHP Code:
    //Please don't use this for your form processing:
    if (isset($_POST['submit']))
    //Internet explorer has a bug and does not always send the submit value. 
    means - AGAIN !!!
    As I told you last time you asked, it's part of my signature. If you look underneath it, there is a LINK for you to click so that you can read more and see a video of the bug in action.

    Open your EYES !!!
    I can't really think of anything to write here now...


  •  

    Posting Permissions

    • You may not post new threads
    • You may not post replies
    • You may not post attachments
    • You may not edit your posts
    •