Use of PHP set_error_handler function
When we write programs, we will inevitably have problems (we often encounter problems), and when PHP encounters an error, it will give the location, line number and reason of the error script. A lot of people say it's not a big deal. Indeed, during the debugging phase, this really doesn't matter, and I think giving the error path is necessary.
But the consequences of leaking the actual path are unimaginable. For some intruders, this information is very important. In fact, many servers now have this problem. Some network administrators simply set display_errors in the PHP configuration file to Off to solve the problem (it seems like we did this), but I think this method is too negative.
Sometimes, we really need PHP to return error information for debugging. And when something goes wrong, you may also need to give the user an explanation or even navigate to another page.
So, what’s the solution?
set_error_handler()
PHP has provided the function set_error_handler() for custom error handling handlers since 4.1.0, but few script writers know it. The set_error_handler function can prevent error paths from being leaked, and of course has other functions.
- can be used to block errors. If an error occurs, some information will be exposed to users, and it is very likely to become a tool for hackers to attack your website. Second, it makes users feel that your level is very low.
- You can write down error information and discover some problems in the production environment in time.
- You can handle it accordingly. When an error occurs, you can display a jump to a predefined error page to provide a better user experience.
- It can be used as a debugging tool. Sometimes you have to debug something in the production environment, but you don’t want to affect the users who are using it.
- . . . .
The usage of set_error_handler is as follows:
<span>string</span> set_error_handler ( callback error_handler [, <span>int</span> error_types])
Now we use custom error handling to filter out the actual path. Suppose there is a variable $admin, which we use to determine whether the visitor is an administrator (this determination can be made by IP or logged in user ID)
<span>//</span><span>admin为管理员的身份判定,true为管理员。
</span><span>//</span><span>自定义的错误处理函数一定要有这4个输入变量$errno,$errstr,$errfile,$errline,否则无效。</span><span>function my_error_handler($errno,$errstr,$errfile,$errline)
{
</span><span>//</span><span>如果不是管理员就过滤实际路径 </span><span>if</span>(!<span>admin)
{
$errfile</span>=str_replace(getcwd(),<span>""</span><span>,$errfile);
$errstr</span>=str_replace(getcwd(),<span>""</span><span>,$errstr);
}
</span><span>switch</span><span>($errno)
{
</span><span>case</span><span> E_ERROR:
echo </span><span>"</span><span>ERROR: [ID $errno] $errstr (Line: $errline of $errfile) \n</span><span>"</span><span>;
echo </span><span>"</span><span>程序已经停止运行,请联系管理员。</span><span>"</span><span>;
</span><span>//</span><span>遇到Error级错误时退出脚本 </span><span>break</span><span>;
</span><span>case</span><span> E_WARNING:
echo </span><span>"</span><span>WARNING: [ID $errno] $errstr (Line: $errline of $errfile) \n</span><span>"</span><span>;
</span><span>break</span><span>;
</span><span>default</span><span>:
</span><span>//</span><span>不显示Notice级的错误 </span><span>break</span><span>;
}
} </span>In this way, an error handling function is customized, so what? What about handing over error handling to this custom function?
<span>//</span><span> 应用到类 </span>set_error_handler(array(&$<span>this</span>,<span>"</span><span>appError</span><span>"</span><span>)); </span><span>//</span><span>示例的做法 </span>set_error_handler(<span>"</span><span>my_error_handler</span><span>"</span>);
so easy, in this way, the contradiction between security and debugging convenience can be well solved. And you can also put some thought into making the error message more beautiful to match the style of the website.
The original author gave two points that need attention, I will post them here, hoping to attract the attention of our compatriots:
- E_ERROR, E_PARSE, E_CORE_ERROR, E_CORE_WARNING, E_COMPILE_ERROR, E_COMPILE_WARNING will not be processed by this handle , that is, it will be displayed in the most original way. However, these errors are caused by compilation or PHP kernel errors and will not occur under normal circumstances.
- After using set_error_handler(), error_reporting () will be invalid. That is, all errors (except the above-mentioned errors) will be handed over to the custom function for processing.
<span>//</span><span>先定义一个函数,也可以定义在其他的文件中,再用require()调用 </span><span>function myErrorHandler($errno, $errstr, $errfile, $errline)
{
</span><span>//</span><span>为了安全起见,不暴露出真实物理路径,下面两行过滤实际路径 </span> $errfile=str_replace(getcwd(),<span>""</span><span>,$errfile);
$errstr</span>=str_replace(getcwd(),<span>""</span><span>,$errstr);
</span><span>switch</span><span> ($errno) {
</span><span>case</span><span> E_USER_ERROR:
echo </span><span>"</span><span><b>My ERROR</b> [$errno] $errstr<br />\n</span><span>"</span><span>;
echo </span><span>"</span><span> Fatal error on line $errline in file $errfile</span><span>"</span><span>;
echo </span><span>"</span><span>, PHP </span><span>"</span> . PHP_VERSION . <span>"</span><span> (</span><span>"</span> . PHP_OS . <span>"</span><span>)<br />\n</span><span>"</span><span>;
echo </span><span>"</span><span>Aborting...<br />\n</span><span>"</span><span>;
exit(</span><span>1</span><span>);
</span><span>break</span><span>;
</span><span>case</span><span> E_USER_WARNING:
echo </span><span>"</span><span><b>My WARNING</b> [$errno] $errstr<br />\n</span><span>"</span><span>;
</span><span>break</span><span>;
</span><span>case</span><span> E_USER_NOTICE:
echo </span><span>"</span><span><b>My NOTICE</b> [$errno] $errstr<br />\n</span><span>"</span><span>;
</span><span>break</span><span>;
</span><span>default</span><span>:
echo </span><span>"</span><span>Unknown error type: [$errno] $errstr<br />\n</span><span>"</span><span>;
</span><span>break</span><span>;
}
</span><span>/*</span><span> Don't execute PHP internal error handler </span><span>*/</span><span>return</span><span>true</span><span>;
}
</span><span>//</span><span>下面开始连接MYSQL服务器,我们故意指定MYSQL端口为3333,实际为3306。 </span>$link_id=@mysql_pconnect(<span>"</span><span>localhost:3333</span><span>"</span>,<span>"</span><span>root</span><span>"</span>,<span>"</span><span>password</span><span>"</span><span>);
set_error_handler(myErrorHandler);
</span><span>if</span> (!<span>$link_id) {
trigger_error(</span><span>"</span><span>出错了</span><span>"</span><span>, E_USER_ERROR);
} </span>Okay, to summarize, here are three usages of set_error_handler:
<span>class</span><span> CallbackClass {
function CallbackFunction() {
</span><span>//</span><span> refers to $this </span><span> }
function StaticFunction() {
</span><span>//</span><span> doesn't refer to $this </span><span> }
}
function NonClassFunction($errno, $errstr, $errfile, $errline) {
}
</span><span>//</span><span> 三种方法如下: </span><span>1</span>: set_error_handler(<span>'</span><span>NonClassFunction</span><span>'</span>); <span>//</span><span> 直接转到一个普通的函数 NonClassFunction </span><span>2</span>: set_error_handler(array(<span>'</span><span>CallbackClass</span><span>'</span>, <span>'</span><span>StaticFunction</span><span>'</span>)); <span>//</span><span> 转到 CallbackClass 类下的静方法 StaticFunction </span><span>3</span>: $o =& <span>new</span><span> CallbackClass();
set_error_handler(array($o, </span><span>'</span><span>CallbackFunction</span><span>'</span>)); <span>//</span><span> 转到类的构造函数,其实本质上跟下面的第四条一样。 </span><span>4</span>. $o = <span>new</span><span> CallbackClass();
</span><span>//</span><span> The following may also prove useful: </span><span>class</span><span> CallbackClass {
function CallbackClass() {
set_error_handler(array(</span>&$<span>this</span>, <span>'</span><span>CallbackFunction</span><span>'</span>)); <span>//</span><span> the & is important </span><span> }
function CallbackFunction() {
</span><span>//</span><span> refers to $this </span><span> }
} </span>The above introduces the use of the PHP set_error_handler function, including the relevant aspects. I hope it will be helpful to friends who are interested in PHP tutorials.
Hot AI Tools
Undresser.AI Undress
AI-powered app for creating realistic nude photos
AI Clothes Remover
Online AI tool for removing clothes from photos.
Undress AI Tool
Undress images for free
Clothoff.io
AI clothes remover
AI Hentai Generator
Generate AI Hentai for free.
Hot Article
Hot Tools
Notepad++7.3.1
Easy-to-use and free code editor
SublimeText3 Chinese version
Chinese version, very easy to use
Zend Studio 13.0.1
Powerful PHP integrated development environment
Dreamweaver CS6
Visual web development tools
SublimeText3 Mac version
God-level code editing software (SublimeText3)
Hot Topics
1386
52
Solution to PHP Fatal error: Call to undefined method PDO::prepare() in
Jun 22, 2023 pm 06:40 PM
PHP is a popular web development language that has been used for a long time. The PDO (PHP Data Object) class integrated in PHP is a common way for us to interact with the database during the development of web applications. However, a problem that some PHP developers often encounter is that when using the PDO class to interact with the database, they receive an error like this: PHPFatalerror:CalltoundefinedmethodPDO::prep
What should I do if 'Uncaught (in promise) Error: Request failed with status code 500' occurs when using axios in a Vue application?
Jun 24, 2023 pm 05:33 PM
It is very common to use axios in Vue applications. axios is a Promise-based HTTP client that can be used in browsers and Node.js. During the development process, the error message "Uncaught(inpromise)Error: Requestfailedwithstatuscode500" sometimes appears. For developers, this error message may be difficult to understand and solve. This article will explore this
Solve the problem of 'error: incomplete type is not allowed' in C++ code
Aug 26, 2023 pm 08:54 PM
Solve the "error:incompletetypeisnotallowed" problem in C++ code. During the C++ programming process, you sometimes encounter some compilation errors. One of the common errors is "error:incompletetypeisnotallowed". This error is usually caused by operating on an incomplete type. This article will explain the cause of this error and provide several solutions. firstly, I
Solve the 'error: expected initializer before 'datatype'' problem in C++ code
Aug 25, 2023 pm 01:24 PM
Solve the "error:expectedinitializerbefore'datatype'" problem in C++ code. In C++ programming, sometimes we encounter some compilation errors when writing code. One of the common errors is "error:expectedinitializerbefore'datatype'". This error usually occurs in a variable declaration or function definition and may cause the program to fail to compile correctly or
0271: What should I do if the computer cannot be turned on due to real time clock error?
Mar 13, 2023 am 11:30 AM
Solution to "0271: real time clock error" that cannot boot: 1. Press F1, and in the interface that appears, move the option bar to the third item "Date/Time"; 2. Manually change the system time to the current one time; 3. Press F10 and select yes in the pop-up dialog box; 4. Re-open the notebook to boot normally.
How to solve PHP Warning: fopen(): failed to open stream: No such file or directory
Aug 19, 2023 am 10:44 AM
How to solve PHPWarning:fopen():failedtoopenstream:Nosuchfileordirectory In the process of using PHP development, we often encounter some file operation problems, one of which is "PHPWarning:fopen():failedtoopenstream:Nosuchfileordirectory"
Solution to PHP Fatal error: Call to undefined function mysqli_connect()
Jun 23, 2023 am 09:40 AM
When writing web applications using PHP, a MySQL database is often used to store data. PHP provides a way to interact with the MySQL database called MySQLi. However, sometimes when using MySQLi, you will encounter an error message, as shown below: PHPFatalerror:Calltoundefinedfunctionmysqli_connect() This error message means that PHP cannot find my
Solution to PHP Fatal error: Call to a member function fetch()
Jun 23, 2023 am 09:36 AM
When using PHP for web application development, you will often need to use a database. When using a database, error messages are very common. Among them, PHPFatalerror: Calltoamemberfunctionfetch() is a relatively common error that occurs when using PDO to query the database. So, what causes this error and how to solve it? This article will explain it in detail for you. 1. Cause of error
