There are number of different types of errors in PHP . Some of the most common ones are:
E_ERROR: This is a fatal runtime error. Your application cannot recover from an E_ERROR. Therefore, the script is halted. Example cause: Attempting to call a function that doesn’t exist.
E_PARSE: This occurs whenever PHP fails to parse / compile your code. Your script will not run as a result. Example cause: Failing to close your brackets properly.
E_WARNING: This is a runtime warning that does not prevent the rest of your application from running. Example: Trying to access a file or URL that doesn’t exist.
E_NOTICE: An E_NOTICE occurs whenever PHP encounters something that may indicate an error. Example: Trying to access an array index that doesn’t exist.
E_STRICT: Occurs whenever PHP warns you about the future compatibility of your code. Example cause: Using functions or language features that have been deprecated.
Development Environment
In a development environment, you should display ALL errors. Hiding warnings and notices in a development environment is bad practice, simply because you should be fixing the root causes; not attempting to cover them up! Sweeping “dirt” like this under the rug may lead to the appearance of annoying bugs that are difficult to identify! To display all of the possible PHP errors, you can insert the following directives into your PHP.ini file:
|
1 2 3 4 |
display_errors = On display_startup_errors = On error_reporting = -1 log_errors = On |
If you do not have access to your PHP.ini file, you can place the following piece of code at the top of your script:
|
1 2 |
error_reporting(-1); ini_set("display_errors", 1); |
Production / Live Environment
In a production / live environment, errors should be logged, but not displayed to the end user. Displaying PHP errors in a live environment is not recommended. This is because:
They are not user friendly.
Warnings and notices can break the display / layout of your website.
They can provide an attacker with critical information about the internal workings of your application.
To hide PHP errors, you can insert the following directives into your PHP.ini file:
|
1 2 3 4 |
display_errors = Off display_startup_errors = Off error_reporting = E_ALL log_errors = On |
If you do not have access to your PHP.ini file, you can place the following code at the top of your script:
|
1 |
error_reporting(0); |
——-
Edit by Eli:
The above is correct but it will display only errors while the script is running. Any error in syntax will not be shown because the script wasn’t compiled and the error display directives are not executed. If there is a syntax-error free file which compiles and includes another file which has syntax errors, then they will be shown since the root file is starting to execute.
More info:
To display all errors you need to:
1. Have these lines in the PHP script you’re calling from the browser (typically index.php):
error_reporting(E_ALL);
ini_set(‘display_errors’, 1);
2.(a) Make sure that this script has no syntax errors
—or—
2.(b) Set display_errors = On in your php.ini
Otherwise, it can’t even run those 2 lines!
You can check for syntax errors in your script by running (at the command line):
php -l index.php
If you include the script from another PHP script then it will display syntax errors in the included script. For example:
index.php
error_reporting(E_ALL);
ini_set(‘display_errors’, 1);
// Any syntax errors here will result in a blank screen in the browser
include ‘my_script.php’;
my_script.php
adjfkj // This syntax error will be displayed in the browser