Detailed explanation of the use of PHP set_error_handler() function (example)_PHP tutorial

When we write programs, we will inevitably have problems (we often encounter problems), and when PHP encounters an error, it will give the location, line number and reason of the error script. A lot of people say it's not a big deal. Indeed, in the debugging phase, this really doesn't matter, and I think giving the error path is necessary.
But the consequences of leaking the actual path are unimaginable. For some intruders, this information is very important. In fact, many servers now have this problem. Some network administrators simply set display_errors in the PHP configuration file to Off to solve the problem (it seems like we did this), but I think this method is too negative.
Sometimes, we really need PHP to return error information for debugging. And when something goes wrong, you may also need to give the user an explanation or even navigate to another page. So, what's the solution?
set_error_handler()
PHP has provided the function set_error_handler() to customize error handling handles since 4.1.0, but few script writers know it. The set_error_handler function can prevent error paths from being leaked, and of course has other functions.
Can be used to mask errors. If an error occurs, some information will be exposed to users, and it is very likely to become a tool for hackers to attack your website. Second, it makes users feel that your level is very low.
You can write down error information and discover some problems in the production environment in time.
Corresponding processing can be done. When an error occurs, a jump to a predefined error page can be displayed to provide a better user experience.
It can be used as a debugging tool. Sometimes you have to debug something in the production environment, but you don’t want to affect the users who are using it.
The usage of set_error_handler is as follows:

Copy code The code is as follows:

string set_error_handler ( callback error_handler [, int error_types ])

Now we use custom error handling to filter out the actual paths. Suppose there is a variable $admin, which we use to determine whether the visitor is an administrator (this determination can be made by IP or logged in user ID)

Copy code The code is as follows:

//admin is the identity determination of the administrator, true is the administrator.
//The custom error handling function must have these four input variables $errno, $errstr, $errfile, $errline, otherwise it will be invalid.
function my_error_handler($errno,$errstr,$errfile,$errline)
{
//Filter the actual path if you are not an administrator
if(!admin)
{
$errfile=str_replace(getcwd(),"",$errfile);
$errstr=str_replace(getcwd(),"",$errstr);
}
switch($errno)
{
case E_ERROR:
echo "ERROR: [ID $errno] $errstr (Line: $errline of $errfile) n";
echo "The program has stopped running, please contact the administrator.";
                                                                                                                                                                                                                            errline of $errfile) n";
break;

default:
//Do not display Notice level errors
break;
}
}


In this way, an error handling function is customized, so how to hand over error handling to this custom function?

Copy code

The code is as follows:

//Apply to class set_error_handler(array(&$this,"appError "));

//Example method

set_error_handler("my_error_handler");


So easy, in this way, the contradiction between security and debugging convenience can be well solved. And you can also put some thought into making the error message more beautiful to match the style of the website.
The original author gave two points that need attention. I will post them here, hoping to attract the attention of our compatriots:
1. E_ERROR, E_PARSE, E_CORE_ERROR, E_CORE_WARNING, E_COMPILE_ERROR, and E_COMPILE_WARNING will not be affected by this The handle is processed, that is, it will be displayed in the most original way. However, these errors are caused by compilation or PHP kernel errors and will not occur under normal circumstances.
2. After using set_error_handler(), error_reporting () will be invalid. That is, all errors (except the above-mentioned errors) will be handed over to the custom function for processing.
Finally, give an example

Copy the code The code is as follows:

//First define a function, you can also define In other files, use require() to call
function myErrorHandler($errno, $errstr, $errfile, $errline)
{
　　　//For the sake of safety, the real physical path is not exposed. The following two lines filter the actual path
$errfile=str_replace(getcwd(),"",$errfile);
$errstr=str_replace(getcwd(),"",$errstr);

switch ($errno) {
case E_USER_ERROR:

echo "My ERROR [$errno] $errstr
n";
echo " Fatal error on line $errline in file $errfile";
echo ", PHP " . PHP_VERSION . " (" . PHP_OS . ")
n";
echo "Aborting...< br />n";
exit(1);
break;

case E_USER_WARNING:
echo "My WARNING [$errno] $errstr< ;br />n";
break;

case E_USER_NOTICE:
echo "My NOTICE [$errno] $errstr
n" ;
break;

default:
echo "Unknown error type: [$errno] $errstr
n";
break;
}

/* Don't execute PHP internal error handler */
return true;
}

// Let’s start connecting to the MYSQL server. We deliberately specify the MYSQL port as 3333, but it is actually 3306.
$link_id=@mysql_pconnect("localhost:3333","root","password");
set_error_handler(myErrorHandler);
if (!$link_id) {
trigger_error("An error occurred ", E_USER_ERROR);
}

http://www.bkjia.com/PHPjc/825122.htmlwww.bkjia.comtruehttp: //www.bkjia.com/PHPjc/825122.htmlTechArticleWhen we write programs, it is inevitable that there will be problems (problems are often encountered), and when PHP encounters errors, The location, line number and reason of the error script will be given. Many people say that this is nothing...