As I continued my quest into updating all my web sites and scripts for the big update, I tried to use an easy method to debug my PHP scripts. So, I modified my php.ini file and changed the following lines:

error_reporting = E_ALL
display_errors = On
display_startup_errors = On
log_errors = On
track_errors = On

I actually don’t know about the display_startup_errors and track_errors features, but the one that helped me a lot was error_reporting.

Good. I set it up in my config.php file as <?php error_reporting(E_ALL);?>. As a result, lots of ‘undefined index‘, ‘undefined variable‘ and ‘undefined constant‘ notices and warnings appeared. The script still worked as intended, but the warnings and notices are still errors because something is happening that you as the programmer obviously did not plan for, and neither did your end user. Why should you fix them if they’re not errors, you ask? Because some hacker with error_reporting forced to E_ALL could see these ‘undefined’ variables, indexes and constants, and define them in an attempt to get hold of your form processing. What may happen then? I’ll let you figure it out.

In my form processing scripts I had lines stating that if the submit button has been hit, then execute the script (like inserting or updating the database). Here is the code:

if($submit) {
...do insert here...
}
else {
...display form here...
}

This script would in fact cause some errors, because the $submit variable is not set in the first part of the script, it gets set only after submitting the form, so the check for the value of $submit would produce a non-fatal error. What should we do to prevent this? We should first check for the existence of $submit, and then for its value:

if(isset($submit)) {
...do insert here...
}
else {
...display form here...
}

Furthermore, let’s assume the form does a POST action. Replace:

if(isset($submit))

with:

if(isset($_POST['submit']))

I had more circumstances, which could produce these ‘undefined’ errors, but the form processing ones were the most frequent.

Do not forget to change it back to <?php error_reporting(0);?> after you finished debugging and fixing your script.

submit to reddit

Leave a Reply

Your email address will not be published. Required fields are marked *

*

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>

behance roo wordpress