Why does php not show errors? – How to display PHP errors when display_errors is disabled

OK, a simple thing I know. But one that always occurs.

When using shared hosting (or even your own dedicated servers), those managing those servers do their utmost to make them secure. Among many things this usually includes turning off ‘display_errors’ in the php.ini file.

However, when you’re trying to develop things it is usefull to display errors and warnings, but if ‘display_errors’ is off, you will be scratching your head wondering what’s going on and whats going wrong!

So, if you have access to modify the php.ini (i.e. locally developing or own server), check out the following in the php.ini file:

; – display_errors = Off [Security]
; With this directive set to off, errors that occur during the execution of
; scripts will no longer be displayed as a part of the script output, and thus,
; will no longer be exposed to remote users. With some errors, the error message
; content may expose information about your script, web server, or database
; server that may be exploitable for hacking. Production sites should have this
; directive set to off.

; Print out errors (as a part of the output). For production web sites,
; you’re strongly encouraged to turn this feature off, and use error logging
; instead (see below). Keeping display_errors enabled on a production web site
; may reveal security information to end users, such as file paths on your Web
; server, your database schema or other information.
display_errors = On

From the above snippet from the php.ini file, enabling display_errors can open up security risks, that is why many hosting providers/server admins may turn them off.

Often you may now be able to modify the php.ini file. Here is how to enable them within your script, just paste the following at into your script – preferably at the top (NB: I like to have an included config script of some kind in all pages so usually put it in there), this will also create a log file for you which you maymay not want.

ini_set(‘display_errors’, 1);
ini_set(‘log_errors’, 1);
ini_set(‘error_log’, dirname(__FILE__) . ‘/error_log.txt’);

For interest, the output from phpinfo() will also tell you what error handling/display/logging options are set, it will generally show you the following:

* display_errors (we want it to be On or 1)
* display_startup_errors (we want it to be On or 1)
* log_errors (we want it to be On or 1)
* error_log (it should be anything but undefined)
* error_reporting (it should be 2047 or larger)

I will write another day on it, but you could also look at set_error_handler(). Using this you can create a custom error handler that can handle an error in anyway you wish, from sending an email to you to redirecting the user to a ‘sorry’ page etc etc, you can find out more about doing this here http://www.php.net/manual/en/errorfunc.examples.php until I get round to writing about it 🙂

Leave a Reply

The reCAPTCHA verification period has expired. Please reload the page.