On 11/17/06, Stein Ivar Johnsen <sijo@xxxxxxxx> wrote:
Sorry, I have no access to my ISP's php.ini file. I need to turn off warnings in the php script code? -- Regards sijo http://www.dyg.no "clive" <clive@xxxxxxxxxx> skrev i melding news:455D85B2.9060107@xxxxxxxxxxxxx > Stein Ivar Johnsen wrote: >> Hi.. >> >> How can I hide Warning messages so they are not shown on screen..: > > look in your php.ini file and set error_reporting to an appropriate value > > or > > set display_errors to off -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Maybe you know this because you want warnings off, but I'll say it anyways. Your host is doing a disservice to you with display_warnings on. When you have an error in your script it shows potential bad people the complete path to your script and all sorts of other data allowing them to tamper more easily. Another great example is the mysql_query() or die(here is my complete sql statement please tamper with it). I would encourage you to plead with your host to turn off display_errors and allow logging them. This way you can handle your errors gracefully with set_error_handler() without showing the world errors that can be exploited. I'm not sure if it is possible but maybe it can be turned off in a htaccess file or within the virtual itself? Also you should listen to everyone else on fixing your code. My rant above is based on the fact that just because you wrote and tested something to work properly today doesn't mean a change tomorrow that could potentially cause errors throwing more sensitive data to the end user. Maybe if you don't know how to fix the warning you received you could post the code that is giving you a problem. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php