PHP Developer

My notes and thoughts about Linux, WordPress, PHP, WPML, Toolset and many more.

Best practices of PHP Error Handling: Illustrated using a Video Streaming Script

Recent author notes: WIth PHP 5, there is a thing called 'Exception handling' which offers a much systematic way of error handling. This is an object oriented approach and well documented here: http://php.net/manual/en/language.exceptions.phpThis is probably the best approach to error handling.

Proper Error handling is important in PHP for the following reasons:

1.) Provides easy troubleshooting for you as a developer of the script or PHP application.
2.) Provides security measures for your script against malicious use of the script.

One of the mistakes I’ve learned in the past is showing PHP errors publicly. I admit that mistake. In reality your users does not care what to do with the errors or does not know anything about that error.

So in summary, you should hide these errors from showing publicly as much as possible. “Security by obscurity” works best in this case, any malicious user can’t manipulate your scripts if it won’t return any errors. This makes your script more difficult to attack.

In this tutorial, I am revising the video streaming script to illustrate proper error handling. This is what you should do to your existing scripts:

1.) Don’t use any PHP die() function to terminate scripts if there is an error (e.g. validation error, etc.). Instead let the script flow from start to end and return empty/blank screen in the browser regardless of whether an error occurs or not.

2.) Log the errors behind the scenes to a text file only accessible to you. You can even create a directory in your server and put the log text files there for troubleshooting purposes. Now for even better security, protect the folder with .htaccess so that you will be the only one that can access the log text files.

3.) Use Functions Blocks programming method to organize your scripts.

4.) You need an error handling function.

Revised Script with Proper Error handling methods

In the script below, take note how the errors are handled by looking at the comments called “ERROR HANDLING”.

Quick Discussion

The error handling function:

Simply creates/logs the errors found in your script. For example:

It will log a MySQL Select Statement error to the file. By doing this, you hide the errors to the public and making your script more secure. Of course this error handling example is very basic, you can add more handling scripts, warnings, date/time logging method, etc. if you want.

Featured image credits: Ghansham Mahajan

One thought on Best practices of PHP Error Handling: Illustrated using a Video Streaming Script

  • I believe in try and catch method of error handling. Of course you would still log exceptions that you catch. You can make multiple exception classes for separate parts of the application in order to be able to have unique instructions for each type.

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes:

<a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code class="" title="" data-url=""> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong> <pre class="" title="" data-url=""> <span class="" title="" data-url="">