displaying errors

PHP has a setting named display_errors that allows one to specify if various error messages should be sent to the output or not. It is recommended to keep it off, especially for the public sites, since it may reveal too much information about the application, and looks awful when seen on a public site.

However, for a developer an error report shown in time and place may prove quite valuable and usually is easier to work with then logs, etc. Of course that would mean – keep errors on in development, off in production. OK, then what we do if something weird happens in production and we want to see the errors, but we don’t want others to see them?

ASP has an interesting feature here – it allows you to display detailed error page only when accessed from local browser, but display something generic when accessed from “outside”. Maybe PHP could have some setting like display_errors=local which would enable display_errors for requests originating from developer machine but would disable it when outsider accesses it? Of course, this should be carefully done to prevent security problems, but I have a feeling it might be useful.

This can be done with an extension or even user-defined prepend script, but I think system-level mechanism might help people to use it correctly and avoid embarrassing themselves with publicly-displayed errors while keeping the stuff easy to spot for developers. Would that be useful?

Graceful recovery

Right now some situations (parse errors, undefined function call, no more memory) in PHP result in fatal error – which means the engine can not continue with the request beyond this point. From the user point of view, this often results in a blank page. I wonder if it would be possible to have standard recovery mechanism that would allow the PHP engine on fatal error to enter some kind of “recovery mode” when it would output some very basic page saying “ok, I have some problems here, but don’t panic and just tell my programmer to fix the code”. It won’t give much info probably but it would allow production sites display nice message to the users instead of the boring snowfield panorama it displays now (that is if the administrator was smart enough to set display_errors to off).

Maybe it should allow only fixed HTML, or maybe some kind of “request recovery” mode which would create some “recovery mode” sub-request when it would allow to do more – like send emails to webmaster :). This may need some creative thinking but the main idea is to move away from the snowfield thing.