Posted by Chuck Anderson on 11/19/06 01:06

I have a public site that creates biorhtym charts using Php.

I have put the following in my php.ini file in case of unforeseen
errors/warnings:
display_errors = Off
display_startup_errors = Off
log_errors = On
error_log = php_error.log

Every once in a while I get an entry in my Apache access log file from
someone clicking on the link in a Php warning message - a warning that
should not appear because of the above.

Like, this warning:
PHP Warning: mysql_connect() [<a
href='function.mysql-connect'>function.mysql-connect</a>]: Access denied
for user .......

I get a 404 error when they click on the [bad] link to
function.mysql-connect.

Of course, I should find the bug that causes this and get rid of it, but
how can that link appear on the page if I have display_errors = Off?

What I think I'm really asking is; can display_errors be hacked somehow?

And I guess I also have to ask, why is that bad link put into the
warning message in the first place?

--
*****************************
Chuck Anderson • Boulder, CO
http://www.CycleTourist.com
*****************************

[Back to original message]