Posted by petersprc on 11/19/06 09:14

Hi,

Hrmm, if you haven't already maybe it might be good to verify that
display_errors is truly off, by looking at the phpinfo() output
(Configuration -> PHP Core) on the same page that displays the error...

Chuck Anderson wrote:
> I have a public site that creates biorhtym charts using Php.
>
> I have put the following in my php.ini file in case of unforeseen
> errors/warnings:
> display_errors = Off
> display_startup_errors = Off
> log_errors = On
> error_log = php_error.log
>
> Every once in a while I get an entry in my Apache access log file from
> someone clicking on the link in a Php warning message - a warning that
> should not appear because of the above.
>
> Like, this warning:
> PHP Warning: mysql_connect() [<a
> href='function.mysql-connect'>function.mysql-connect</a>]: Access denied
> for user .......
>
> I get a 404 error when they click on the [bad] link to
> function.mysql-connect.
>
> Of course, I should find the bug that causes this and get rid of it, but
> how can that link appear on the page if I have display_errors = Off?
>
> What I think I'm really asking is; can display_errors be hacked somehow?
>
> And I guess I also have to ask, why is that bad link put into the
> warning message in the first place?
>
> --
> *****************************
> Chuck Anderson · Boulder, CO
> http://www.CycleTourist.com
> *****************************

[Back to original message]