Error reporting & Security
Date: 07/29/06
(PHP Community) Keywords: mysql, sql, security, web
Any problems with using error_log with parameter 1 (email) that I should be aware of? I just discovered it while researching something else and would like to abuse the hell out of it for production website. It would be nice to suppress all error messages and instead have them piped to a dedicated email address.
Other question... security. Any recommended reads, blogs, notes, what not on the subject? And I mean anything and everything.
Also, turns out I mistakingly posted this to another community by accident, so to save time... this is what I mean by error_log()
$link = mysql_connect("www.myServer.com","myAccount","password");
if($link == false)
{
$errMsg = "SITE: www.myServer.com\n";
$errMsg .= __FILE__ . "@" . __LINE__ ."\n";
$errMsg .= "Detail: Unable to connect to mysql server\n";
$errMsg .= "mysql_error: " . mysql_error() . "\n";
error_log($errMsg, 1, "errMsg@myOtherServer.com");
//then die or skip rest of script
}
And while I am on the subject, is there anything equivalent to c/c++ #define. I really miss that and it would come in handy with something like the above code.
Source: http://community.livejournal.com/php/477454.html