in reply to Error handling in a module

Throwing an error with die and stopping the web experience completely is not a very good solution because the error that will be displayed is probably meaningless to the end user.

Not only that, but I have seen websites where some error in the php code caused not only a cryptic error message to show up but a full dump with the section of source code where the error occurred. I was looking at the source code, and I thought this could be a potential security issue. You don't want your buggy code exposed to hackers. Lol

2023-02-17: Update: Excuse me, did I say something wrong? Why did you give me -2 point for this comment? Anybody wants to explain this?

2023-02-17: Update removed.

2023-02-17: Update reinserted.

2023-02-17: The words "update" were added. lol :D

Replies are listed 'Best First'.
Re^2: Error handling in a module
by hippo (Archbishop) on Feb 17, 2023 at 23:33 UTC
[reply]
Re^2: Error handling in a module
by syphilis (Archbishop) on Feb 17, 2023 at 23:12 UTC
    Excuse me, did I say something wrong? Why did you give me -2 point for this comment? Anybody wants to explain this?

    The only possible reason that I can see is that you referred to the OP's code as being buggy, though you haven't seen that code.
    I'm not so sure that actually warrants a downvote, unless you were intentionally trying to provoke the OP. (And I don't think that was your intention.)
    To be clear, I'm not one of the people who downvoted the post.

    Cheers,
    Rob
[reply]
      I'm sorry, I didn't mean to refer to his code specifically. When I say the word "your code" that's just an expression. I don't know how else to say it. Okay. The point is that it's not a good idea to expose parts of the source code by accident. especially not the part where the error occurred! because it might contain a real vulnerability which could be exploited by a hacker. And in this case the hackers can even see what's going on under the hood. So, that would help them write the exploit. If an error caused the script to display all sorts of cryptic messages with a dump of the source code, then that's a pretty serious error, I would assume. And there is a possibility that this error was caused by the programmer (faulty code maybe). Of course, it could be many other things too. But if we were to write code from scratch, I think it's better to log errors to a file in a CGI environment. Like the OP said, it's not a good idea to die with an error message.

      *Btw when I wrote, "we were to write," I didn't literally mean you and I. It was just a figure of speech.

[reply]
        When I say the word "your code" that's just an expression. I don't know how else to say it.

        A clearer way (IMO) to get the message across would have been: 
         One doesn't want one's buggy code exposed to hackers
or
 We don't want our buggy code exposed to hackers

        [download]
        Cheers,
        Rob
[reply]
[d/l]
Re^2: Error handling in a module
by kcott (Archbishop) on Feb 18, 2023 at 00:10 UTC

    G'day harangzsolt33,

    syphilis quoted you as saying:

    "Excuse me, did I say something wrong? Why did you give me -2 point for this comment? Anybody wants to explain this?"

    A question about votes must have occurred after posting; i.e. it's an update.

    As that quote no longer appears in your post, you must have deleted it; i.e. it's another update.

    That's at least two changes to your post without any "Update: ...". There may have been more changes; I don't know. You've been a member for seven years and made hundreds of posts; you should have read "How do I change/delete my post?" by now.

    If people are seeing your post changing without notification, that could be a reason why they downvoted it. That's the reason I downvoted it. Of course, the downvoting by others may have been for other reasons.

    By the way, I wasn't responsible for the "-2"; after I voted, I saw "Reputation: -3 (+2 -5)" — do note that's five monks who have downvoted your post.

    Update: And now I see that quote is back in your post but still without any "Update: ...". You're not doing yourself any favours.

    — Ken

[reply]
      Okay. Got it!
[reply]

        ++ :-)

        — Ken

[reply]

In Section Seekers of Perl Wisdom