This is an oft-repeated meditation, but we can all use a little reminding now and then.

In a production system, error-checking and logging are not optional activities. They are an essential component of its health and continued operation. In a way, they go hand-in-hand.

Error-checking should be done on every single untrusted value that enters a sub-routine. Every check that fails should log an error. Potentially, an error should be thrown, possibly even a fatal one.

An untrusted value is one that comes from a source that is not a subroutine you wrote yourself. A non-exhaustive list would include:

  1. User input. Users are the immediate cause of 99% of all errors in a program. (The real cause is poor programming.) The darned things seem to find every case you didn't account for. It's almost funny, sometimes.
  2. WWW input. This is user input, but it's a special case cause people seem to have this notion that stuff off the WWW is somehow going to be perfect. It's not.
  3. Modules. Just cause merlyn wrote it doesn't mean it works. He's human, too, you know. In addition, the module might have encountered an error condition and is returning that value to you to indicate what happened.
  4. Built-in functions. How many times have you seen someone write: 
    open HANDLE, ">myfile";

    [download]
    What if there is no space on the drive? The program will crash the first time HANDLE is written to, cause it wasn't opened successfully.
  5. Databases (and other stored data). Just cause you wrote it doesn't mean someone else didn't change it behind your back.
Yes, it is theoretically possible to overdo error-checking. I've never seen that happen, though. I love seeing functions with 100 lines of error-checking and 20 linse of actual work. They give me warm fuzzies.

As for logging ... it's usually the only way you know what your program has done. When I write something, it spews out tons of crap onto the screen. 99% of it, I will never use. 99% of the time, I won't use the other 1%. That 1% of the time ... My! how that 1% of the logging has saved me days of work. (No exagerration!)

Newer programmers seem to have this idea that logging and error-checking are both a waste of time. On the contrary, they are the greatest time-saving tools we as programmers have! Ask any person who's been programming for more than five years. Heck, even hackers do it. :-)

Update: Added databases to the listed of untrusted sources as per scain. Thanx!

------
We are the carpenters and bricklayers of the Information Age.

Don't go borrowing trouble. For programmers, this means Worry only about what you need to implement.

In reply to Error-checking and logging by dragonchild

Title:
Use:  <p> text here (a paragraph) </p>
and:  <code> code here </code>
to format your post, it's "PerlMonks-approved HTML":


  • Posts are HTML formatted. Put <p> </p> tags around your paragraphs. Put <code> </code> tags around your code and data!
  • Titles consisting of a single word are discouraged, and in most cases are disallowed outright.
  • Read Where should I post X? if you're not absolutely sure you're posting in the right place.
  • Please read these before you post! —
  • Posts may use any of the Perl Monks Approved HTML tags:
    a, abbr, b, big, blockquote, br, caption, center, col, colgroup, dd, del, details, div, dl, dt, em, font, h1, h2, h3, h4, h5, h6, hr, i, ins, li, ol, p, pre, readmore, small, span, spoiler, strike, strong, sub, summary, sup, table, tbody, td, tfoot, th, thead, tr, tt, u, ul, wbr
  • You may need to use entities for some characters, as follows. (Exception: Within code tags, you can put the characters literally.)
            For:     Use:
    & &amp;
    < &lt;
    > &gt;
    [ &#91;
    ] &#93;
  • Link using PerlMonks shortcuts! What shortcuts can I use for linking?
  • See Writeup Formatting Tips and other pages linked from there for more info.