SitePoint Sponsor

User Tag List

Results 1 to 3 of 3
  1. #1
    SitePoint Enthusiast
    Join Date
    Nov 2005
    Location
    Molde, Norway
    Posts
    31
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)

    Passing configuration as array to objects

    I've been using the practice of having the whole configuration for an application in an array and passing this array to the objects that needs it.

    Today I had an experience, something went wrong and the object was written to output. Since the array was stored as a private variable in the object, the whole configuration array was also written, including username, password and host of the SQL server. It's so stupid, I actually shouldn't be admitting it here on the forum.

    No damage has happened, the SQL server is not accessible from outside, and the user can only log in locally.

    What actions do you do to prevent this?
    The server does not write error messages anymore to output.
    Software developer at ADCom Data
    My blog for dumping information

  2. #2
    SitePoint Wizard silver trophybronze trophy Cups's Avatar
    Join Date
    Oct 2006
    Location
    France, deep rural.
    Posts
    6,869
    Mentioned
    17 Post(s)
    Tagged
    1 Thread(s)
    Quote Originally Posted by paalgg View Post
    I've been using the practice of having the whole configuration for an application in an array and passing this array to the objects that needs it.
    Do you mean you pass all of your settings to every object that needs maybe only one?

    Quote Originally Posted by paalgg View Post
    Today I had an experience, something went wrong and the object was written to output. Since the array was stored as a private variable in the object, the whole configuration array was also written, including username, password and host of the SQL server. It's so stupid, I actually shouldn't be admitting it here on the forum.
    google your own site for typical error messages, check the damage, change the passwords.

    Quote Originally Posted by paalgg View Post
    What actions do you do to prevent this?
    The server does not write error messages anymore to output.
    make sure that display_errors = off is a global setting, don't be doing it on per directory or per script settings.

    Globally off, locally on only when you absolutely must, but generally send that output to your log files.

    I often have a debug mode for my scripts, but as I dev on windows and live is *nix its easy to double check for location before echoing debug to the screen.

    PHP Code:

    $DBG 
    true ;
    //$DBG = false ;

    .. later ...

    if( 
    $DBG && PHP_OS == "winnt" ){  
    // echo any debug stuff 
    // or set display_errors = on

    I've also seen similar, and used it, where you search for the existence of a local file.
    PHP Code:
    if( $DBG && file_exists"/local.flag" ) ){  
    // out put potentially dangerous things


  3. #3
    SitePoint Wizard silver trophybronze trophy Cups's Avatar
    Join Date
    Oct 2006
    Location
    France, deep rural.
    Posts
    6,869
    Mentioned
    17 Post(s)
    Tagged
    1 Thread(s)
    This old post might be of use if its the handling of errors and reporting levels you are after information about.


Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •