I have a function that returns 1 if its all ok, and if there is any error it returns the error, that I will print.
$do_function = function();
if ($do_function == 1) {
// Its OK
} else {
$errors[] = $do_function;
// Then I will print the errors
}
I’m worried that the function may return some critical information due to an unanticipated error or something, of course I did not put any return with information the user should not see.
Are we talking errors (in that PHP generated an error, or an error occurred processing a SQL statement, etc) or are we talking a validation error, meaning, the user forgot to fill out the Name on the form, or the Quantity, etc.
The first should be hidden from the user and logged to an error report, but latter should be displayed to the end user.
As I said: “I did not put any return with information the user should not see”. I have an error handler for “mysqli_error” errors, an “error_log” document for PHP errors, an a console.txt for other things.
All “returns” that the function have are strings like cpradio said, ex: “Introduce a username”.
I see it safe, but I don’t know if in some case a function may return something no preset in a return, because as you can see in the first post everything returned will be printed, if its not a “1”.
The only way to find out is by examining the function. MySQL error messages do tend to give away too much information. The way to prevent it is to use custom error messages.
You can set up test cases to force the function to give you the errors. Then you can replace the undesirable ones with custom ones.
I test it and the MySQL errors, are handled and printed in a document I can only see. The return errors of the function are custom like: return “Introduce a username”;, as I said if its that what you mean.