Hide All Error Messages PHP

PHP Error messages showing up in your web applications are a dangerous thing. Not only does it look unprofessional, but it is also a serious security concern!

Once you have completed debugging your website or web application you can place the following one liner at the beginning of your code, this will turn off error reporting and therefore make sure that no application details are spilled to your users.


If a single line of code is causing the problems it is safer to use the at symbol (@) to suppress any errors it may cause.
You can also use “or die()” to stop the execution of your code after the suppressed error in case the remainder of your code relies on that function to return a value.
In the example below we will use the “@” and “or die” to handle everything:

@mysql_query("SELECT * FROM `anInvalidTableName`") or die("There was an error! ".mysql_error());

It is also good practice to make sure that all variables are set and are not empty before trying to access them.

For example:

if (isset($myVar) && !empty($myVar)) {
  // $myVar is now safe to use!