Turning On PHP Errors.
For security reasons, most web servers have PHP errors turned off. This makes sense on live sites since you really wouldn’t want people to see all your root paths if something went wrong. But what if you want to create a testing environment, then turning on PHP errors would be invaluable.
If you have access to your php.ini file, turning on PHP errors is as simple as opening up the file in your favorite code editor (I use Dreamweaver) and looking for the display_errors directive. The block of code should look something like this:; With this directive set to off, errors that occur during the execution of ; scripts will no longer be displayed as a part of the script output, and thus, ; will no longer be exposed to remote users. With some errors, the error message ; content may expose information about your script, web server, or database ; server that may be exploitable for hacking. Production sites should have this ; directive set to off. ; Print out errors (as a part of the output). For production web sites, ; you're strongly encouraged to turn this feature off, and use error logging ; instead (see below). Keeping display_errors enabled on a production web site ; may reveal security information to end users, such as file paths on your Web ; server, your database schema or other information. display_errors = Off
Set display_errors to “On”, save and upload your php.ini file and your testing environment is ready.If you are on a shared server, you might not be able to access the php.ini, but you can still turn PHP errors on by adding these lines to your .htaccess file. If you don’t have an .htaccess file, just create one and add it to your site’s root directory.
# display php errors php_flag display_startup_errors on php_flag display_errors on php_flag html_errors onIf the two methods above are not in the realm of possibilities for you, your last chance is to add a few lines of PHP directly to the file you’re testing. At the top of your PHP file, include the following:
<?php
ini_set('display_errors', 1);
error_reporting(E_ALL);
?>
I have found that this won’t always work on server’s with high level security settings, but it is worth trying if the other two options are not available to you.
