Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations Westi on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Simple Error Logging Questions

Status
Not open for further replies.
superslurpee

superslurpee

Programmer
May 15, 2002
108
Hi,

I need some clarification regarding error logging. I'm on a shared server and want all errors to be written to a log file instead of the browser. I'm using error_log(string, 3, file) to write to a file and have display_errors off and log_errors on. I have the following questions:

1. File Permissions - I've noticed the file has to exist and have write/execute permissions to write to otherwise nothing happens (file isn't created or nothing is appended). Should I be including a check to see if a log file exists and create/set permissions before calling error_log?

2. Security - Where should this log file be located? Having a file with write/execute permissions in the web root would be dangerous and accessible from the browser. If it should go above the web root, how do I access it?

3. I have seen fopen instead of error_log. I would assume error_log is more appropriate for errors but is it? Is one better?

I just need an effective and secure way of taking all possible errors and logging them instead of sending them to the browser. Everything I read about error logging assumes access to the entire server and makes it seem so simple. Even php.net just says to use "type 3 to send the error to a file". A little explanation about how to do that would be nice!

I would appreciate any comments on what I should know regarding logging errors.

Thank you in advance!

Darth Slurpee
--At last we will reveal ourselves to the SEV employees--
 
Sort by date Sort by votes
I would write my script so that it uses a different filename each day (errror20060306.log, for example), but writing all files into the same directory.

That directory should be outside of the document root of the web site to make it as hard as possible for hostile entities to get to the logs. I would create a separate directory and give the user as which your scripts run (which for a web app is the user as which your web server runs) write permission to the directory. This should ensure that your script be able to create files as necessary. With that precaution in place, I would not worry about error-checking logfiles.

If you are writing your logs to a file, I don't know whether there is all that much of a functional difference between using fopen() or error_log(). The differences between the two functions come more into play when you use error_log() with syslog or by e-mailing errors. In your case, the real advantage to using error_log() is probably code maintainability -- six months from now you may not remember why your script is using fwrite() to periodically write data to a file, but if you use error_log(), what is going on will be self-evident. Also, error_log() is a little cleaner in that you don't have to either be constantly reopening the file or carrying a file handle around when you never use it.



Want the best answers? Ask the best questions! TANSTAAFL!
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

mervgh
  • Locked
  • Question
My own custom error handler
Replies
1
Views
286
Chris Miller
Chris Miller
EdLentz
  • Locked
  • Question
I need a simple example of how to send a table of info .
Replies
8
Views
489
EdLentz
EdLentz
Krus1972
  • Locked
  • Question
Syntax Error - Confused 1
Replies
2
Views
175
spamjim
spamjim
notsoevilgenius
  • Locked
  • Question
Error Updating From mySQL To MySQLi
Replies
2
Views
166
vacunita
vacunita
someoneneedshelps
  • Locked
  • Question
simple dom problem
2 3
Replies
50
Views
817
someoneneedshelps
someoneneedshelps

Part and Inventory Search

Sponsor

Back
Top