I have a custom error-handler class (actually it's an exception handler)
So, when an exception is thrown, then it'll be caught and stored in the error-handler class..
After all the execution, All the errors will be shown by the class..
Is it a good or bad practice ? Does it really hurt performance ?
terryds 0 Newbie Poster
Recommended Answers
Jump to PostI totally agree with it being bad. Bad if you allow your user to see it. Errors about your script, database, config file, ando other site related settings must be keep private and must be recorded in the log file.
Jump to PostExceptions can be very useful when you're devloping the code or handing it off to somebody else to extend - or even to store details in a log file. But as mentioned, they shouldn't really be used for general consumption. If you want to pass info to the user that …
All 6 Replies
marqusG 0 Newbie Poster
If it is a bad or a good practice depends on what exaclty does the code where you use your class, how many errors can potentially be shown to the user and so on. For instance, if you're building a login page, it's absolutelky a good practice collect error in username, error in password, erro in captcha and then show them to the user, so he/she can correct them all. But if you're doing a long process can be more useful show errors when they occur.
I would'nt worry about performances: it's just a millisecond issue.
lorenzoDAlipio 24 Junior Poster in Training
I totally agree with it being bad. Bad if you allow your user to see it. Errors about your script, database, config file, ando other site related settings must be keep private and must be recorded in the log file.
veedeoo 474 Junior Poster Featured Poster
I really don't know why it has to be on the front-end. if that is the intension of the OP, IMHO , we don't tell the user if something is wrong in the back-end unless it is a user related such as 'we are conducting a maintenance at this time, please come back later'. Giving so much information about your errors can lead to vulnerability exposure.
In fact, when we write an application we always suppressed possible errors e.g. @exec('ffmpeg').
diafol
Exceptions can be very useful when you're devloping the code or handing it off to somebody else to extend - or even to store details in a log file. But as mentioned, they shouldn't really be used for general consumption. If you want to pass info to the user that something went wrong, a general statement should suffice - no need for any granularity - they don't need to know that there's an error in the "PDO exec() part of the update_SQL function on line 1009 in file mydbconnection.php" for example.
marqusG 0 Newbie Poster
Let me precise my thought. I meant speak about custom error messages, not standard. You never have to say what's went wrong with your code, as it ahs been said, to avoid security issues. But since in several cases you need to provide some feedback to the user, it's absolutely a good practice using oop to collect exceptions and, let's say, store in a log file the error message and give to the user another generic message.
I'm sorry for having not be precise enough.
matrixdevuk 71 6t9.me Founder
Even if it's a millisecond, you should still be somewhat critical. Think about it. If your site got popular over night for some reason, those milliseconds would add up fairly quickly. Try to design something that will cause the least delay possible. <1ms is good.
Be a part of the DaniWeb community
We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.