
Originally Posted by
djr33
However, I'd like to hear what traq has to say about this. Based on his comments in the other thread, he seems to dislike error suppression more than I do, and I'm open to that. Just wondering why.
hehe 
Well, the main thing I "dislike" about it is how badly it's misused much of the time.
In general, when you finish writing a script, it should not produce any PHP errors (there might be errors, like invalid user input, or a non-existent file - what I'm talking about is PHP Notices, Warnings, Errors, or Fatal Errors).
Unfortunately, PHP is designed in such a way that that's not always possible, or -in some cases- it's actually more efficient not to check. Take this, for example:
PHP Code:
<?php
$contents = file_get_contents( 'somefile' );
What if "somefile" doesn't exist? You'll get an error. In this case, you'll get an error with a message that spits out a good portion of your server's directory structure - not good for security!
Typical, 'correct' solution:
PHP Code:
<?php
$contents = null;
if( file_exists( 'somefile' ) ){
$contents = file_get_contents( 'somefile' );
}
This is much better for security and user experience. However, you now have two function calls for doing only one thing. If almost all of your files exist, you're wasting a lot of time. In fact, it's still slower to check first if the file doesn't exist.
People will tell you that @
is very slow, and they're right. But it's still much faster than file_exists and file_get_contents (a bit slower than no error suppression on a valid file; seven times faster on an invalid file):
PHP Code:
<?php
$contents = null;
$contents = @file_get_contents( 'somefile' );
There's also some things you simply can't do without it. Suppose a user wants to do some pattern-matching and gives you a regex. The only practical way to test a regex in PHP is to try to use it, but preg_match will throw an error if the regex isn't good. So:
PHP Code:
<?php
$valid = @preg_match( $unknown_regex,"" );
In any case, I'm mostly using exceptions for error-handling now. They're nice ...overkill in most situations, but they work with object-oriented stuff much more easily.
Bookmarks