PHP 网站的错误处理
有人可以指导我如何实现以及应该在什么阶段添加错误处理代码的正确方向吗?
网站:
社交网络,如 linkedin。平台是MySql和codeignitor PHP。 要求: 3 种错误情况:
前端类似 http 代码。在这种情况下,用户将被重定向到标准消息页面。 DB 没有什么可捕获的。
第二种情况是后端错误,例如服务器耗时过长、写入数据库时出错、其他数据库问题、代码爆炸等。预计在所有这些情况下,用户只会看到一个错误消息框,提示“有人已被已通知,请稍后重试”。与 facebook 上的情况类似,只是 facebook 根据错误类型有不同的错误文本。第二种
第三种错误类型与会话相关:Cookie 在会话期间被中断并发生超时,在这种情况下会显示请登录消息窗口。
我现在的问题是:
要捕获案例 2 中的所有各种错误,是否可以在开发过程中同时完成,还是开发人员必须返回并添加在项目结束时在代码中的每个入口点捕获错误,这可能是数百万行代码?
我的团队告诉我,在整个开发完成之前,他们并不知道情况 2 中可能发生错误的所有可能情况。但我认为无论如何,错误处理代码都是通用的。唯一除了代码之外的是我们想要捕获的错误类别的错误捕获子句以及要显示的错误消息(如果不同)可以随时添加,但底层错误代码是相同的,因此甚至可以在开发开始之前编写?< /p>
我如何找到所有可能的情况或捕获所有可能的情况,在情况 2 中可能会发生错误,其中可能有数百个用例在任何级别上发生爆炸或数据库读/写错误等。我们是否需要单独的每个代码或通用代码捕获所有?
我的开发人员也是新人,我也是,所以我认为没有人完全确定何时以及如何处理网站上的错误。在系统后端,当发生错误时,将向管理员发送一封电子邮件,我正在构建一个错误跟踪系统,以便我们可以在后端自动跟踪问题的状态、类型、注释等。
Can someone guide me in the right direction on how to implement and at what stage should i add in the error handling code?
Website:
social network like linkedin. Platform is MySql and codeignitor PHP.
Requirement: 3 cases for errors:
Front end like http codes. In this case user is redirected to a std message page. Nothing to capture at DB.
Second case is the back end errors like if server takes too long, error writing to DB, other DB issues, code blowups etc. Expected is the user in all these cases will only see an error message box that "someone has been notified, try again later". Similar to how it is on facebook except facebook has different error text based on error type.
3rd error type is session related: Cookies getting disrupted during a session and timeouts occuring in which case display a please login message window.
My question is now:
To capture all various errors that fall within case 2, can it be done at the same time development is in progress or do the developers have to go back and add in the error catching at end of project at each entry point in code which could be millions of lines of code?
My team is telling me they don't know all possible cases that an error can occur within case 2 until entire development is complete. But i argue that error hadling code is general no matter what. Only addition to code is an error catching clause for the error category we want to capture and the error message to dislay if different which can be added at any time but the underlying error code is same so it can be written even before development starts?
How do I find all the possible or catch for all possible cases an error can occur in case 2 which there can be hundreds of usecases of something blowing up at any level or DB read/write errors, etc. Do we need separate code for each or a common code catching all?
My developers are new too and so am I so I dont think anyone is exactly sure on when and how to approach the error handling on the site. On the backend of system when an error occurs an email will be sent to admin and I am building an error tracking system so we can keeptrack of issues in the backend automatic with status, type, notes, etc.
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(2)
两者都有,但通常只是在开发过程中需要。实际上,考虑每行代码可能会产生哪些类型的错误(尤其是从外部或数据库源获取数据时)非常重要,因此您需要在每个步骤中考虑所有这些错误。为了帮助在一切就绪之后插入特殊情况处理,这是主 错误处理功能开始发挥作用。只需注意哪些错误级别永远不会触发您的自定义错误处理。您可能还对
Exception
类感兴趣。同样,为了通过仅在更少的位置进行更新来更轻松地插入特殊情况处理,请将 Exception 类扩展为您自己的特殊错误对象。与#1 类似。恕我直言,你是对的。在某些情况下,他们也是如此。一个开发人员实际上无法知道其他开发人员的代码会生成什么类型的错误,直到他们看到代码或掌握其最终文档。
再次离开问题#1,使用自定义错误处理函数或扩展 Exception 类(甚至制作单独的类来处理数据库 try/catch 与文件访问 try/catch 等),这应该会有很大帮助。假设您发现数据库可能会吐出一个新的可能错误。如果您已经将连接和查询函数封装在 try/catch 块中,则只需在扩展的 Exception 类中添加处理脚本,而不用在数据库函数所在的任何位置添加处理脚本。例如,您可以选择对所有数据库连接执行类似的操作。在这种情况下,
DB_Exception
是Exception
的扩展版本,它本身可以执行任意数量的故障排除任务:您还可以拥有扩展的
Exception
code> 类引用由$code
构造参数枚举的一组预设响应。但是,您确实不应该尝试对您可能遇到的每个可能出现的数据库错误应用特殊的错误处理。在大多数情况下,只需获取 MySQL 错误文本(无论是什么)并将其转发给您的管理员,这样效率更高,负担也更轻。至于您向用户显示的文本,最好始终保持简单且信息丰富,同时绝对不透露网站的内部运作情况。示例:您的数据库服务器崩溃或有人错误地设置了文件权限:您应该告诉用户的是“抱歉,技术困难,此特定内容目前不可用,我们的工作人员已通知,请稍后再试。如果紧急电子邮件 < a href="/cdn-cgi/l/email-protection" class="__cf_email__" data-cfemail="afdcc0efdcc081ccc0c2">[电子邮件受保护] 或致电 555-1212 联系支持人员。”。您还可以根据
Exception
$code
参数执行预设消息,与上面相同,但在发生站点攻击时不提供任何帮助。另外,“在系统后端,当发生错误时,将向管理员发送电子邮件”实际上并不是一个好主意。用户可能只是坐在那里一遍又一遍地点击刷新,直到它神奇地再次开始工作。您很容易陷入电子邮件风暴。一种可能的解决方案是运行 10 分钟的 cron 作业检查以查看过去 10 分钟内错误日志是否已修改,然后通过电子邮件发送新日志条目的摘要。或者,如果您有故障单系统,则仅当该主题的打开单不存在时,才让错误脚本打开一个故障单系统。
Both, but generally just needed while development is in progress. It's actually crucial to consider what types of errors each line of code could produce on its own (especially if grabbing data from external or DB sources), so you need to account for all that at each step. To help insert special case handling after everything is already in place, this is where a master error handling function comes into play. Just take note of what error levels will never even trigger your custom error handling. You may also be interested in the
Exception
class. Again, to allow for easier inserting of special case handling by only having to make updates in fewer spots, extend theException
class into your own special error object.Kind of the same question as #1. IMHO, you are correct. And in some cases, so are they. One developer really can't know what types of errors another developer's code would generate until they see the code or get a hold of its final documentation.
Again going off question #1, using custom error handling functions or extending off the
Exception
class (even making separate classes for handling DB try/catches vs file access try/catches, etc), this should help significantly. Say you discover a new possible error your DB could spit out. If you already have the connect and query functions wrapped in try/catch blocks, you need only add the handling script in your extendedException
class, and not wherever your DB functions exist. For example, you may opt to just do something like this for all your db connects.DB_Exception
in this cases is your extended version ofException
, which could itself do any number of troubleshooting tasks on its own:You could also have your extended
Exception
class reference a set of canned responses enumerated by the$code
construct argument. But, you really should not try to apply special error handling to every conceivable DB error you may get. It's much more efficient and way less a burden to most of the time just grab the MySQL error text whatever it may be and forward that to your admins.As for the text you display to the user, it's best to always keep it simple and informative while giving absolutely nothing away about the inner workings of your website. Example: your DB server crashes or someone mistakenly misset file permissions: all you should tell the user is "Sorry, technical difficulties, this particular content is not available just now, our staff has been notified, please try again later. If urgent email [email protected] or call support at 555-1212.". You could also do the canned message based off the
Exception
$code
argument, same as above, but give nothing that will help in the event of a site attack.Also, "On the backend of system when an error occurs an email will be sent to admin" Not actually a good idea. The user may just sit there hitting refresh over and over until it magically starts working again. You could easily be caught in an email storm. One possible solution is to run a 10-minute cron job checking to see if the error log has been modified in the last 10 minutes, and email a summary of new log entries instead. Or, if you have a trouble ticket system, have the error script open one only if an open ticket on the topic doesn't exist.