Error Handling In PHP (part 2) - Of Form And Function

(Page 5 of 8 )

Finally, how about a real-life example to put all this in context? The following script sets up a simple HTML form, and then uses the error-handling functions just explained to catch and resolve form input errors once the form is submitted. Take a look:

<html>
<head><basefont face="Arial"></head>
<body>
<?php
if (!$submit)
{
?>
<h2>User Profile</h2>
<form action="<?=$PHP_SELF?>" method="POST">
<b>Name</b><br>
<input type="text" name="name" size="15"><br>
<b>Age</b><br>
<input type="text" name="age" size="2" maxlength="2"><p>
<b>Email address</b><br>
<input type="text" name="email" size="20"><p>
<b>Favourite pizza topping</b><br>
<select name="topping">
<option value="">-- select one --</option>
<option value="1">Pepperoni</option>
<option value="2">Pineapple</option>
<option value="3">Red peppers</option>
<option value="4">Raw fish</option>
</select><p>
<input type="submit" name="submit" value="Save">
</form>
<?php
}
else
{
// initialize an array to hold warnings
$warningList = array();
// array mapping error codes to messages
// add new elements as required
// this should ideally be stored in a separate file
// available to all scripts in an application
$errorCodes = array(
41 => "Invalid or incomplete data",
43 => "Invalid selection",
49 => "Incomplete form input",
55 => "No database connection available",
56 => "Selected database unavailable",
58 => "Error in SQL query"
);
// ideally, the next three functions should all
// be global functions, which can be read in where required
// function which accepts an error code
// and translates it into a human readable message
// it then raises an E_USER_WARNING
function raiseWarning($code, $info="")
{
global $errorCodes;
// use code to get corresponding error message
// from $errorCodes array
$msg = $errorCodes[$code];
// if additional info available
// append it to message
if ($info != "")
{
$msg .= " -> $info";
}
// raise an error
trigger_error($msg, E_USER_WARNING);
}
// function which accepts an error code
// and translates it into a human readable message
// it then raises an E_USER_ERROR 
function raiseError($code, $info="")
{
global $errorCodes;
$msg = $errorCodes[$code];
if ($info != "")
{
$msg .= " -> $info";
}
trigger_error($msg, E_USER_ERROR);
}
// function to iterate through $warningsList
// and display warnings as bulleted list 
function displayWarnings()
{
global $warningList;
if (sizeof($warningList) > 0)
{
echo "The following non-fatal errors occurred:";
echo "<ul>";
foreach ($warningList as $w)
{
echo "<li>$w";
}
echo "</ul>";
return true;
}
else
{
return false;
}
}
// function to validate email addresses 
function is_valid_email_address($val)
{
if(trim($val) != "")
{
$pattern =
"/^([a-zA-Z0-9])+([\.a-zA-Z0-9_-])*@([a-zA-Z0-9_-])+(\.[a-zA-Z0-9_-]+)+/
";
if(preg_match($pattern, $val))
{
return true;
}
else
{
return false;
}
}
else
{
return false;
}
}
// custom error handler
function e($type, $msg)
{
global $warningList;
// log error
error_log($msg, 0);
switch($type)
{
// if warning, add message to $warningList array
case E_WARNING:
case E_USER_WARNING:
$warningList[] = $msg; 
break;
// if error, die()
case E_USER_ERROR:
die("<b>The following fatal error
occurred: $msg</b>");
break;
// everything else
default:
break;
}
}
// functions end
// adjust this as per your needs
error_reporting(E_ERROR | E_WARNING | E_USER_ERROR |
E_USER_WARNING);
// define handler
set_error_handler("e");
// check form data
// raise warnings appropriately 
if(!$name || trim($name) == "") { raiseWarning(41, "NAME"); } 
if(!$age || trim($age) == "") { raiseWarning(41, "AGE"); } 
if(!$email || trim($email) == "") { raiseWarning(41, "EMAIL
ADDRESS"); } 
if (!is_numeric($age)) { raiseWarning(41, "AGE"); }
if (!is_valid_email_address($email)) { raiseWarning(41, "EMAIL
ADDRESS"); }
if (!$topping) { raiseWarning(43, "PIZZA TOPPING"); }
// show all warnings
// if warnings exist, it means that the form data
// is invalid/incomplete
// so raise a fatal error and don't go any further
if (displayWarnings()) { raiseError(49); }
// attempt a MySQL connection
$connection = @mysql_connect("localhost", "john", "doe") or
raiseError(55);
mysql_select_db("data") or raiseError(56);
$query = "INSERT INTO users(name, age, email, topping)
VALUES('$name', '$age', '$email', '$topping')";
// execute query to input form data
$result = mysql_query($query, $connection) or raiseError(58,
$query . " -> " . mysql_error());
// success!
echo "<h2>Thank you. Your profile was successfully added.</h2>";
} ?> </body> </html>

This probably seems very complicated, so let me break it down for you. The first part of the script merely checks for the presence of the $submit variable and displays an HTML form if it is not present. Here's what the form looks like:



Now, once this form is submitted, calls to error_reporting() and set_error_handler() are used to define the error reporting level and the custom handler for the script.

<?php
// adjust this as per your needs
error_reporting(E_ERROR | E_WARNING | E_USER_ERROR | E_USER_WARNING);
// define handler
set_error_handler("e");
?>

Next, the form data is validated. In the event that it fails any of the validation tests, my custom raiseWarning() function is called, and passed a cryptic error code as argument.

<?php
// check form data
// raise warnings appropriately 
if(!$name || trim($name) == "") { raiseWarning(41, "NAME"); } 
if(!$age || trim($age) == "") { raiseWarning(41, "AGE"); } 
if(!$email || trim($email) == "") { raiseWarning(41, "EMAIL ADDRESS"); }
if (!is_numeric($age)) { raiseWarning(41, "AGE"); }
if (!is_valid_email_address($email)) { raiseWarning(41, "EMAIL
ADDRESS"); }
if (!$topping) { raiseWarning(43, "PIZZA TOPPING"); }
?>

If you look at the innards of the raiseWarning() function,

<?php
function raiseWarning($code, $info="")
{
global $errorCodes;
// use code to get corresponding error message
// from $errorCodes array
$msg = $errorCodes[$code];
// if additional info available
// append it to message
if ($info != "")
{
$msg .= " -> $info";
}
// raise an error
trigger_error($msg, E_USER_WARNING);
}
?>

you'll see that it does two very simple things. First, it uses the numeric code passed to it (and any additional information that may be available, like the form field name) to construct a human-readable error message (by mapping the error code to the global $errorCodes array). Next, it uses this error message to raise an error of type E_USER_WARNING via trigger_error().

This error will ultimately be routed to the custom error handler e(), which handles it by adding to an array named $warningList.

<?php
function e($type, $msg)
{
global $warningList;
// log error
error_log($msg, 0);
switch($type)
{
// if warning, add message to $warningList array
case E_WARNING:
case E_USER_WARNING:
$warningList[] = $msg; 
break;
// if error, die()
case E_USER_ERROR:
die("<b>The following fatal error occurred:
$msg</b>");
break;
// everything else
default:
break;
}
}
?>

Once all the form validation has been completed, a call to the displayWarnings() function takes care of displaying the errors in the form (if any).

<?php
function displayWarnings()
{
global $warningList;
if (sizeof($warningList) > 0)
{
echo "The following non-fatal errors occurred:";
echo "<ul>";
foreach ($warningList as $w)
{
echo "<li>$w";
}
echo "</ul>";
return true;
}
else
{
return false;
}
}
?>

Obviously, if displayWarnings() returns true, it implies that the form data is corrupt and so should not be used as is. And so, a fatal error is raised, via my raiseError() function.

<?php
if (displayWarnings()) { raiseError(49); }
?>

This raiseError() function is identical to the raiseWarnings() function, except that it raises an error of type E_USER_ERROR rather than of type E_USER_WARNING. This error also gets routed to the custom handler e(), which - since this is a fatal error - kills the script with an appropriate message.

<?php
function raiseError($code, $info="")
{
global $errorCodes;
$msg = $errorCodes[$code];
if ($info != "")
{
$msg .= " -> $info";
}
trigger_error($msg, E_USER_ERROR);
}
?>

Assuming no errors occurred while validating the form data, the next step is to do something with it - in this case, insert it into a database. Since any difficulty in connecting to the database and executing the query should be considered fatal, I've used the raiseError() function again to catch and handle errors that may occur during this process.

<?php
// attempt a MySQL connection
$connection = @mysql_connect("localhost", "john", "doe") or
raiseError(55);
mysql_select_db("data") or raiseError(56);
$query = "INSERT INTO users(name, age, email, topping) VALUES('$name',
'$age', '$email', '$topping')";
// execute query to input form data
$result = mysql_query($query, $connection) or raiseError(58, $query . "
-> " . mysql_error());
// success!
echo "<h2>Thank you. Your profile was successfully added.</h2>";
?>

Here are a few images demonstrating how this works in practice:

Next: Buffer Zone >>
 

More PHP Articles
More By icarus, (c) Melonfire

Comments On: Error Handling In PHP (part 2)

>>> Be the FIRST to comment on this article!