We Keep Coding

500 error when an unset framework variable is used in template

I got a mysterious error on the page routed to MainController::somefunction
Internal Server Error
Unable to open
[vendor/bcosca/fatfree/lib/base.php:2315] Base->error()
[vendor/bcosca/fatfree/lib/base.php:3130] user_error()
[tmp/1esys3p2sx9xp.3h31n1yj254w8.php:2] Preview->render()
[vendor/bcosca/fatfree/lib/base.php:2875] require('/opt/lampp/htdocs/project/tmp/1esys3p2sx9xp.3h31n1yj254w8.php')
[vendor/bcosca/fatfree/lib/base.php:3121] View->sandbox()
[app/controllers/MainController.php:41] Preview->render()
[vendor/bcosca/fatfree/lib/base.php:1928] MainController->somefunction()
[vendor/bcosca/fatfree/lib/base.php:1728] Base->call()
[index.php:12] Base->run()
In my MainController::somefunction() a variable is set to a template
$this->f3->set('content', 'products.htm');
echo \Template::instance()->render('layout.htm');
And in layout.htm has the following line
<include href="{{ #contents }}" />
The error message did not provide much useful detail. It took me a while to find out that the variable is defined as 'content' in the function but the template referenced 'contents' -- there is a missed 's'.
It would be more helpful if the error could say sth like "undefined variable". Maybe this information will find someone scratching their head.

The primary issue is that your PHP configuration is ignoring "minor issues" like undefined variables. Let PHP report all kinds of issues by calling error_reporting(E_ALL) (after loading F3). Technically, E_NOTICE is enough to report undefined variables. As soon as this flag is set, PHP can show/log (depends on your configuration) a warning and Fat-Free Framework's ONERROR handler can react to undefined variables
Undefined variable: contents
[tmp/21hg1fh3jezo8.1gkglltf97qxb.php:1] Base->{closure}()
[test.php:16] Preview->render()
I recommend to promote warnings to exceptions, too. A good example is shown in a comment of the documentation page of set_error_handler(). This change forces you to program defensively and reveals issue that otherwise would go either unnoticed or result in unexpected side-effects (like your issue).
Feel free to create a pull request against bcosca/fatfree-core that generates a helpful error message when a null file is passed to the template renderer.

#Alan T, #alan-t , right ; just starting with F3 this week i scratched my head 2 days ago with this same issue ; my 2 cents : when something like thing happens, whatever framework or library you are using, proceed with a file search project wide ; for instance in your case you can do a search for "Unable to open" to see where exactly it bugs , and i've been lucky to find the culprid line thanks to the trace with the exact line number displayed.(not the case in your issue/stact trace)
BIG Thanks to #Rayne for all this precious info regarding 'calling error_reporting(E_ALL) after loading F3'
and especially regarding promoting warnings to exceptions; i'm going to update my code base right after this reply
Thanks all to help beginners with what seems to me so far a very efficient packed framework! And the official doc is full of clever code samples when we take time to dig into it! Thanks to all f3 folks
Best regards
Raphael

Wordpress - The7 Template - On every page I have 4 Warnings and do not know how to disable it in menu or php site/content

I have a problem with my Wordpress site, more specifically, The7 template. On every page, including the main page at the bottom of page below footer I have 4 Warnings which are the same:
“Warning: call_user_func_array() expects parameter 1 to be a valid callback, function ‘wp_filter_content_tags’ not found or invalid function name in on line”
I do not know how to solve it/turn it off. Could you tell me which PHP page or what exactly cause this problem to appear? It’s really annoying. Due to the fact that it is in the main body and not in any div/b/p/etc. tag I cannot hide it with CSS just for a while.
Kind regards
Peter

Hiding error reporting on prod
On prod you want to avoid showing errors, due to security and user experience reasons. To achieve this, in PHP you can run
error_reporting(0);
or, even better, in php.ini, you can have this line
error_reporting = off
What the error means
The error tells you that a function is to be called by name, but it does not exist. wp_filter_content_tags does not exist in your context.
Solution to the error
Even though you have hidden error reporting on prod, you still need to show errors on dev and that function might do something very useful. From the doc you can see that it's located in wp-includes/media.php. So, if you do not need to call this function, then search for its calls and remove them. If you need this function, then require or include it into your files. If, for some reason you cannot remove this function (for ex. you do not want to hack a template that might have some versions in the future), but the function/file is not helpful for you, then you can implement a function with the same name.

Thank you very much for answer. I used it to find solution and in my case there is a need to change wp-config.php a little bit. It means to add these specific lines to code:
ini_set('display_errors','Off');
ini_set('error_reporting', E_ALL );
define('WP_DEBUG', false);
define('WP_DEBUG_DISPLAY', false)
In my case it worked and no more errors / warnings showed on every / main pages.
Kind Regards
Peter

How to prevent Warning: POST Content-Length and memory size

Currently when user uploads a photo the page says "Warning: POST Content-Length of XXX bytes exceeds the limit of 21000000 bytes in Unknown on line 0".
I know what that means and I am NOT looking for the solultions like the increasing the max_upload values or even memory_size_limit... Because users may and users will upload terabytes of nonsense even if you explicitly tell them only max 20MB files and only images are allowed.
I am looking for a solution on:
How to prevent this warning(s) to even happen?
OR at least:
How to prevent displaying of this warning(s)?
EDIT: PLEASE READ ! - Please understand that of course I am handling the error/warning after (since line 1) , problem is this happens on a virtual "line 0" that is why I need to hide the error or prevent it to raise - because I cant put any code before the place where the error happens.
EDIT2: Finally after a very long research and digging I got an idea - it worked - see my own answer.

So after searching instead of working today I finally got an idea how to solve this, it worked, and even didnt cause much damage. But please first understand what you are doing, before doing it. :) As I suggested in one of my comments it is really possible to turn off PHP errors in .htacess - just turn off the PHP startup warnings.
Before you apply the solution:
Note that: after you insert this code to your .htaccess you won't be able to see any
startup error
Also note that: there are more start up errors on line "0" than this one.
Do before: Before you do this you should prepare your script in the way that it should check the uploaded content size and give user a proper information message. The fact that the warning doesnt show DOES NOT mean that you should do nothing about it. It means the EXACT oposite - you should do all that you can to make something at least near-equal to the warning raise - check, double check if you can, handle error and raise your own error message.
Add this to your .htaccess:
php_flag display_startup_errors off
It is not that evil as it seems to be:
Please note that this turns off startup errors only.
So all the regular PHP errors/warnings/notices stays ON :)
Even XAMPP's PHP "itself" recommends it for production:
The php.ini file literaly says:
; display_startup_errors
; Default Value: Off
; Development Value: On
; Production Value: Off
PS: "startup error" seems to be those errors before PHP script is executed itself - these errors are usually trying to "persuade" you that they are on the line 0.
Thanks to my idea and this answer: How to disable notice and warning in PHP within .htaccess file?
EDIT: As this is a php_flag setting, you can of course also set it by default in your php.ini if you have custom instalation of PHP :)

The question is
How to prevent Warning: POST Content-Length
the answer is, without edit any config value, put this code at the very start of the file that will receive the form to be processed:
<?php // here start your php file
ob_get_contents();
ob_end_clean();
That is. No more warning, as well anything else you do not want as output on your page.
After, as suggested elsewhere you can decide what to do with:
if($_SERVER['REQUEST_METHOD'] == 'POST' && empty($_POST) && empty($_FILES) && $_SERVER['CONTENT_LENGTH'] > 0){ echo"WoW your file is too big!"; }
Maybe also chunk the file, if in another way you pass correct values about file to be processed by Php.
as explained here Warning: POST Content-Lenght ...

I've got a similar problem to you, and wondered if you'd found a satisfactory solution. Currently, my 'PHP Warning: POST Content-Length of 21010354 bytes exceeds the limit of 8388608' is in the log, and I don't think there is much I can do about it.
I've working within a Zend framework, and when a user uploads a file as above, it basically kills all the usual POST data parsing, so the response to getParams() contains none of the usual POST parameters. This means the users is getting a validation error, saying one of the fields is missing, which is misleading.
In researching this, I've found a few interesting php_ini settings you might want to look at, notably enable_post_data_reading and always_populate_raw_post_data. In my case, I'm uploading a 20M file, with a 8M post max and a 10M uploaded file max, and the result from php://input seems to be a full on 20M file, even though the post data is now empty.
So I'm going to manually check if the raw data exceeds the limit, and assume everything failed if it did (and bail). I suggest you could write your own code to parse the raw data, to populate the $_POST data. Then you can startup your code, as you wish, and only when you're ready, check if the user has uploaded more data than the limit. It's down to you, to then return an error before parsing it, or if it's ok, to parse it. As long as you set the PHP post and upload limits, to above your user limit, it should allow the user to break the rules, allowing your code to detect the breech and complain about it.

Here is the REAL solution to prevent this error properly.
Set this parameters in your php.ini :
enable_post_data_reading = On
upload_max_size=0
post_max_size=0
Warning : be sure to have this line in your form
<input type="hidden" name="MAX_FILE_SIZE" value="2048576" />
AND the MOST IMPORTANT :
be sure to check the code errors of $_FILES['file']['error']
be sure to check size of your upload in PHP too

As you have already found out for yourself, it is impossible to do it in PHP, since PHP can only catch errors from line 1 onwards.
The only way around would be to dig in the PHP source code, find where that error is thrown and remove that part from PHP sources before compiling your costume php version.
But be warned that the error message is thrown for a reason.

To Prevent this error to happen you have to check the size of the uploaded files before and in case they're to big you have to cancel the upload!
To just not show them i think it should be enough if you write in your php script
error_reporting(0);

1.You can check the file size before uploading in JavaScript but this can be tampered !
2.Check the file size after uploaded and before saving the file.
<?php
$size = filesize($uploaded_file);
if($size > $your_size_limit)
{
echo "Throw bunch of errors";
}
else
{
//save it
}
?>
3.Don't try to hide the errors to solve the problem.

Identifying a PHP problem that doesn't prints a ERROR and the code isn't yours

I've to make a website works and I don't know what to do right now. I can run it in a virtual machine with Ubuntu, on my company's server in Debian, on a WAMP... but I can't get it working in a server from a client.
I think the problem is with the gets. The form that I can't modify is sended by get, using the next url:
http://domain.com/SGAP/dades_proj_edit.php?idedit=2011854&id=&projectname=afsdfasdf&comptitle=asasfdafsdafs&codarea=ECIV&grauimp=1&codtipus=2&codsubtipus=6&subtipusdef=fdsaafasfddfs&codpais=8&clientid=2&promotor=asdfa&entfin=fsdafadsfds&impcontract=2&initdate=21%2F01%2F2011&findate=30%2F01%2F2011&uteflag=false&utepartic=&utepercent=0&descprelim=fdsadasdadfsadfs&codprojstatus=1&statusstamp=25%2F01%2F2011&cruserid=&action=update
Firefox shows a blanc page with no error. I've tried to force to show all errors with error_reporting(E_ALL) and ini_set("error_reporting", E_ALL) to show if something happens but the wait page is showed with 0 errors.
I supposed that was a $_GET error and I tried to put on the top of the page and in the end of it a <?php if($_GET["test"]) echo "Works"; ?> and call the webpage with: domain.com/SGAP/dades_proj.edit.php?test=testing and it works from top to end... I don't know where is the error.
What I can check to figure where is the white page comming? Thank you in advance!

Here's what I would do.
Start at the top of the file/stack, and add this code:
<?
$myUniqueCounter = 0;
error_log(++$myUniqueCounter . ', line ' . __LINE__ );
Then, copy and paste the error_log line all over the file/stack, and see where it stops logging.

I have occasionally seen php die without a blank output. Generally, the only way to solve this is to remove everything from the file, and then add code back in one line at a time. When it stops working, you know that whatever you just added caused the fault. You can try running php with the -l flag, to check the syntax, but this might not find the problem; the only sure way really is to just to add or remove things until the output changes.
I know this isn't much help, but there is no other way to debug the problem, short of executing php itself with a debugger... actually, you could do that; can you run php from gdb? That might help you find what is causing the issue, but no guarantees.

PHP $_GET and $_POST undefined problem

I'm new to PHP so I apologize if this is a simple problem...
I am moving a PHP site from one server to another. The new server is IIS 7.0, PHP 5.2.1, with short open tag turned "On", and I don't know how the original server was set-up (I was just given the code).
The following is the very first section of code on one of the pages:
<?
ob_start();
session_start();
if($_GET['confirm'] == 13 || $_GET['confirm'] == 14 || $_GET['confirm'] == 15 || $_GET['confirm'] == 16)
{
include("test/query/test_query.php");
}
?>
When this page executes, the following error is always shown:
PHP Notice: Undefined index: confirm in [file location].php on line 6
Also, users access this page by being redirected from the home page (which is a standard HTML page). The full URL when properly navigated to is the following:
http://www.[site].com/test.php#login
... I understand why the error is thrown. What I don't understand is how this code could ever work as it does on the original server. Could I be missing a configuration setting?
*This same issue happens in dozens of locations all over the site. This is just one specific occurrence of the issue.

The new server has error_reporting set to E_ALL. What you're seeing is a notice, not an error. Try:
error_reporting(E_ALL ^ E_NOTICE)
With error reporting set to E_ALL, accessing a member of an array which is not set generates an error. If you don't wish to lower your error reporting level, before checking $_GET['var'], change your code to:
if(isset($_GET['confirm']) && ($_GET['confirm'] == 13 || $_GET['confirm'] == 14 || $_GET['confirm'] == 15 || $_GET['confirm'] == 16)) {
by adding the call to isset() before you actually access $_GET['confirm'], you will verify that you're not accessing an array member which is not set. ($_GET['confirm'] will only be set if the URL ends in ?confirm=... or ?something...&confirm=...)

I suggest to optimize the code for reading:
if (isset($_GET['confirm']) && ($_GET['confirm'] >= 13 && $_GET['confirm'] <= 16))
And I totally agree with Josh's proposal.

Since there is no index $_GET['confirm'], PHP throws a notice that you are looking at an undefined index. The notice is being displayed because the new server has the E_NOTICE flag set in error_reporting somewhere, either in php.ini or in some config file or bootstrap that is run on pageloads.
From the php manual, E_NOTICE: "Run-time notices. Indicate that the script encountered something that could indicate an error, but could also happen in the normal course of running a script."
You can either try turning off the notices if you aren't worried about them, or use them to track down places where there may be problems.
For the code you posted, an easy fix would be to change the conditional to
if(isset($_GET['confirm']) && <list of OR conditions>)
That way PHP bails out of evaluating the conditional if there is no 'confirm' index.

isset() is a useful function. It returns "true" if the variable exists and "false" if not. Usually, people use it in conjunction with a superglobal like $_GET or $_POST to determine whether you're being sent from another page on the site - this allows you to create different actions based on where your user is coming from and what data is tagging along. It also prevents errors in trying to use variables you haven't yet defined, like the OP is getting. So instead of needing to write two different .php files and worrying about sending your user to the wrong one, you can do it all in one page.
Jay,
I'd be careful about your usage of some of these calls. <?php is more likely to work than <? . I've heard session_start() should be the very first thing set to the browser or it can cause header issues. And yes, you need to have a variable declared before you use it - if you're not typing in [file].php?confirm=[some number] as your URL, your page will break unless you amend it to allow for breaks.

That's because confirm query string variable does not seem to be set, you can check it like:
ini_set('display_errors', true);
error_reporting(E_ALL);
var_dump($_GET['confirm']);