check for duplicate email entry using php - php

I am trying to check for duplicate emails in a form submit.
My php looks like this
$value = $_POST['name'];
$value2 = $_POST['email'];
$value3 = $_POST['address'];
$value4 = $_POST['city'];
$value5 = $_POST['state'];
$value6 = $_POST['zip'];
$value7 = $_POST['primary'];
$value8 = $_POST['secondary'];
$sql = "INSERT INTO fusiodoseOne (`name`, `email`, `address`, `city`, `state`, `zip`, `primary`, `secondary`) VALUES ('$value', '$value2', '$value3', '$value4', '$value5', '$value6', '$value7', '$value8')";
if(!mysql_query($sql)){
die('Error : ' . mysql_error());
}
//
function createUser($email){
$sql = "SELECT count(email) FROM fusiodoseOne WHERE email='$value2'" ;
$result = mysql_result(mysql_query($sql),0) ;
if( $result > 0 ){
die( "There is already a user with that email!" ) ;
}//end if
What am i doing wrong. The duplicate email entries are still going through
The jquery looks like this
$.post("demo.php",$(this).serialize(),function(data){
$('.successMessageHolder').show();
$('.alertMsg').hide();
});


I don't get the createUser() function.
First: You pass $email as a param, but don't use it, i.e. you use $value2 instead which is in global scope and you can't access it unless you pass it as a parameter ($email in your case) or declare global in function body. It seems it should be:
function createUser($email){
$sql = "SELECT count(email) FROM fusiodoseOne WHERE email='$email'" ;
$result = mysql_result(mysql_query($sql),0) ;
if( $result > 0 ){
die( "There is already a user with that email!" ) ;
}//end if
Second: At what point exactly is the function called? This is a definition, but where and how is it used?

Related

PHP Insert into PostgreSQL

So it's probably a really stupid/basic question, but i have this simple PHP function (which works) and inserts data into a PostgreSQL DB.
My issue is when it encounters specific data;
function insertData($pg, $csvfile)
{
$x = 0;
foreach ($csvfile as $data)
{
$email = $csvfile[$x]['email'];
$name = $csvfile[$x]['name'];
$surname = $csvfile[$x]['surname'];
$query = "INSERT INTO users (email, name, surname) VALUES ('$email', '$name', '$surname')";
$result = pg_query($pg, $query);
$x++;
}
}
And while this works, it falls over with a surname such as:
O'hare
And obviously this occurs because then the PHP code comes out as:
...VALUES ('john#example.com', 'John', 'O'hare')";
but im not sure of how i should be structuring the PHP to allow for this.

Try this:
function insertData($pg, $csvfile) {
$nbr = count(file($csvfile));
for($i=0; $i<$nbr; $i++) {
$email = pg_escape_string( $csvfile[$i]['email'] );
$name = pg_escape_string( $csvfile[$i]['name'] );
$surname = pg_escape_string( $csvfile[$i]['surname'] );
$query = "INSERT INTO users (email, name, surname) VALUES ('$email', '$name', '$surname')";
$result = pg_query($pg, $query);
if (!$result) {
echo "Error while executing the query: " . $query;
exit;
}
}
}

You need to escape the string parameters. And it is much better if you can use PDO extension, because prepared statements can take care of escaping for you and also helps with preventing SQL injection and some other security concerns.
function insertData(PDO $dbh, $csvfile) {
$x = 0;
foreach ($csvfile as $data)
{
$query = "INSERT INTO users (email, name, surname) VALUES (?, ?, ?)";
$params = [
$csvfile[$x]['email'],
$csvfile[$x]['name'],
$csvfile[$x]['surname']
];
$statement = $pdo->prepare($query);
$statement->execute();
$x++;
}
}
PDO::prepare
PDOStatement::execute

Solution using prepared query
function insertData($dbname, $tbname, $csvfile)
{
$result = [];
// Connect to a database named "mary"
$dbconn = pg_connect("dbname=$dbname");
// Prepare a query for execution
$result = pg_prepare($dbconn, "my_query", 'INSERT INTO $1 (email, name, surname) VALUES ($2, $3, $4)');
// Execute the prepared query. Note that it is not necessary to escape
foreach ($csvfile as $data)
{
$email = $data['email'];
$name = $data['name'];
$surname = $data['surname'];
$query = "";
$result[] = pg_execute($dbconn, "my_query", array($tbname, $email, $name, $surname));
}
if (in_array(false, $result) )
return false;
else
return true;
}
$dbname = "your dbname";
$tbname = "name of table";
$csvFile = [];
if (insertData($dbname, $tbname, $csvFile))
echo "Data inserted";
else
echo "Data not inserted";

So i took note of the suggestions from #Karsten Koop and #TOH19, and came up with this code which is working;
function insertData($pg, $csvfile)
{
$x = 0;
foreach ($csvfile as $data)
{
$email = pg_escape_string($csvfile[$x]['email']);
$name = pg_escape_string($csvfile[$x]['name']);
$surname = pg_escape_string($csvfile[$x]['surname']);
$query = "INSERT INTO users (email, name, surname) VALUES ('".$email."', '".$name."', '".$surname."')";
$result = pg_query($pg, $query);
$x++;
}
}

Concatenation of strings not working..!

I am using php mysql pdo in here and trying to concatenate fname and lname but nothing going right am encountering {"error":true,"error_msg":"Unknown error occurred in registration!"} ..plzz help me out,pardon me if am wrong
.php
<?php
/*
starts with database connection
and gives out the result of query
in json format
*/
require_once 'DB_Functions.php';
$db = new DB_Functions();
// json response array
$response = array("error" => false);
//proceed if fields are not empty
if (!empty($_POST['salutation']) && !empty($_POST['fname']) && !empty($_POST['mname']) && !empty($_POST['lname']) && !empty($_POST['pob']) && !empty($_POST['dob']) && !empty($_POST['qualification']) && !empty($_POST['pg']) && !empty($_POST['pgy']) && !empty($_POST['graduation']) && !empty($_POST['gy']) && !empty($_POST['schooling']) && !empty($_POST['sy']) && !empty($_POST['religion']) && !empty($_POST['caste']) && !empty($_POST['subcaste']) && !empty($_POST['familyname']) && !empty($_POST['fathername']) && !empty($_POST['mothername']) && !empty($_POST['brothers']) && !empty($_POST['sisters'])){
//reciving the post parameters
$salutation =$_POST['salutation'];
$fname = trim($_POST['fname']);
$mname = trim($_POST['mname']);
$lname = trim($_POST['lname']);
$pob = trim($_POST['pob']);
$dob = trim($_POST['dob']);
$qualification = trim($_POST['qualification']);
$pg = trim($_POST['pg']);
$pgy = trim($_POST['pgy']);
$graduation = trim($_POST['graduation']);
$gy = trim($_POST['gy']);
$schooling = trim($_POST['schooling']);
$sy = trim($_POST['sy']);
$religion = trim($_POST['religion']);
$caste = trim($_POST['caste']);
$subcaste = trim($_POST['subcaste']);
$familyname = trim($_POST['familyname']);
$fathername = trim($_POST['fathername']);
$mothername = trim($_POST['mothername']);
$brothers = trim($_POST['brothers']);
$sisters = trim($_POST['sisters']);
/*
validation process
begins from here
*/
// create a new user profile
$user = $db->storeUserProfile($salutation, $fname, $mname, $lname, $pob, $dob, $qualification, $pg, $pgy, $graduation, $gy, $schooling, $sy, $religion, $caste, $subcaste, $familyname, $fathername, $mothername, $brothers, $sisters);
if ($user){
// user stored successfully as post params passed
$response["error"] = false;
$response["uid"] = $user["id"];
$response["user"]["salutation"] = $user["salutation"];
$response["user"]["fname"] = $user["fname"];
$response["user"]["mname"] = $user["mname"];
$response["user"]["lname"] = $user["lname"];
$response["user"]["pob"] = $user["pob"];
$response["user"]["dob"] = $user["dob"];
$response["user"]["qualification"] = $user["qualification"];
$response["user"]["pg"] = $user["pg"];
$response["user"]["pgy"] = $user["pgy"];
$response["user"]["graduation"] = $user["graduation"];
$response["user"]["gy"] = $user["gy"];
$response["user"]["schooling"] = $user["schooling"];
$response["user"]["sy"] = $user["sy"];
$response["user"]["religion"] = $user["religion"];
$response["user"]["caste"] = $user["caste"];
$response["user"]["subcaste"] = $user["subcaste"];
$response["user"]["familyname"] = $user["familyname"];
$response["user"]["fathername"] = $user["fathername"];
$response["user"]["mothername"] = $user["mothername"];
$response["user"]["brothers"] = $user["brothers"];
$response["user"]["sisters"] = $user["sisters"];
$response["user"]["uuid"] = $user["unique_id"];
$response["user"]["created_at"] = $user["created_at"];
$response["user"]["updated_at"] = $user["updated_at"];
echo json_encode($response);
} else {
// user failed to store
$response["error"] = true;
$response["error_msg"] = "Unknown error occurred in registration!";
echo json_encode($response);
}
}else{
//missing the required fields
$response["error"] = true;
$response["error_msg"] = "Please fill all the required parameters!";
echo json_encode($response);
}
?>
this is the database part using pdo.
php
public function storeUserProfile($salutation, $fname, $mname, $lname, $pob, $dob, $qualification, $pg, $pgy, $graduation, $gy, $schooling, $sy, $religion, $caste, $subcaste, $familyname, $fathername, $mothername, $brothers, $sisters){
try {
$characters = '0123456789';
$uuid = '';
$random_string_length = 6;
for ($i = 0; $i < $random_string_length; $i++) {
$uuid .= $characters[rand(0, strlen($characters) - 1)];
}
$sql = "INSERT INTO profile_info(salutation, fname, mname, lname, fullname, pob, dob, qualification, pg, pgy, graduation, gy, schooling, sy, religion, caste, subcaste, familyname, fathername, mothername, brothers, sisters, unique_id, created_at) VALUES ( '$salutation', '$fname', '$mname', '$lname', '$fname'.', '.'$lname', '$pob', '$dob', '$qualification', '$pg', '$pgy', '$graduation', '$gy', '$schooling', '$sy', '$religion', '$caste', '$subcaste', '$familyname', '$fathername', '$mothername', '$brothers', '$sisters', '$uuid', NOW())";
$dbh = $this->db->prepare($sql);
if($dbh->execute()){
//concatenate the strings
$sql = "UPDATE profile_info SET fullname = CONCAT(fname, ', ', lname)";
$dbh = $this->db->prepare($sql);
$dbh->execute();
// get user details
$sql = "SELECT * FROM profile_info WHERE familyname = '$familyname' LIMIT 1";
$dbh = $this->db->prepare($sql);
$result = $dbh->execute();
$rows = $dbh->fetch();
$n = count($rows);
if($n){
return $rows;
}
}
}
catch (Exception $e) {
die('Error accessing database: ' . $e->getMessage());
}
return false;
}

The concatenation of first name and last name in your INSERT query is incorrect. Use a $fullname variable to specify full name of the person, and use that variable in your INSERT query. That way you won't have to update the row because you have already inserted the row with the correct full name.
Your code should be like this:
// your code
$fullname = $fname . ", " . $lname;
$sql = "INSERT INTO profile_info(salutation, fname, mname, lname, fullname, pob, dob, qualification, pg, pgy, graduation, gy, schooling, sy, religion, caste, subcaste, familyname, fathername, mothername, brothers, sisters, unique_id, created_at) VALUES ( '$salutation', '$fname', '$mname', '$lname', '$fullname', '$pob', '$dob', '$qualification', '$pg', '$pgy', '$graduation', '$gy', '$schooling', '$sy', '$religion', '$caste', '$subcaste', '$familyname', '$fathername', '$mothername', '$brothers', '$sisters', '$uuid', NOW())";
$dbh = $this->db->prepare($sql);
if($dbh->execute()){
// get user details
$sql = "SELECT * FROM profile_info WHERE familyname = '$familyname' LIMIT 1";
$dbh = $this->db->prepare($sql);
$result = $dbh->execute();
$rows = $dbh->fetch();
$n = count($rows);
if($n){
return $rows;
}
}
// your code

If I understand the issue properly, the values are not being inserted because you are executing, instead, a SELECT statement. SELECT statements do not modify table data. You would instead do something like this:
UPDATE profile_info SET fullname = CONCAT(fname, ', ', lname);
Note, this would update the entire table....
This will fill in a pre-existing column with the new concatenated value made from the fname and lname values of each row.
Of course, if your table does not currently have a column for fullname, add one:
ALTER TABLE profile_info ADD COLUMN fullname varchar(25);
UPDATE
Take this line out:
$sql = UPDATE profile_info SET fullname = CONCAT(fname, ', ', lname);
And change this line:
$sql = "INSERT INTO profile_info(salutation, fname, mname, lname, fullname, pob, dob, qualification, pg, pgy, graduation, gy, schooling, sy, religion, caste, subcaste, familyname, fathername, mothername, brothers, sisters, unique_id, created_at) VALUES ( '$salutation', '$fname', '$mname', '$lname', '$fname'.', '.'$lname', '$pob', '$dob', '$qualification', '$pg', '$pgy', '$graduation', '$gy', '$schooling', '$sy', '$religion', '$caste', '$subcaste', '$familyname', '$fathername', '$mothername', '$brothers', '$sisters', '$uuid', NOW())";
You'll see I added 'fullname' in the columns list, and this in the values list: '$fname'.', '.'$lname',
using PHP's concatenation operator .
The correct way to accomplish this is to simply concatenate the values and insert them at the very same time you insert the rest of the values. Let me know if that does it for you.
A side note, editing your original code does make the question more confusing for viewers who came in after the edits were made. Consider adding notes about any edits to the code, instead of editing the original example.

mysql real escape string not letting insert data

i have a form for job post now whenever user enters data and i use mysql real escape string it insert blank data in mysql what could be the reason?
here is the code of site. the thing is i can't trust user input that's why i want to use mysql_real_escape string . i have been trying and changing codes from 2 hours but none of them gave me good result!
function test_input($data) {
$data = trim($data);
$data = stripslashes($data);
$data = mysql_real_escape_string($data);
return $data;
}
$userid1 = $_SESSION['username2'];
$email= test_input($_POST['email']);
$salary= test_input($_POST['salary']);
$job_title = test_input($_POST['jtitle']);
$company = test_input($_POST['company']);
$company = mysql_real_escape_string($_POST['company']);
$location = test_input($_POST['location']);
$jobtype = test_input($_POST['jobtype']);
$description = test_input($_POST['description']);
$closingdate = test_input($_POST['closingdate']);
$application = test_input($_POST['application']);
$phone = test_input($_POST['phone']);
$company_description = test_input($_POST['company_description']);
$co_video = test_input($_POST['co_video']);
$website = test_input($_POST['website']);
$fbid = test_input($_POST['fbid']);
$twid = test_input($_POST['twid']);
function create_slug($string){
$replace = '-';
$string = strtolower($string);
//replace / and . with white space
$string = preg_replace("/[\/\.]/", " ", $string);
$string = preg_replace("/[^a-z0-9_\s-]/", "", $string);
//remove multiple dashes or whitespaces
$string = preg_replace("/[\s-]+/", " ", $string);
//convert whitespaces and underscore to $replace
$string = preg_replace("/[\s_]/", $replace, $string);
//limit the slug size
$string = substr($string, 0, 100);
//slug is generated
return $string;
}
$string = $job_title;
$slug = create_slug($string);
$query = mysqli_query($con, "SELECT * FROM `job` WHERE `url` LIKE '".$slug."%'");
$exists = mysqli_fetch_array(mysqli_query($con,"SELECT count(id) as notify FROM `job` where `url` LIKE '".$slug."%'"));
$notify = $exists['notify'];
if ($notify > 0)
{
$new_number = $notify + 1;
$newslug = $slug."-".$new_number;
$run = mysqli_query($con, "INSERT INTO `job` (`email`, `salary`, `username`, `job_title`, `company_name`, `location`, `job_type`, `description`, `phone`, `closing_date`, `application_url`, `company_description`, `video`, `website`, `fb`, `tw`, `category`, `url`) VALUES ('".$email."', '".$salary."', '".$userid1."', '".$job_title."', '".$company."', '".$location."', '".$jobtype."', '".$description."', '".$phone."', '".$closingdate."', '".$application."', '".$company_description."', '".$co_video."', '".$website."', '".$fbid."', '".$twid."', '".$lt."' , '".$newslug."')");
} else{
$run = mysqli_query($con, "INSERT INTO `job` (`email`, `salary`, `username`, `job_title`, `company_name`, `location`, `job_type`, `description`, `phone`, `closing_date`, `application_url`, `company_description`, `video`, `website`, `fb`, `tw`, `category`, `url`) VALUES ('".$email."', '".$salary."', '".$userid1."', '".$job_title."', '".$company."', '".$location."', '".$jobtype."', '".$description."', '".$phone."', '".$closingdate."', '".$application."', '".$company_description."', '".$co_video."', '".$website."', '".$fbid."', '".$twid."', '".$lt."', '".$slug."')");

well i think you have to use two parameters in mysqli_real_escape_string
but first you have to create the first parameter by setting connection with database it should be like
<?php
//for setting up connection with database
$conn=mysqli_connect('yourhostname','your mysql user name','your mysql password','your database');
//than try using this parameter in mysqlirealescapestring
$data=mysqli_real_escape_string($conn,$data);
?>
i hope that this could work

Can't insert and update at the same time

I have the code below and i can't figure why it's not working. The problem it's that i can insert a post with it, but when i try to update a post it's create a new page instead to update.
I have tried to remove isset from if(isset($_POST['id']) != 'null') and the update work, but then the insert doesn't work anymore.
Any idea what it's wrong with my code? Thanks.
<?php
if(isset($_POST['submitted']) == 1)
{
$title = mysqli_real_escape_string($dbc, $_POST['title']);
$header = mysqli_real_escape_string($dbc, $_POST['header']);
$body = mysqli_real_escape_string($dbc, $_POST['body']);
if(isset($_POST['id']) != 'null')
{
$q = "UPDATE pages SET user = $_POST[user], title = '$title', header = '$header', body = '$body' WHERE id = $_GET[id]";
}
else
{
$q = "INSERT INTO pages (user, title, header, body) VALUES ($_POST[user], '$title', '$header', '$body')";
}
$r = mysqli_query($dbc, $q);
if($r)
{
$message = '<p>Page was added!</p>';
}
else
{
$message = '<p>Page could not be added because:</p>'.mysqli_error($dbc);
$message .= '<p>'.$q.'</p>';
}
}
?>

You are using post and get at the same time. first check whethet it is post or get. then just simply do isset() check
<?php
if(isset($_POST['submitted']) == 1)
{
$title = mysqli_real_escape_string($dbc, $_POST['title']);
$header = mysqli_real_escape_string($dbc, $_POST['header']);
$body = mysqli_real_escape_string($dbc, $_POST['body']);
if(isset($_GET['id']) && $_GET['id']!="")
{
$q = "UPDATE pages SET user = $_POST[user], title = '$title', header = '$header', body = '$body' WHERE id = $_GET[id]";
}
else
{
$q = "INSERT INTO pages (user, title, header, body) VALUES ($_POST[user], '$title', '$header', '$body')";
}
$r = mysqli_query($dbc, $q);
if($r)
{
$message = '<p>Page was added!</p>';
}
else
{
$message = '<p>Page could not be added because:</p>'.mysqli_error($dbc);
$message .= '<p>'.$q.'</p>';
}
}
?>

Try this :
if(isset($_POST['id']) AND $_POST['id'] != 'null')

use this code: if(isset($_POST['id'] && $_POST['id']!= '')

Having issue PHP-MySQL signup form

After form submission browser shows just blank page. Nothing else. I've enabled error reporting. No error in php logs. Also tried (as you see) echo $sql; die();. Still no result. How to fix it? What's wrong with my code? My php code (which processes signup form data) looks like that
<?php
require '../includes/db.php';
require '../includes/ipurl.php';
require '../includes/common.php';
$page = 'signup';
if (mysqli_connect_errno()) {
printf("Connect failed: %s\n", mysqli_connect_error());
exit( );
}
if ($_POST['submit'] == 'Tamam') {
$err = array( );
foreach ($_POST as $key => $value) {
$data[$key] = filter($value);
}
if (empty($data['fname']) || strlen($data['fname']) < 2 || empty($data['mname']) || strlen($data['mname']) < 2 || empty($data['lname']) || strlen($data['lname']) < 2) {
$err[ ] = 1;
}
if (!isUserID($data['login'])) {
$err[ ] = 2;
}
if (!isEmail($data['email'])) {
$err[ ] = 3;
}
if (!checkPwd($data['pwd'], $data['pwd2'])) {
$err[ ] = 4;
}
$pwd = PwdHash($data['pwd']);
$host = $_SERVER['HTTP_HOST'];
$host_upper = strtoupper($host);
$path = rtrim(dirname($_SERVER['PHP_SELF']), '/\\');
$activ_code = rand(1000, 9999);
$email = $data['email'];
$login = $data['login'];
$dob = date('Y-m-d', strtotime($data['dob']));
$age = date("Y") - date('Y', strtotime($data['dob']));
$type = $data['type'];
$rs_duplicate = $db->query("select count(*) as total from users where email='$email' OR login='$login'") or die($db->error);
list($total) = $rs_duplicate->fetch_row();
if ($total > 0) {
$err[ ] = 5;
}
if (isset($type)) {
if ($type == 1) {
$region = $data['region'];
$school = $data['school'];
$class = $data['class'];
$group = 0;
$subject = 0;
$university = 0;
$profession = 0;
}
if ($type == 2) {
$group = $data['group'];
$region = $data['region'];
$school = $data['school'];
$class = $data['class'];
$subject = 0;
$university = 0;
$profession = 0;
}
if ($type == 3) {
$group = 0;
$region = 0;
$school = 0;
$class = 0;
$subject = 0;
$university = $data['university'];
$profession = $data['profession'];
}
if ($type == 4) {
$group = 0;
$region = 0;
$school = 0;
$class = 0;
$university = 0;
$profession = 0;
$subject = $data['subject'];
}
}
if (!isset($type)) {
$err[ ] = 9;
}
if (empty($err)) {
$sql = "INSERT INTO users
(level,fname, mname, lname, dob, age, reg_date, phone, email, login, pwd, type, `group`, region, school, class, ip, subject, ban, university, profession, activation_code)
VALUES
('1','$data[fname]', '$data[mname]', '$data[lname]', '$dob', '$age', now(), '$data[phone]', '$email', '$login', '$pwd', '$type', '$group', '$region', '$school', '$class', '$ip', '$subject', NULL, '$university', '$profession', '$activ_code')";
echo $sql; die();
$result = $db->query($sql) or die(printf("Bazaya daxiletmə zamanı səhv: %s\n", $db->error));
$id = $db->insert_id;
$md5_id = md5($id);
$db->query("update users set md5_id='$md5_id' where id='$id'") or die(printf("Bazaya daxiletmə zamanı səhv: %s\n", $db->error));
include "../includes/success.php";
}
} else if (!empty($err)) {
include "../includes/error.php";
}
?>
By the way function filter from common.php sanitizing all posts
function filter($data) {
$data = trim(htmlentities(strip_tags($data)));
if (get_magic_quotes_gpc())
$data = stripslashes($data);
$data = mysql_real_escape_string($data);
return $data;
}

I think your check for a non-empty error array should be moved up a step to right after where you check for if there are any errors.
...
if (empty($err)) {
$sql = "INSERT INTO users
(level,fname, mname, lname, dob, age, reg_date, phone, email, login, pwd, type, `group`, region, school, class, ip, subject, ban, university, profession, activation_code)
VALUES
('1','$data[fname]', '$data[mname]', '$data[lname]', '$dob', '$age', now(), '$data[phone]', '$email', '$login', '$pwd', '$type', '$group', '$region', '$school', '$class', '$ip', '$subject', NULL, '$university', '$profession', '$activ_code')";
echo $sql; die();
$result = $db->query($sql) or die(printf("Bazaya daxiletmə zamanı səhv: %s\n", $db->error));
$id = $db->insert_id;
$md5_id = md5($id);
$db->query("update users set md5_id='$md5_id' where id='$id'") or die(printf("Bazaya daxiletmə zamanı səhv: %s\n", $db->error));
include "../includes/success.php";
} else if (!empty($err)) {
include "../includes/error.php";
}
}

I would strongly suggest getting XDebug installed on your development machine, and use an IDE like NetBeans, Eclipse PDT or even better PHPStorm to try and set breakpoints inside your code, and see at what point it breaks.
You can get XDebug here: http://xdebug.org
Alternatively, take a step back, and add the following line
exit("i was here!");
at line 1, to first determine if the script is actually running, and if you can see the output, step by step, move it a line down, save and rerun the script, rinse and repeat until it breaks.
I suppose as well, although you have error reporting turned on, there could be a line of code in any of the 3 files you are including that turns it back off again like in this snippet:
error_reporting(0);
or even:
ini_set('display_errors','Off');

Categories