Hi Ben, > John, presumably I can leave the error reporting on - > but pipe it into a file if i wanted, rather than > displaying on screen, and then redirect the user to > another page?
Of course you can - I generally have my pages send me email when they throw an error, but that's because I'm really lazy and I can't be bothered to go and check log files all the time <g> It's just not a stunning idea to display an error messages that give away out any information you could hold back - one of the starting points for an attacker is to try and mess up your query strings, and if you're merrily telling them exactly what the problem is, you're helping them out :-) Cheers Jon -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php