[Koha-devel] Re: FAQ: Why am I prompted to save a .pl file? was: Problems adding a biblio...
Rick Welykochy
rick at praxis.com.au
Fri Sep 14 01:57:19 CEST 2007
Joe Atzberger wrote:
> On 9/13/07, *Rick Welykochy* <rick at praxis.com.au
> <mailto:rick at praxis.com.au>> wrote:
>
> But it will be hard to turn CGI:Carp on in development and off
> in production.
>
>
> Actually, it seems pretty easy to me.
>
> use CGI::Carp qw(fatalsToBrowser);
> ... # some code ...
> fatalsToBrowser(0); # off
> ... # more code ...
> fatalsToBrowser(1); # back on
>
> So you can decide to turn it on or off at runtime conditionally, based
> on whatever you want. You wouldn't have to move code around at all.
Now we are getting somewhere. But we don't want a solution where the
library installer has to edit perl source code, do we?
Suppose my library's security policy is to disallow any errors or
dumps of same to the browser. In this production case, ALL fatals
to browser in all Koha scripts must be disabled.
Rather than forcing the Koha sys admin / installer to edit all the scripts,
this is my proposal:
in a typical koha_whatever.pl script we have:
use CGI::Carp qw(fatalsToBrowser); # trap errors to error_log and the browser
:
:
fatalsToBrowser(0) if !Koha::Config->fatalstobrowser; # trap errors only to error_log if so configured
This enables any Koha implementation to (a) see all fatal errors in
error_log at all times and (b) disable the viewing of same in the browser
if they see fit.
All that is then needed is a new entry in /etc/koha.conf
fatalstobrowser=1
and all the installer needs to do once testing is complete and the system
is ready for production (if they want):
fatalstobrowser=0
cheers
rickw
--
_________________________________
Rick Welykochy || Praxis Services
Traditionally, most of Australia's imports come from overseas.
-- Keppel Enderbery
More information about the Koha-devel
mailing list