[Last Call] Learn how to a build a cloud-first strategyRegister Now

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1541
  • Last Modified:

PHP Warning feof() fread() filling error logs and drive

Something about this small piece of code is filling my drive with ssl error logs at an incredible rate.
The web server has about 980GB of space but it fills to the brink in only hours when this starts happening.

It isn't someone hacking, it's a remote logging device trying to connect to pick up an update but it just keeps trying. I'm not a programmer but I need to stop this problem if possible without removing the php file so things keep running.

I am pretty sure it's because the file the remote is looking for doesn't exist at the moment but this error filling the drive should not happen of course.

[Wed Jul 16 04:18:38 2014] [client 216.19.18.217] PHP Warning:  feof() expects parameter 1 to be resource, boolean given in /html/myapp.php on line 41

[Wed Jul 16 04:18:38 2014] [client 216.19.18.217] PHP Warning:  fread() expects parameter 1 to be resource, boolean given in /html/myapp.php on line 42

Section of code is;

if($_SERVER['REQUEST_METHOD'] === 'GET'){
    $file = fopen("myapp/file1","r");
LINE 41    while (!feof($file)){
LINE 42        echo fread($file,1024);

Long shot but thought I'd give it a try :)
0
projects
Asked:
projects
  • 5
  • 3
  • 3
  • +2
3 Solutions
 
käµfm³d 👽Commented:
Are all 4 of those lines consecutive, or is there stuff in between the fopen call and the while loop?
0
 
projectsAuthor Commented:
Yes, consecutive so no error catching of any kind I guess.
0
 
Dave BaldwinFixer of ProblemsCommented:
You can try this to check if the fopen returns false so you can skip the problem lines.
http://us1.php.net/manual/en/function.fopen.php
if($_SERVER['REQUEST_METHOD'] === 'GET'){
    $file = fopen("myapp/file1","r");
    if($file) {
    while (!feof($file)){
       echo fread($file,1024);
       }
   }

Open in new window

0
What Security Threats Are We Predicting for 2018?

Cryptocurrency, IoT botnets, MFA, and more! Hackers are already planning their next big attacks for 2018. Learn what you might face, and how to defend against it with our 2018 security predictions.

 
Julian HansenCommented:
This is replicable with the following code

<?php
$file = fopen("nosuchfile.nul", "r");
while(!feof($file)) {
	echo fread($file, 1024);
}

Open in new window


It does exactly what you are seeing - i.e. report hundreds of log messages.

This is because the file that is being opened does not exist - because you are not checking for a failure on the file open the code is entering an infinite loop trying to read from a non-existent file.

The feof() function does not interpret a FALSE value returned from the failed fopen as an end of file condition so the while does not terminate.

Solution: I think Dave Baldwin's post is the correct solution to the problem.
0
 
Ray PaseurCommented:
The situation causing this condition is that the file cannot be opened.  It may not exist, or there may be an I/O error of some sort (more diagnostics would be needed).  This will suppress repeated error messages and also put one single message in the log for each attempt that fails.  You probably want that one error message so you know when something fails!

$file = @fopen("myapp/file1","r");
if (!$file) trigger_error('UNABLE TO OPEN myapp/file1 FOR READ', E_USER_ERROR);
while (!feof... etc

Open in new window

0
 
projectsAuthor Commented:
So now my code looks as follows;

    if($_SERVER['REQUEST_METHOD'] === 'GET'){
    $file = fopen("myapp/file","r");
    if (!$file) trigger_error('UNABLE TO OPEN myapp/file FOR READ', E_USER_ERROR);
    //if($file) {
    while (!feof($file)){
    echo fread($file,1024);
      //}
     }
    fclose($file);
       }
0
 
Julian HansenCommented:
Not sure if there is a question there - did this solve your problem.

It won't make a difference to the running of your code but sloppy formatting makes it difficult to find bugs.

When posting to EE it is advisable to use code tags to format your code - it makes it easier to refer to the code. The code tags can be added by highlghting your code and clicking the "Code" option in the formatting menu.

Here is your code reformatted with comments.

if($_SERVER['REQUEST_METHOD'] === 'GET') {
  // Attempt to open file
  $file = fopen("myapp/file","r");

  // If fopen fails send error to log and 
  if (!$file) trigger_error('UNABLE TO OPEN myapp/file FOR READ', E_USER_ERROR);

  // Process file
  while (!feof($file)){
    echo fread($file,1024);
  }

  fclose($file);
} 

Open in new window

0
 
Ray PaseurCommented:
...reformatted with comments.
+1 for that.  Always a great idea.
0
 
käµfm³d 👽Commented:
Always a great idea.
Except that comments should indicate why you are doing something, not what you are doing. If someone can't tell what you are doing by looking at your code, then you've written it badly.
0
 
Dave BaldwinFixer of ProblemsCommented:
I disagree @kaufmed.  Complexity by itself can make it difficult to tell what is going on.  I'm working on code where I have to check up to 20 different conditions to create an output.  And they're not mutually exclusive.  The conditions are used in different combinations.  I've got charts and spreadsheets just trying to organize it well enough to write a working version.
0
 
käµfm³d 👽Commented:
I've got charts and spreadsheets just trying to organize it well enough to write a working version.
Then I would say that your solution isn't architected well. But that's me playing Monday-morning quarterback without knowing a thing about your project. I'm sure there will be some cases where you simply don't have a choice, but in my opinion most cases should have code that reads like what it does. There are countless tools available these days to make writing code a simple task. This isn't the 80's where you were limited to 8 character variable names, and object-oriented programming can do a lot to simplify (and in the worst case complicate) the readability of code. And yes, in those (IMO rare) situations where you simply cannot architect a simple approach to a complex problem, commenting the what would make more sense--but that's not to imply you leave out the why.

As it stands, julianH's comments in the code add no value in a production environment; in a learning environment--like this forum--the comments could hold value (depending on the skill of the reader). Even for someone who doesn't work in PHP, it should be somewhat obvious what fopen is doing--why do I need a comment to tell me that? But again, I only assert this based on whether or not this code is migrated into a production system. In this thread, I have no problem with it.
0
 
Ray PaseurCommented:
I think at this level, when the Author does not really understand PHP, the what may be as important as the why, and I often write comments like that  in code samples here at E-E.  And I agree that in a deployable application saying that fopen() opens a file is too basic to warrant a comment; the appropriate comment would probably be a Docblock at the top of the method definition.
0
 
Dave BaldwinFixer of ProblemsCommented:
A shortening attention span doesn't help either...  I write comments to tell myself what I thought I was doing because nobody else ever sees my code.  Except for demos here.
0
 
käµfm³d 👽Commented:
@DaveBaldwin

I've learned that the hard way myself  = )
0
 
Julian HansenCommented:
@kaufmed
There are many different reasons for commeting code - some of which you have covered. In this forum you will no doubt have seen many examples where code has been commented (in many cases by some of the posters in this thread) for the purpose of helping the asker understand the code.

Well written code in many cases is self commenting - although I am not sure your comment about OO (over 80's coding style) is necessarily valid - sometimes OO code can be pretty confusing when you have to trace functionality back up the hierarchy across multiple files.

In this particular post documenting the why was not possible because I have aboslutely no idea what the author's code is for. My point was that when you post code to EE it helps to format it correctly and provide comments so that the rest of us can understand what is being asked - I then gave an example.

I don't think my answer should have been the accepted solution as I was simply re-phrasing what others have written - my post was aimed primarily at giving pointers - and not as a guide on how to comment code.
0
 
käµfm³d 👽Commented:
@julianH

Please don't think I was attacking your code personally. I was simply trying to make the point of what a comment should contain. Commenting the what is probably 75% of the comments we experts post here, because we are attempting to help someone who might not be as experienced as we are. I totally get that. My attempt to help "projects" was to stress that comments in code need to have meaning--albeit I can see how my initial comment didn't clearly emphasize this.

Personally, I hate typing.  As such, I always try to self-document as much as I can  = )
0
 
projectsAuthor Commented:
You are right, I picked the wrong answers in error.
I do too many things at once :(
0

Featured Post

Free Tool: Subnet Calculator

The subnet calculator helps you design networks by taking an IP address and network mask and returning information such as network, broadcast address, and host range.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

  • 5
  • 3
  • 3
  • +2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now