agent_404;10982441 wrote:Can you explain why one shouldn't use @ to suppress errors?
I'd love to! The '@' error suppressor does nothing to help you and everything to hinder you as a programmer.
If you're using it in your development environment, it's simply going to hide errors in code that you're writing/debugging. This means you'll be unaware of any problems PHP might be trying to make you aware of and thus prevents you from addressing these problems before uploading your code to your production environment.
If you're using it in your production environment, it's simply going to hide errors in code that is being executed to handle real, live requests. If something breaks or goes wrong, you'll never know about it because the error information that PHP would have logged (since we all know that error logging should always be enabled in production environments... right??? 😉) will instead be thrown away (a.k.a. "suppressed").
Long story short: I can't think of one good reason why to use it, and I've just listed a few reasons why not to use it. Therefore, I never use it.
agent_404;10982441 wrote:Wouldn't that keep server information from potentially being displayed on an error?
Indeed, which is very bad (as I explained above).
If you're relying on using it to hide error information from the end user... well, that's just bad design on your part. You should instead disable display_errors (something you shouldn't have enabled in your production environment anyway... right??? 😉) and instead enable log_errors. Assuming you've done that, the only person you'd be hiding the error info from is yourself - the programmer in charge of fixing said errors.
agent_404;10982441 wrote:Also, do you know of a way to determine if the optional flag (which I made a constant) is actually working?
I glanced at the MySQL docs briefly but couldn't find what I was looking for. I'm almost positive that MySQL will set a session/connection variable to indicate whether or not you're connected via SSL (assuming the server supports it, which you've indicated that it does).
However, note that this user-contributed note in the PHP manual suggests that SSL support may or may not work with the 'mysql' extension. At any rate, note that the mysql extension itself is rather outdated; you should probably look into using [man]MySQLi[/man] (or [man]PDO[/man]) instead.