Blog Sections Open
Hiding Parse Errors from Public Visitors in Evolution CMS
A small but important production hardening step that keeps parser errors from exposing filesystem paths and internal details to anonymous visitors.
Parser errors are useful while developing, but they should not leak raw internal details to anonymous visitors on a live site. Old Evolution CMS projects often displayed full parse messages publicly, including information that makes reconnaissance easier.
The risk
Even a simple parse error can reveal file paths, parser internals, snippet names, or coding mistakes. That is helpful for developers and just as helpful for attackers probing a weak project.
The legacy fix
The original article suggested a simple production-safe condition in document.parser.class.inc.php so full details are only shown to authenticated manager users:
if (isset($_SESSION['mgrValidated'])) {
echo $parsedMessageString;
} else {
echo 'FATAL ERROR :-(';
}When to use this
- on production environments
- on inherited legacy projects with uncertain code quality
- while you are gradually replacing risky snippets or plugins
Important note
This does not replace proper error logging. Public users should see a neutral failure message, while developers still need logs and a safe way to debug. On production, the goal is to reduce information leakage, not to hide bugs from yourself.
SEO Basics for Evolution CMS: Titles, WWW Canonicalization, Sitemaps, and 404s
A practical SEO checklist for older Evolution CMS projects covering page titles, menu titles, canonical host choice, XML maps, and other fundamentals that are often skipped.
Caching News Blocks for High-Load Evolution CMS Projects
A practical caching strategy for news-heavy sites where article lists should refresh only when content changes, not on every request.