CodeClarityLab / Glossary
Ctrl K
← CodeClarityLab Home
Browse by Category
+ added · updated 7d
⚖ Terms of Use
← Back to glossary

Error Suppression Operator (@)

quality PHP 5.0+ Beginner

Also Known As

@ operator silence operator error suppressor

TL;DR

Prefixing a PHP expression with @ silently suppresses all errors and warnings it generates — hiding bugs instead of handling them.

Explanation

The @ operator suppresses all PHP errors from the expression, including fatal errors in PHP 7 (in PHP 8, @ no longer suppresses fatal errors). It is a code smell in almost every case: instead of suppressing the error, handle it — check if a file exists before fopen(), validate the URL before file_get_contents(), use error-returning functions and check their return value. The only legitimate use is third-party library calls that emit unavoidable deprecation notices in legacy code.

Common Misconception

@ is a quick fix for annoying warnings — it hides the symptom while the underlying problem (missing file, invalid URL, failed database connection) silently corrupts the application state.

Why It Matters

@ suppressed errors make debugging nearly impossible — the error is gone, the application silently continues with a null or false value, and the failure surface is invisible.

Common Mistakes

  • @fopen($file) instead of checking file_exists() first.
  • @unlink($file) instead of if (file_exists($file)) unlink($file).
  • @$arr['key'] instead of $arr['key'] ?? null.
  • Using @ on an entire function call when only one operation inside it can fail.

Code Examples

✗ Vulnerable 
// Suppressing errors — bugs hidden:
$fp = @fopen($path, 'r');         // File missing? $fp is false, no error
$data = @file_get_contents($url); // URL invalid? $data is false, silent
@unlink($tmpFile);                 // Already deleted? Silently ignored
$val = @$config['missing_key'];   // Undefined key? Silently null
✓ Fixed 
// Handle errors explicitly:
if (!file_exists($path)) throw new FileNotFoundException($path);
$fp = fopen($path, 'r');

$data = file_get_contents($url);
if ($data === false) throw new HttpException("Failed to fetch $url");

if (file_exists($tmpFile)) unlink($tmpFile);

$val = $config['missing_key'] ?? null; // Intentional null default
Added 16 Mar 2026
Edited 22 Mar 2026
Views 40

Curated in Warsaw under one editorial standard. 1,444 terms, single voice.  About this reference →

Rate this term
No ratings yet
🤖 AI Guestbook educational data only
| |
Last 30 days
0 pings W 0 pings T 0 pings F 0 pings S 0 pings S 0 pings M 0 pings T 0 pings W 2 pings T 0 pings F 0 pings S 1 ping S 0 pings M 0 pings T 0 pings W 0 pings T 0 pings F 0 pings S 2 pings S 0 pings M 0 pings T 0 pings W 1 ping T 1 ping F 0 pings S 1 ping S 1 ping M 0 pings T 1 ping W 0 pings T
Agents 0
No pings yet today
ChatGPT 11 Amazonbot 8 Google 4 Perplexity 4 Ahrefs 2 Majestic 1 DuckDuckGo 1 Unknown AI 1
Also referenced
Exception Handling (try/catch/finally) 48 Error Handling in PHP 29 Null Coalescing Operator Not Used 21
How they use it
crawler 32
Related categories
php 6.3k quality 2.7k style 993
DEV INTEL Tools & Severity
🟡 Medium ⚙ Fix effort: Medium
⚡ Quick Fix
Delete every @ operator and replace it with proper error handling — the @ operator silences the error but doesn't fix the problem, and in PHP 8 it no longer suppresses fatal errors
📦 Applies To
PHP 5.0+ web cli queue-worker
🔗 Prerequisites
🔍 Detection Hints
@file_get_contents(); @unlink(); @ before any function call suppressing legitimate errors
Auto-detectable: ✓ Yes phpcs phpstan rector
⚠ Related Problems
🤖 AI Agent
Confidence: High False Positives: Low ✗ Manual fix Fix: Medium Context: Line Tests: Update
CWE-390
✓ schema.org compliant