Determine if missing session variable is due to bug or not (PHP)

In my PHP app, I'm trying to differentiate between cases where an unset session variable is due to an actual bug or due to something that's not my 开发者_StackOverflowfault (ie. the user logged out or manually typed a URL). Obviously, I want to record bugs only. Right now I'm recording errors for both and I can't tell which is which.

Are there some generally accepted ways of dealing with this sort of thing? I am curious to hear how others out there have approached this situation.

Thanks, Brian

Set all session variables to a sane default when the session is created. If at any later point you find an unset session variable, it's a bug.

If the user logs out, that does not mean they don't have a session (or it should not mean that, if your session handling is anything like most implementations). The same goes for manually typing a URL. At some point, your app's internal framework is necessarily doing session_start() for all page views. That's a good place to inject defaults.

Injecting defaults is dead easy with the array union operator:

$defaults = array(
    'userid' => null,
    'lang'   => 'en',
);

session_start();
$_SESSION['userid'] = 42;
$_SESSION += $defaults; // will not overwrite existing values

print_r($_SESSION);

See it in action (and please ignore the warnings related to not being able to set the session cookie etc).