Identical statement condition - php

Correct me if I'm wrong. I saw many people write condition header as this format.
if(isset($var) && $var!=""){}
Basically it just checking if $var isn't null value right? In my understanding this would be enough.
if($var){}
Am I missing something? Did my method unreliable? My colleague already pointed out that I should use the first one. Sometime I just lazy to write so I just want to make it simple.


They are not the same thing.
if (expr) is evaluated with these rules -> http://php.net/manual/en/types.comparisons.php#types.comparisons
<?php
$var = "0";
if (isset($var) && $var != "") {
echo "first block\n";
}
if ($var) {
echo "second block\n";
}
Example
Suppose $var is "0", then it is definitely isset, and not equal to an empty string, but fails the if ($var) test.


php
if($var){}
will check if $var is true. In this scenario, if $var is used for first time in condition, notice will be generated that you are trying to use undefined variable.


The isset () function is used to check whether a variable is set or not. If variable is not set, possibly it will enter to the else condition.
In your case if $var is not available, Possibly you will hit by this error Undefined variable: var. So checking isset is always good for your code.
Case 1:
if($var){
echo 'pass';
}else{
echo 'fail';
}
Output:Notice: Undefined variable: var in E:\siva\htdocs\test.php on line 48
fail
Case 2:
if(isset($var)){
echo 'pass';
}else{
echo 'fail';
}
Output : fail
Case 3:
$var = '';
if($var){
echo 'pass';
}else{
echo 'fail';
}
Output :Fail
In this case 3 is more interesting, If you failed to use isset, Defined the variable as null, So you will not get the error

Related

Function to Avoid Variable Undefined

I am trying to write a function to avoid getting variable undefined error. Right now, i have a code like this:
function check($str){
if(isset($str)){
$s = $str;
} else {
$s = "";
}
}
check($_GET['var']);
The get var is not set. I am getting a variable undefined error on my screen. How do i alter my function to not throw this error and just return "" if it is not set? I don't want to have to code 100 if statements to avoid getting variable undefined. Thanks.

We already have in PHP a construct to check that. It is called isset(). With it you can check whether a variable exists. If you would like to create it with some default values if it doesn't exist yet, we also have syntax for it. It's null-coalescing operator.
$_GET['var'] = $_GET['var'] ?? '';
// or since PHP 7.4
$_GET['var'] ??= '';

Although I'm not sure if it is the right way of doing it, for the sake of providing an answer you can pass the variable by reference, this allows you to get away with passing undefined variables and check if it is set inside the function..
function check(&$str){
if(!isset($str)){
$str = "not set";
}
}
check($_GET['var']);
echo $_GET['var'];

Checking variables using the eval()-Function

I have a list of variables (var1, var2, ...). Now I'd like to check these variables using several conditions and print out an error message if the condition is true.
As there are many "checks" that should be done I saved the "conditions" in a MySQL-DB (varchar):
condition errormsg
--------------------------------------------------------
$var1!=1 && $var1!=2 var1 should be 1 or 2
$var1=='' var1 is missing
$var3<0 & $var3>10 var3 should be between 0 and 10
Now I'd like to check these variables using the eval-Function:
$res=mysqli_query($con, "SELECT * FROM conditions");
while($row=mysqli_fetch_object($res)){
if(eval($row->condition))
echo $row->errormsg;
}
Can this work or is there a better solution without eval()? Thank you for your help!

Many people suggest to get alternate of this . But if you really need this you can do this way. I don't have your data so I have made this with my own way
<?php
$condition = "1!=1";
//$condition = "1==1";
$error = "test";
eval("\$con = $condition ;");
if($con){
echo $error;
}else {
echo "not found";
}
?>
Uncomment second line to get another change. Just keep in mind that statement should be complete in eval function.
Live demo : https://eval.in/847626
Pay special attention not to pass any user provided data into it without properly validating it beforehand.

The common solution for your problem is to write validation functions for the variables. Such a function receives a variable as argument, checks its value and return either success or an error code. Then the calling code uses the error code to lookup the error message in the list of localized strings for the current language.
It could be like below:
The validation functions
function var1_is_valid($var1)
{
if ($var1 == 1 || $var1 == 2) {
return 'SUCCESS';
} else {
return 'ERR_VAR1_INVALID';
}
}
function var1_is_present($var1)
{
if ($var1 != '') {
return 'SUCCESS';
} else {
return 'ERR_VAR1_MISSING';
}
}
function var3_is_valid($var3)
{
if (0 <= $var3 && $var3 <= 10) {
return 'SUCCESS';
} else {
return 'ERR_VAR3_INVALID';
}
}
The language file(s)
// Use the strings returned by the validation functions as keys in the array
$lang = array(
'ERR_VAR1_INVALID' => 'var1 should be 1 or 2',
'ERR_VAR1_MISSING' => 'var1 is missing',
'ERR_VAR3_INVALID' => 'var3 should be between 0 and 10',
);
Even better, you can combine the functions var1_is_valid() and var1_is_present() into a single validation function for $var1 that returns either 'SUCCESS' or the appropriate error string.
All the error messages for a language stay in a single language file that is loaded on each request. It works faster than querying the database for the error messages.
Another language means another file with strings identified by the same keys. You won't use two language on the same time. At most, you load the language that is completely implemented before loading the language requested by the user, in order to have a value for each string (a message in the wrong language is still better than nothing).

You can use a pseudo-switch, eliminating the need for a db and eval(). Minimalistic example:
$var = 1;
switch(true){
case ($var == 1):
echo "1\n";
case ($var != 2):
echo "2\n";
}

if/else with undeclared variable

What is the proper way to do an if/else statement regarding a variable which may or may not exist?
For example: I have a website search script that gets variables from the URL. If the user has not checked any advanced options then they are not included in the URL. Basically what I'm wondering is, would it be correct to use something like the following if the variable did not exist?
if ($variable == "yes") { do stuff; }
Would this cause any sort of problems if that variable did not exist? or should I always use something like:
if (isset($variable) && $variable == "yes") { do stuff; }

try to put the if value equals in the if statement, this way you never get error notice and its correct
if(isset($value)){
if($value==='this'){
//magic
}
}

The second way imo, because it will suppress the notice error that $variable does not exist if it's not set. Either way, it's only a notice error though - so you could just suppress notices and use the first way too..

empty
No warning is generated if the variable does not exist. That means empty() is essentially the concise equivalent to !isset($var) || $var == false.
// $foo = 'no';
if(!empty($foo) AND $foo == 'yes')
{
echo $foo;
}

Before you check your variable for a value, check it with isset and set default values like
if (!isset($variable)) {
$variable = "no";
}
if ($variable == "yes") { do stuff; }

Strugling with if, empty, and, or,

The following script should create an error when date_enabled is 2 and one of the three variables is empty. When day is empty for example, the script still doesn't echo the sentence.
Does anybody sees the problem?
$year = $_POST['date-year'];
$month = $_POST['date-month'];
$day = $_POST['date-day'];
$date_enabled = 2;
if ((($date_enabled ==2)) && ((empty($year) || empty($day) || empty($month)))){
echo "You didn't enter a valid date";
}
UPDATE - When I perform the following script it echos: its empty its empty (function). Which means that empty and the function isEmpty, which I created because of the advice of #Expert System , also works.
if (empty($day)){
echo "its empty";
}
if (!isset($day)){
echo "its not set";
}
if (isEmpty($day)){
echo "its empty (function)";
}
UPDATE AGAIN - The script above works indeed correctly. The problem lays with my form. It works fine now and thanks for your help.

I believe the definition of "empty" in your question is unclear. If empty in your question means zero-length string, then empty function is not the right one for you.
empty() definition from PHP doucment
Determine whether a variable is considered to be empty. A variable is
considered empty if it does not exist or if its value equals FALSE.
empty() does not generate a warning if the variable does not exist.
Maybe this custom function will work in your context
function isEmpty($var) {
return !isset($var) || ($var == '');
}
Then
if (($date_enabled == 2) &&
(isEmpty($year) || isEmpty($day) || isEmpty($month))){
echo "You didn't enter a valid date";
}

Try this code instead:
$year = isSet($_POST["date-year"]) ? $_POST["date-year"] : "";
$month = isSet($_POST["date-month"]) ? $_POST["date-month"] : "";
$day = isSet($_POST["date-day"]) ? $_POST["date-day"] : "";
$date_enabled = 2;
if ((($date_enabled ==2)) && ((empty($year) || empty($day) || empty($month)))){
echo "You didn't enter a valid date";
}
The problem might be the error of level E_NOTICE raised when you try to access an undefined index in $_POST array.
This shoukd notcause a problem (i.e. stop execution) with theususl/default configuration options, but with yours it might (just guessing).

php $_GET and undefined index

A new problem has arisen for me as I tried to run my script on a different PHP Server.
ON my old server the following code appears to work fine - even when no s parameter is declared.
<?php
if ($_GET['s'] == 'jwshxnsyllabus')
echo "<body onload=\"loadSyllabi('syllabus', '../syllabi/jwshxnporsyllabus.xml', '../bibliographies/jwshxnbibliography_')\">";
if ($_GET['s'] == 'aquinas')
echo "<body onload=\"loadSyllabi('syllabus', '../syllabi/AquinasSyllabus.xml')\">";
if ($_GET['s'] == 'POP2')
echo "<body onload=\"loadSyllabi('POP2')\">";
elseif ($_GET['s'] == null)
echo "<body>"
?>
But now, on a my local server on my local machine (XAMPP - Apache) I get the following error when no value for s is defined.
Notice: Undefined index: s in C:\xampp\htdocs\teaching\index.php on line 43
Notice: Undefined index: s in C:\xampp\htdocs\teaching\index.php on line 45
Notice: Undefined index: s in C:\xampp\htdocs\teaching\index.php on line 47
Notice: Undefined index: s in C:\xampp\htdocs\teaching\index.php on line 49
What I want to happen for the script to call certain javascript functions if a value is declared for s, but if nothing is declared i would like the page to load normally.
Can you help me?

Error reporting will have not included notices on the previous server which is why you haven't seen the errors.
You should be checking whether the index s actually exists in the $_GET array before attempting to use it.
Something like this would be suffice:
if (isset($_GET['s'])) {
if ($_GET['s'] == 'jwshxnsyllabus')
echo "<body onload=\"loadSyllabi('syllabus', '../syllabi/jwshxnporsyllabus.xml', '../bibliographies/jwshxnbibliography_')\">";
else if ($_GET['s'] == 'aquinas')
echo "<body onload=\"loadSyllabi('syllabus', '../syllabi/AquinasSyllabus.xml')\">";
else if ($_GET['s'] == 'POP2')
echo "<body onload=\"loadSyllabi('POP2')\">";
} else {
echo "<body>";
}
It may be beneficial (if you plan on adding more cases) to use a switch statement to make your code more readable.
switch ((isset($_GET['s']) ? $_GET['s'] : '')) {
case 'jwshxnsyllabus':
echo "<body onload=\"loadSyllabi('syllabus', '../syllabi/jwshxnporsyllabus.xml', '../bibliographies/jwshxnbibliography_')\">";
break;
case 'aquinas':
echo "<body onload=\"loadSyllabi('syllabus', '../syllabi/AquinasSyllabus.xml')\">";
break;
case 'POP2':
echo "<body onload=\"loadSyllabi('POP2')\">";
break;
default:
echo "<body>";
break;
}
EDIT: BTW, the first set of code I wrote mimics what yours is meant to do in it's entirety. Is the expected outcome of an unexpected value in ?s= meant to output no <body> tag or was this an oversight? Note that the switch will fix this by always defaulting to <body>.

Get into the habit of checking if a variable is available with isset, e.g.
if (isset($_GET['s']))
{
//do stuff that requires 's'
}
else
{
//do stuff that doesn't need 's'
}
You could disable notice reporting, but dealing them is good hygiene, and can allow you to spot problems you might otherwise miss.

I always use a utility function/class for reading from the $_GET and $_POST arrays to avoid having to always check the index exists... Something like this will do the trick.
class Input {
function get($name) {
return isset($_GET[$name]) ? $_GET[$name] : null;
}
function post($name) {
return isset($_POST[$name]) ? $_POST[$name] : null;
}
function get_post($name) {
return $this->get($name) ? $this->get($name) : $this->post($name);
}
}
$input = new Input;
$page = $input->get_post('page');

I was having the same problem in localhost with xampp. Now I'm using this combination of parameters:
// Report all errors except E_NOTICE
// This is the default value set in php.ini
error_reporting(E_ALL ^ E_NOTICE);
php.net: http://php.net/manual/pt_BR/function.error-reporting.php

First check the $_GET['s'] is set or not. Change your conditions like this
<?php
if (isset($_GET['s']) && $_GET['s'] == 'jwshxnsyllabus')
echo "<body onload=\"loadSyllabi('syllabus', '../syllabi/jwshxnporsyllabus.xml', '../bibliographies/jwshxnbibliography_')\">";
elseif (isset($_GET['s']) && $_GET['s'] == 'aquinas')
echo "<body onload=\"loadSyllabi('syllabus', '../syllabi/AquinasSyllabus.xml')\">";
elseif (isset($_GET['s']) && $_GET['s'] == 'POP2')
echo "<body onload=\"loadSyllabi('POP2')\">";
elseif (isset($_GET['s']) && $_GET['s'] == null)
echo "<body>"
?>
And also handle properly your ifelse conditions

I recommend you check your arrays before you blindly access them :
if(isset($_GET['s'])){
if ($_GET['s'] == 'jwshxnsyllabus')
/* your code here*/
}
Another (quick) fix is to disable the error reporting by writing this on the top of the script :
error_reporting(0);
In your case, it is very probable that your other server had the error reporting configuration in php.ini set to 0 as default.
By calling the error_reporting with 0 as parameter, you are turning off all notices/warnings and errors. For more details check the php manual.
Remeber that this is a quick fix and it's highly recommended to avoid errors rather than ignore them.

You should check wheter the index exists before use it (compare it)
if (isset($_GET['s']) AND $_GET['s'] == 'foobar') {
echo "foo";
}
Use E_ALL | E_STRICT while developing!

Actually none of the proposed answers, although a good practice, would remove the warning.
For the sake of correctness, I'd do the following:
function getParameter($param, $defaultValue) {
if (array_key_exists($param, $_GET)) {
$value=$_GET[$param];
return isSet($value)?$value:$defaultValue;
}
return $defaultValue;
}
This way, I check the _GET array for the key to exist without triggering the Warning. It's not a good idea to disable the warnings because a lot of times they are at least interesting to take a look.
To use the function you just do:
$myvar = getParameter("getparamer", "defaultValue")
so if the parameter exists, you get the value, and if it doesnt, you get the defaultValue.

Avoid if, else and elseifs!
$loadMethod = "";
if(isset($_GET['s'])){
switch($_GET['s']){
case 'jwshxnsyllabus':
$loadMethod = "loadSyllabi('syllabus', '../syllabi/jwshxnporsyllabus.xml', '../bibliographies/jwshxnbibliography_')";
break;
case 'aquinas':
$loadMethod = "loadSyllabi('syllabus', '../syllabi/AquinasSyllabus.xml')";
break;
case 'POP2':
$loadMethod = "loadSyllabi('POP2')";
}
}
echo '<body onload="'.$loadMethod.'">';
clean, readable code is maintainable code

Simple function, works with GET or POST. Plus you can assign a default value.
function GetPost($var,$default='') {
return isset($_GET[$var]) ? $_GET[$var] : (isset($_POST[$var]) ? $_POST[$var] : $default);
}

Another option would be to suppress the PHP undefined index notice with the # symbol in front of the GET variable like so:
$s = #$_GET['s'];
This will disable the notice. It is better to check if the variable has been set and act accordingly.
But this also works.

The real answer to this is to put a # At symbol before the variable which will suppress the error
#$_GET["field"]
#$_POST["field"]
It will work some slower, but will keep the code clean.
When something saves time for the programmer, and costs time for the website users (or requires more hardware), it depends on how much people will use it.

Categories