Closed. This question needs to be more focused. It is not currently accepting answers.
Want to improve this question? Update the question so it focuses on one problem only by editing this post.
Closed 8 years ago.
Improve this question
I remember someone told me a variable had to be initialized, but I'm wondering how can printing a variable can be dangerous, nobody can include my php file from a distant server, and the variable is empty when loading the php script, no ?
Then if I have this php file:
<?
print $var; //or any other use of the variable like mysql...
?>
Is it dangerous?
It's not necessarily dangerous, but you will get a notice that $var is undefined, if error_reporting is on.
Related
Closed. This question is opinion-based. It is not currently accepting answers.
Want to improve this question? Update the question so it can be answered with facts and citations by editing this post.
Closed 2 years ago.
Improve this question
I read somewhere that defining constants with PHP's define function like so:
define('BASE_PATH','/var/www/html/example/');
is better and more secure than storing the same variable data inside a globals variable like so:
$_GLOBALS['BASE_PATH'] = '/var/www/html/example/';
Could somebody please explain the difference, which is better in which scenarios, and why?
I've just read here:
PHP Manual - The 'define' function
That the 'define' function can cause unwanted oddities.
a) What are the security implications of both?
b) How does PHP manage and store each of the variable's data in physical memory?
Closed. This question needs to be more focused. It is not currently accepting answers.
Want to improve this question? Update the question so it focuses on one problem only by editing this post.
Closed 6 years ago.
Improve this question
I've been using PHP for some basics Back-End development for a while now. I saw something about interpretations of variables while I was looking for some changes which came with PHP 7. I'm not using them and it would be great if someone can explain why to use them?
What I mean is:
What are the pros of using them?
You use variable interpretation in situations when you need to dynamically reference a variable and don't want to use an array. Generally I would not recommend using it, as you lose benefits such as static code analysis.
Closed. This question needs details or clarity. It is not currently accepting answers.
Want to improve this question? Add details and clarify the problem by editing this post.
Closed 7 years ago.
Improve this question
I am trying to make a simple PHP program. I am trying to get the value from the URL and check if the dev is equal to true. I am using this code:
if($_GET['dev']==true){...}else if($_GET['dev']==false){...}
$_GET variable are all strings, you will need to cast it to a boolean
if (isset($_GET['dev']))
{
$dev= (bool) $_GET['dev'];
if($dev){
}
}
details are not enough, tell us more about your problem.
maybe you need to compare dev to a string and not to boolean:
if($_GET['dev']=="true"){...}else if($_GET['dev']=="false"){...}
Closed. This question needs to be more focused. It is not currently accepting answers.
Want to improve this question? Update the question so it focuses on one problem only by editing this post.
Closed 7 years ago.
Improve this question
<?php
if (empty(htmlspecialchars($_GET["default"]))) {
echo 'Click to type...';
} else {
echo urldecode(htmlspecialchars($_GET["default"]));
}
?>
My code is malfunctioning. Instead of echoing "Click to type..." it does nothing. What is wrong? Thanks so much, I am a noob at PHP.
try:
if (!isset($_GET["default"]) || empty(htmlspecialchars($_GET["default"]))) {
Do you have error_reporting on?
Why the do you have htmlspecialchars inside your if? You don't need it if you think about it for a second.
The recommendation I can give you is to check your request with some debugging (var_dump on your $_GET or using xdebug).
You can also check your URL to see if you have something like localhost/someaction.php?default=something&other_get_parameter=somethingelse&..... If it's on a form you can use you can check on your developer tools in your browser.
Closed. This question needs details or clarity. It is not currently accepting answers.
Want to improve this question? Add details and clarify the problem by editing this post.
Closed 8 years ago.
Improve this question
The problem is that I must catch situation when some variable (and I don't know it's name, that is I don't know where this value first arises) matches some record in database. The way I think it could be done is to run after each statement an external code against array of local and remote variables. In that external code would be a simple foreach loop and db query, the script would then output line number where given situation happened.
Is this possible with xdebug ?
There is a function for that, http://php.net/manual/en/function.register-tick-function.php more documentation on ticks is http://www.php.net/manual/en/control-structures.declare.php here.