We Keep Coding

is elvis operator with error handling safe for set default value?

in my code is usually use if(!isset()) for set default value if the variable is empty
ex :
if(isset($_POST['noreg']))
{
$noreg = $_POST['noreg'];
}
else
{
$noreg = 'empty';
}
my friend suggest me to use elvis operator with error handling, and it looks shorten than before,
$noreg = #$_POST['noreg'] ?: 'empty';
it works fine like my old code
but is it safe or it has any risk if i use it?
can anyone help me for this?
thanks

The # operator suppresses error reporting. That means there's still an error being produced, but it's being silenced. That's problematic for three reasons:
It's probably slower to raise and then discard an error than an isset check would be.
If you have a custom error handler, that handler may ignore # and still produce an error.
You have no idea what other kinds of errors you may be suppressing that you're not expecting.
Particularly, what if you accidentally write #$_PSOT['noreg']? PHP's error reporting won't be alerting you to this mistake and you're in the dark. If you'd use filter_input(INPUT_POST, 'noreg') or array_key_exists('noreg', $_POST), such mistakes could not be made.
(This example may be a bit contrived since isset() will suppress the same error, but it's to illustrate the pitfalls of using error suppression and why one must be very conscious of it.)

If you use it for simple variable initialization then it's ok. It will work on any expression & when preceding it, it will suppress the error.
Straight from documentation http://php.net/manual/en/language.operators.errorcontrol.php
PHP supports one error control operator: the at sign (#). When
prepended to an expression in PHP, any error messages that might be
generated by that expression will be ignored.
If you have set a custom error handler function with
set_error_handler() then it will still get called, but this custom
error handler can (and should) call error_reporting() which will
return 0 when the call that triggered the error was preceded by an #.
Currently the "#" error-control operator prefix will even disable
error reporting for critical errors that will terminate script
execution. Among other things, this means that if you use "#" to
suppress errors from a certain function and either it isn't available
or has been mistyped, the script will die right there with no
indication as to why.

Why does #unset give a parse error?

Why can't you hide errors with the # operator when calling unset? The following results in a parse error:
#unset($myvar);

The # operator only works on expressions, and unset is a language construct, not a function. See the manual page for more information:
Note: The #-operator works only on
expressions. A simple rule of thumb
is: if you can take the value of
something, you can prepend the #
operator to it. For instance, you can
prepend it to variables, function and
include() calls, constants, and so
forth. You cannot prepend it to
function or class definitions, or
conditional structures such as if and
foreach, and so forth.

You can hide errors by prefixing # to functions/statements. However unset is a language construct, therefore it doesn't support the #-rule.
The good thing is that unset() never fails even if the variable didn't exist to begin with, so this shouldn't be necessary.
As nightcracker mentionned though, using # is pretty bad practice.

The error suppression operator only works on expressions:
unset is a language construct and not a function, so # cannot be used.

Why can't you hide errors with the # operator when calling unset?
I do not know. But you should not be using the error suppression operator (#) anyway. There are two distinct scenarios:
Developemnt
You want to see all errors right at the moment they happen, preferably with the raw error message that PHP gives you.
Production
You want to let no PHP error message bubble to the user. Instead you want to log the PHP error message and display your own message that a layman can understand.
You cannot achieve this distinction when you use #. You should separate theses scenarios by configuring display_errors, error_reporting and setting an error handler with set_error_handler.

#readfile in php?

I hate that google can not search for symbols. I saw this in some sample code and wondered why there is an # sign before the readfile function:
#readfile($filename);
What does it mean different to without an # symbol?

An # before a command in PHP means that no errors are printed. It's called the error control operator.
If you removed the # and readfile would encounter an error (such as not being able to read the file), then—depending on your PHP settings—the error message will be amidst your site content; something you rarely, if ever, want. (It gets worse even, if this happens before a call to header() or start_session() because once content is sent, the headers can't be written anymore.)

I refer to # as being the "stfu operator".

It is PHP's error suppression operator. With it you can suppress error messages.
Tip:
Simply don’t use the error suppression operator with speed-critical code.
Future:
Because # operator is very slow, it won't work on ini_set eg #ini_set in future version of PHP eg PHP6
Important Reading:
Bad uses of the # operator

It's error control operator. Manual will tell you everything...

# means "don't show errors/warnings"

FYI
You can use " " to search queries containing special characters in google.
Example to search - #readfile in PHP? search it
You can search - "#readfile in PHP?" search it

# character before a function call

What is the difference between these two function calls in PHP?
init_get($somevariable);
#init_get($somevariable);

the "#" will silence any php errors your function could raise.

It silences errors and warnings. See Error Control Operators.

As already answered the # will stop the error (if any) from showing up.
In terms of performance this is not recommended.
What php is doing is:
reading the error display state
setting the error display to show no errors
running your function
setting the error display to it's previous state
If you don't want any errors showing up use error_reporting(0);.
Or just write bug free code :P

http://www.faqts.com/knowledge_base/view.phtml/aid/18068/fid/38
All PHP expressions can be called with the "#" prefix, which turns off
error reporting for that particular expression.

As everyone said, it stops the output of errors for that particular function. However, this decreases performance greatly since it has to change the error display setting twice. I would recommend NOT ignoring warnings or errors and fixing the code instead.

PHP escaping error reporting with #

I am currently refactoring some code for work and I have come across some function calls prefixed by the "#" symbol. As I understand it, this is intended to escape PHP error reporting if the call fails.
Is this type of thing good practice? I understand the rationale in a development environment but when the site is pushed to production shouldn't all errors be handled properly rather than just escaped?
The use of this symbol would therefore mean that the developer has to sort through the code at a later stage to remove all error reporting escapes.
I am unsure whether to remove these symbols and just find a better way to handle potential errors or not.
For clarity, the function this was used on was the native PHP fsockopen() function.

That's probably among the worst practices you can come across in php code. It basically tells the interpreter to suppress errors and just try to do whatever the code asks it to do regardless of the outcome.
A great way to drag yourself and fellow teammates into all-nighter phantom bug hunts once the app has grown substantially.
Try-catch with custom exception handling is the way to go.

I think it is sometimes understandable to use # for calling functions like fsockopen(), because when they fail they will raise a warning as well as returning false.
There may be cases where you expect these calls to fail regularly and therefore do not want a warning to be raised. Obviously you shouldn't be displaying warnings in production and should be logging them instead, but you might still want to use the # operator to stop your logs getting full. You could stop warnings getting reported at all by changing the error_reporting setting but that is not ideal.

That's called the error control operator, and is generally a very scary thing to consider using. A warning from the manual (the emboldening is mine):
Currently the "#" error-control
operator prefix will even disable
error reporting for critical errors
that will terminate script execution.
Among other things, this means that if
you use "#" to suppress errors from a
certain function and either it isn't
available or has been mistyped, the
script will die right there with no
indication as to why.

Using the "#" operator is very useful when you know that the function call can fail, like, for example, the fsockopen call. Best practice is to use this only when the function you are calling often fails and is a valid case in your application. Also, you should definitely check the return value of the function after calling it:
$fp = #fsockopen($hostname, $port);
if ($fp === false) {
// handle connection failure
}
else {
// handle connection success
}
You should avoid two things:
Not checking the return value;
Using the "#" operator where you don't expect an error -- for example when opening a local file or sending headers. When opening a local file fails, that is an error and it should be handled properly.
Note: you might also want to look at set_error_handler()

if you use your custom error-handlers, the # operator will not help you,
you will always get error-events from situations where your are handling the "Warning" in your code ... like at fsockopen etc.
so you can simple suppress effectively the warning this way:
function renameWithOutExpectedAndSelfHandledErrors( ... ) {
set_error_handler(function(){}); // deactivate all errors
$result = rename('not existing','blafussel');
restore_error_handler(); // restore old error-situation
return $result;
}