Do I need to use isset?

#1 November 22nd, 2008, 12:55 AM

I have gotten into the habit of using isset for every $_POST variable,
checking that it is set before I even check to see if it contains
anything. For example:

if (isset($_POST['password']) && $_POST['password'] != "")

Is this something I need to do?

Would I get "undefined" errors if I just did this instead?

if ($_POST['password'] != "")

Bill H

#2 November 22nd, 2008, 01:05 AM

Bill H wrote:

Quote:

I have gotten into the habit of using isset for every $_POST variable,
checking that it is set before I even check to see if it contains
anything. For example:
>
if (isset($_POST['password']) && $_POST['password'] != "")
>
Is this something I need to do?
>
Would I get "undefined" errors if I just did this instead?
>
if ($_POST['password'] != "")
>
Bill H

You will get notices if you have them enabled. Even if you don't, there
will be unnecessary processing to detect the notice and determine if
logging or display is appropriate.

You should ALWAYS check incoming $_GET or $_POST data to see if it is
indeed set.

--
==================
Remove the "x" from my email address
Jerry Stuckle
JDS Computer Training Corp.
jstucklex@attglobal.net
==================

#3 November 22nd, 2008, 02:45 AM

I've made such things a common function (simple example):

function readPost($name) {
$val = ( isset( $_POST[$name] ) ? $_POST[$name] : '' );
// if possible, do some input filtering here
return $val;
}

$password = readPost('password');

As I learn new ways to filter you will just need to work on the
function - not all the input lines.
Do the same with $_GET and $_COOKIE.

Do I need to use isset?

re: Do I need to use isset?

re: Do I need to use isset?

/bytes/development

/bytes/it

/bytes/about