Jump to content


Photo

Is it bad


  • Please log in to reply
6 replies to this topic

#1 jaymc

jaymc
  • Members
  • PipPipPip
  • Advanced Member
  • 1,521 posts
  • LocationLiverpool

Posted 24 October 2006 - 12:38 AM

Is it bad to do this

$name = $_GET['name'];

Taking into account that name may not always be set basically resulting in a dead variable which basically gives the following error

Notice: Undefined variable: ord in /home/jaydio/public_html/search/search.php on line 275

Obviously its only a notice, but is it ok to just turn the error reporting off?

I would love to change the world, but they won't give me the source code

SEO Agency

#2 Caesar

Caesar
  • Members
  • PipPipPip
  • Advanced Member
  • 1,025 posts

Posted 24 October 2006 - 12:51 AM

That's fine. What's happening is that your "error_reporting" level is set too high in the php.ini file.

Change it to:

error_reporting  = E_ALL & ~E_NOTICE & ~E_STRICT

Additionaly, you can say:

<?php

if($_GET[name] == ''){$name='';}

else {$name = $_GET[name];}

?>

PHP Ninja

#3 .josh

.josh
  • Staff Alumni
  • .josh
  • 14,871 posts

Posted 24 October 2006 - 12:54 AM

also depends on what you are doing with $name. for instance, if you are using it inside a query you need to sanitize it first, lest you be vulnerable to sql injection.
Did I help you? Feeling generous? Buy me lunch! 
Please, take the time and do some research and find out how much it would have cost you to get your help from a decent paid-for source. A "roll-of-the-dice" freelancer will charge you $5-$15/hr. A decent entry level freelancer will charge you around $15-30/hr. A professional will charge you anywhere from $50-$100/hr. An agency will charge anywhere from $100-$250/hr. Think about all this when soliciting for help here. Think about how much money you are making from the work you are asking for help on. No, we do not expect you to pay for the help given here, but donating a few bucks is a fraction of the cost of what you would have paid, shows your appreciation, helps motivate people to keep offering help without the pricetag, and helps make this a higher quality free-help community :)

#4 Caesar

Caesar
  • Members
  • PipPipPip
  • Advanced Member
  • 1,025 posts

Posted 24 October 2006 - 12:55 AM

also depends on what you are doing with $name. for instance, if you are using it inside a query you need to sanitize it first, lest you be vulnerable to sql injection.


Yep.
PHP Ninja

#5 Jenk

Jenk
  • Members
  • PipPipPip
  • Advanced Member
  • 778 posts

Posted 24 October 2006 - 12:57 AM

That's fine. What's happening is that your "error_reporting" level is set too high in the php.ini file.

Change it to:

error_reporting  = E_ALL & ~E_NOTICE & ~E_STRICT

Additionaly, you can say:

<?php

if($_GET[name] == ''){$name='';}

else {$name = $_GET[name];}

?>

There is no such thing as "too high" when it comes to error_reporting. Fix your errors, do not sweep them under the carpet. It really, really peeves me to see people offering this as "advice" when it is just downright poor programming.

Just because you can't see the error message, does not mean the error does not occur.

#6 jaymc

jaymc
  • Members
  • PipPipPip
  • Advanced Member
  • 1,521 posts
  • LocationLiverpool

Posted 24 October 2006 - 10:22 AM

Thanks I'll take all the commends into concideration
I would love to change the world, but they won't give me the source code

SEO Agency

#7 Caesar

Caesar
  • Members
  • PipPipPip
  • Advanced Member
  • 1,025 posts

Posted 25 October 2006 - 07:39 PM

There is no such thing as "too high" when it comes to error_reporting. Fix your errors, do not sweep them under the carpet. It really, really peeves me to see people offering this as "advice" when it is just downright poor programming.

Just because you can't see the error message, does not mean the error does not occur.


Excuse me but, here is a huge diference between Warnings/Notices...and errors. And there is a huge diference between error_reporting = 2039, and error_reporting = 2047. You can have an error free script that will return insignificant Notices when the error_reporting leel is set too low. :-/
PHP Ninja




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users