Jump to content

Archived

This topic is now archived and is closed to further replies.

jaymc

Is it bad

Recommended Posts

Is it bad to do this

[code]$name = $_GET['name'];[/code]

Taking into account that name may not always be set basically resulting in a dead variable which basically gives the following error

[b]Notice: Undefined variable: ord in /home/jaydio/public_html/search/search.php on line 275[/b]

Obviously its only a notice, but is it ok to just turn the error reporting off?

Share this post


Link to post
Share on other sites
That's fine. What's happening is that your "error_reporting" level is set too high in the php.ini file.

Change it to:

[color=blue]error_reporting  = E_ALL & ~E_NOTICE & ~E_STRICT[/color]

Additionaly, you can say:

[code]<?php

if($_GET[name] == ''){$name='';}

else {$name = $_GET[name];}

?>[/code]

Share this post


Link to post
Share on other sites
also depends on what you are doing with $name. for instance, if you are using it inside a query you need to sanitize it first, lest you be vulnerable to sql injection.

Share this post


Link to post
Share on other sites
[quote author=Crayon Violent link=topic=112486.msg456596#msg456596 date=1161651262]
also depends on what you are doing with $name. for instance, if you are using it inside a query you need to sanitize it first, lest you be vulnerable to sql injection.
[/quote]

Yep.

Share this post


Link to post
Share on other sites
[quote author=Caesar link=topic=112486.msg456595#msg456595 date=1161651080]
That's fine. What's happening is that your "error_reporting" level is set too high in the php.ini file.

Change it to:

[color=blue]error_reporting  = E_ALL & ~E_NOTICE & ~E_STRICT[/color]

Additionaly, you can say:

[code]<?php

if($_GET[name] == ''){$name='';}

else {$name = $_GET[name];}

?>[/code]
[/quote]There is no such thing as "too high" when it comes to error_reporting. Fix your errors, do not sweep them under the carpet. It really, really peeves me to see people offering this as "advice" when it is just downright poor programming.

Just because you can't see the error message, does not mean the error does not occur.

Share this post


Link to post
Share on other sites
Thanks I'll take all the commends into concideration

Share this post


Link to post
Share on other sites
[quote author=Jenk link=topic=112486.msg456601#msg456601 date=1161651461]There is no such thing as "too high" when it comes to error_reporting. Fix your errors, do not sweep them under the carpet. It really, really peeves me to see people offering this as "advice" when it is just downright poor programming.

Just because you can't see the error message, does not mean the error does not occur.
[/quote]

Excuse me but, here is a huge diference between Warnings/Notices...and errors. And there is a huge diference between error_reporting = 2039, and error_reporting = 2047. You can have an error free script that will return insignificant Notices when the error_reporting leel is set too low. :-/

Share this post


Link to post
Share on other sites

×

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.