Jump to content

Is it bad


jaymc

Recommended Posts

Is it bad to do this

[code]$name = $_GET['name'];[/code]

Taking into account that name may not always be set basically resulting in a dead variable which basically gives the following error

[b]Notice: Undefined variable: ord in /home/jaydio/public_html/search/search.php on line 275[/b]

Obviously its only a notice, but is it ok to just turn the error reporting off?
Link to comment
Share on other sites

That's fine. What's happening is that your "error_reporting" level is set too high in the php.ini file.

Change it to:

[color=blue]error_reporting  = E_ALL & ~E_NOTICE & ~E_STRICT[/color]

Additionaly, you can say:

[code]<?php

if($_GET[name] == ''){$name='';}

else {$name = $_GET[name];}

?>[/code]
Link to comment
Share on other sites

[quote author=Crayon Violent link=topic=112486.msg456596#msg456596 date=1161651262]
also depends on what you are doing with $name. for instance, if you are using it inside a query you need to sanitize it first, lest you be vulnerable to sql injection.
[/quote]

Yep.
Link to comment
Share on other sites

[quote author=Caesar link=topic=112486.msg456595#msg456595 date=1161651080]
That's fine. What's happening is that your "error_reporting" level is set too high in the php.ini file.

Change it to:

[color=blue]error_reporting  = E_ALL & ~E_NOTICE & ~E_STRICT[/color]

Additionaly, you can say:

[code]<?php

if($_GET[name] == ''){$name='';}

else {$name = $_GET[name];}

?>[/code]
[/quote]There is no such thing as "too high" when it comes to error_reporting. Fix your errors, do not sweep them under the carpet. It really, really peeves me to see people offering this as "advice" when it is just downright poor programming.

Just because you can't see the error message, does not mean the error does not occur.
Link to comment
Share on other sites

[quote author=Jenk link=topic=112486.msg456601#msg456601 date=1161651461]There is no such thing as "too high" when it comes to error_reporting. Fix your errors, do not sweep them under the carpet. It really, really peeves me to see people offering this as "advice" when it is just downright poor programming.

Just because you can't see the error message, does not mean the error does not occur.
[/quote]

Excuse me but, here is a huge diference between Warnings/Notices...and errors. And there is a huge diference between error_reporting = 2039, and error_reporting = 2047. You can have an error free script that will return insignificant Notices when the error_reporting leel is set too low. :-/
Link to comment
Share on other sites

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.