Drongo_III Posted April 22, 2012 Share Posted April 22, 2012 Hi Sorry, realise this is a bit of a noob question but can someone explain why this if statement uses multiple parenthesis? Is this a good way of grouping conditionals and when should you use it? if ((($_FILES["file"]["type"] == "image/gif") || ($_FILES["file"]["type"] == "image/jpeg") || ($_FILES["file"]["type"] == "image/pjpeg")) && ($_FILES["file"]["size"] < 20000)) Quote Link to comment Share on other sites More sharing options...
MarPlo Posted April 22, 2012 Share Posted April 22, 2012 Hi, Like in arithmetic, the paranthesis are used to control, and group the order of operations. For example, like: (2 + 3) * 4 = 20; and 2 + (3 * 4) = 14; In the code above, the result True or False of the first three conditionals is then grouped with && with the result of the 4th conditional. Quote Link to comment Share on other sites More sharing options...
PFMaBiSmAd Posted April 22, 2012 Share Posted April 22, 2012 The person writing that was probably unsure of the operator precedence and wanted to make sure it worked. The only () needed are those around the group of ||'ed values (which itself can be simplified, see below) - <?php if (($_FILES["file"]["type"] == "image/gif" || $_FILES["file"]["type"] == "image/jpeg" || $_FILES["file"]["type"] == "image/pjpeg") && $_FILES["file"]["size"] < 20000){ However, there are other problems with that logic (which probably came from the w3schools.com upload example). When validating user supplied input, you should never lump together tests and output a generic 'sorry, you did something wrong' message. You should validate everything about the user supplied input and specifically tell the user what was wrong with his input (provided telling him isn't a security issue.) If it was the wrong mime type, tell him what the mime type was that he submitted and what the valid types are. If there is something wrong with the size of the file, tell him what size he uploaded and what the valid size range is. Also, for that code, when you are testing if a value is one of several possible values, you should make an array of the acceptable values and use an in_array statement - <?php $allowed_types = array("image/gif","image/jpeg","image/pjpeg"); // just add values here instead of modifying the logic in the if() statement if(in_array($_FILES["file"]["type"],$allowed_types){ } Quote Link to comment Share on other sites More sharing options...
Drongo_III Posted April 22, 2012 Author Share Posted April 22, 2012 Thanks both! PFMaBiSmAd: That really helps me to understand. And you're perfectly correct in spotting w3schools haha. I wasn't intending to use it exactly as it was written I was just curious as to why and when you should use that sort of grouping. Your advice on using an array looks much cleaner though and I'll certainly adopt this method from here on in. Very glad i asked OH and it occurs to me now that using arrays like that can help make the function reusable...the penny drops Thank you! The person writing that was probably unsure of the operator precedence and wanted to make sure it worked. The only () needed are those around the group of ||'ed values (which itself can be simplified, see below) - <?php if (($_FILES["file"]["type"] == "image/gif" || $_FILES["file"]["type"] == "image/jpeg" || $_FILES["file"]["type"] == "image/pjpeg") && $_FILES["file"]["size"] < 20000){ However, there are other problems with that logic (which probably came from the w3schools.com upload example). When validating user supplied input, you should never lump together tests and output a generic 'sorry, you did something wrong' message. You should validate everything about the user supplied input and specifically tell the user what was wrong with his input (provided telling him isn't a security issue.) If it was the wrong mime type, tell him what the mime type was that he submitted and what the valid types are. If there is something wrong with the size of the file, tell him what size he uploaded and what the valid size range is. Also, for that code, when you are testing if a value is one of several possible values, you should make an array of the acceptable values and use an in_array statement - <?php $allowed_types = array("image/gif","image/jpeg","image/pjpeg"); // just add values here instead of modifying the logic in the if() statement if(in_array($_FILES["file"]["type"],$allowed_types){ } Quote Link to comment Share on other sites More sharing options...
PFMaBiSmAd Posted April 22, 2012 Share Posted April 22, 2012 Here's the operator precedence table, which shows why you have to force the ||'s to be evaluated together before the && (&& has higher precedence than ||) - http://us2.php.net/manual/en/language.operators.precedence.php Quote Link to comment Share on other sites More sharing options...
Drongo_III Posted April 22, 2012 Author Share Posted April 22, 2012 All makes sense now. Thanks for taking the time Here's the operator precedence table, which shows why you have to force the ||'s to be evaluated together before the && (&& has higher precedence than ||) - http://us2.php.net/manual/en/language.operators.precedence.php Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.