Which of the following is better and why?

[ryan.od]

I am using the following two types of checks for form verification. I am wondering if one is 'better' than the other and, if so, why. Thanks for any insight!

#1. . .
if(!$_POST['email']) {
$errors[0] = 'You forgot to enter your email address.';
} else {
$email = trim($_POST['email']);
}

#2. . .
if(empty($_POST['email'])) {
$errors[0] = 'You forgot to entry your email address.';
} else {
$email = trim($_POST['email']);
}

RyanOD

[xtentic]

none... try a combination of both

[code]
<?php
if (!isSet($_POST['email']) OR isSet($_POST['email'])  && is_empty($_POST['email']))
{
// error
}
?>
[/code]

[ryan.od]

If a form is submitted with all the fields left blank, what is sent in the $_POST array? Are all the array values considered to be 'set'?

Thanks for the suggestion. Is it a waste of time to check isSet on every form element? How about using a hidden form field with a value of TRUE. Check for that first and if that is OK, then check if each form field is empty or not.

I used the aforementioned approach once and it worked well. There are just so many options to do this, I'm not sure which one works best (they all work) and why.

Thanks for your input.

RyanOD

[heckenschutze]

[quote author=xtentic link=topic=114104.msg464118#msg464118 date=1162880914]
none... try a combination of both

[code]
<?php
if (!isSet($_POST['email']) OR isSet($_POST['email'])  && is_empty($_POST['email']))
{
// error
}
?>
[/code]
[/quote]

First off is_empty is not a real function :), and since [color=orange]&&[/color] has a higher precedence than [color=orange]OR[/color], without parenthesis, the statement would be evaluated as,

[color=blue]If[/color] [color=green]$_POST['email'][/color] is set [color=blue]and[/color] is empty [color=blue]Then[/color]
[color=blue]If[/color] [color=green]$_POST['email'][/color] is set [color=blue]Then[/color]

.. Body

[color=blue]EndIf[/color]

In other words, your Statement is 'over complex'...

To 'properly' check it:

[code]<?php
if(!isset($_POST['email']) && empty($_POST['email']))
{
    // please enter your email !
}else{
    // good user :)
}
?>[/code]

This will check if the [color=green]$_POST['email'][/color] element has been set, if so then it checks if its empty or not.

[quote]If a form is submitted with all the fields left blank, what is sent in the [color=green]$_POST[/color] array? Are all the array values considered to be 'set'?[/quote]
The array keys will exist, therefore the array value is considered to be 'set'.

[ryan.od]

Heh, heh, I guess I'm still new to this and didn't catch your little joke.

I completely understand what you are saying and it makes complete sense. However, if the form has 5 or 6 fields, am I gaining anything by putting in a hidden field that I can use to check to see if the form was actually submitted? I realize your method accomplishes this, but it makes that check for every form field when really, checking one of them would be sufficient. I guess adding a hidden field wouldn't be much of an improvement. . .

How about this. . .would this be considered more 'efficient' or am I splitting hairs?? Thanks again.

[code]
<?php
if(!isset($_POST['email'])) {
    if(empty($_POST['email']))
    {
        // please enter your email !
    }else{
        // good user :)
    }
    if(empty($_POST['whatever']))
    {
        // please enter your whatever!
    }else{
        // good user :)
    }
.
.
.
}
?>
[/code]

RyanOD

[alpine]

Just name the submit button and check if this is submitted, hidden field is unnessesary

if(isset($_POST['submit']))
{
// check the rest with empty()
}

[btherl]

This table details the differences between the various tests:

http://sg.php.net/manual/en/types.comparisons.php

Like alpine said, you can simply check the submit button.  Try var_dump($_POST) to see exactly what is set during a form submission.  However, for a user-friendly interface it's nice to check each form variable separately and generate appropriate error messages.