Jump to content

When should isset, empty & is_null to be used?


BigB

Recommended Posts

The other day, this topic came up for discussion, when catching $_POST what are your thoughts on the best way of catching it?

 

I had been using "isset" as my main weapon for catching $_POST / $_GET, however, It was suggested that checking for "Empty" over "Isset" was the better approach, I did look into the 101 manuals and Google and got mixed views, though, I am now more incline to agree on using "empty" over "isset", the reason why is that, if a space is inputted, "empty" will return false, whereas isset will declare true and boolean sent as TRUE will also return False from "empty", though True from "isset" and many data outputs that can found: (https://www.virendrachandak.com/demos/php-isset-vs-empty-vs-is_null.php).

 

 
 
IF (isset($_POST["From_Form"])){ ... }

IF (empty($_POST["From_Form"])){ ... }

IF (is_null($_POST["From_Form"])){ ... }

 

 

I would like to know your thoughts on this topic?

Edited by BigB
Link to comment
Share on other sites

Values in $_POST will always be strings or arrays. Never nulls or integers/floats.

 

Now think about what each function does:

- is_null() tests if the thing is null. If it does not exist then PHP will warn you and the function will return true.

- isset() tests if the thing exists and is null.

- empty() tests if the thing exists and is null, the empty string, the string "0", or the number 0.

 

Clearly one of those functions should never be used on $_POST, one of them will be the function you use most, and one of them will be a function you might use if you don't mind exactly what it does.

  • Like 1
Link to comment
Share on other sites

if a space is inputted, "empty" will return false

 

^^^ if you want to detect values that are all white-space, you should trim the data first, then test the trimmed value.

 

since all form data are strings (or arrays, containing string data), regardless of what value is in them, testing if the value is or is not an empty string '' is the most general purpose method of testing for a field that was not filled in and will avoid the problem of empty() considering the string '0' to be empty.

 

except for un-checked check-boxes, un-checked radio-buttons, and submit buttons that were not used to submit the form, i.e javascript was used instead, all form fields will be set, regardless of what they contain, once the form has been submitted.

 

for post method forms, you should first detect if a post method request was used, then all the will-be-set form fields will exist and there's no need to individually detect them, just validate the data in them. isset() should only be used when detecting check-boxes and radio-buttons. using isset() for all the other form field types will hide programming errors, typos, and clutter up your code with unnecessary logic.

 

for $_GET data, that could exist or not, on any request or any type (post/get) of request, individually detecting them using isset() in a ternary operator, and setting up a default value if they are not set is the most general purpose method.

 

$var = isset($_GET['var']) ? trim or cast as appropriate $_GET['var'] : set a default value as needed;

  • Like 1
Link to comment
Share on other sites

I typically do something like this

 

//Preprocessing logic
//Use isset to avoid errors if it was not present in the post data
//Do this for all relevant post values
$thing = isset($_POST['thing']) ? trim($_POST['thing']) : '';
 
 
//Validation
if($thing == '')
{
    //error condition
}
  • Like 1
Link to comment
Share on other sites

I use a function to trim the entire $_POST array at one time, then check for empty in the validation for required fields.

/**
 * Removes leading/trailing spaces from Array
 * @param array $input
 * @return array|string
 */
function trim_array($input)
    {
    if (!is_array($input))
        return trim($input);
    return array_map('trim_array', $input);
    } // End Function

Usage

$_POST = trim_array($_POST);
Edited by benanamen
  • Like 1
Link to comment
Share on other sites

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.