isset()

[Ninjakreborn]

What is the purpose and reasoning behind the isset() function. If you set a variable to something you should already know 100% that it is already set, why would you need isset() to tell you what you already know, what are the purposes and reasons behind this, I already read over www.php.net manuals a few times, under that section, but I still don't grasp this concept, I know unset() takes a variable off I guess you use that when you have a variable, and want to cut that variable off so you can use the same variable name later in the script, but isset() makes absolutely nosense to me, I know for debugging you could check your variables to make sure they are set, but I thought if you set them they were set, no if's ands or buts, the more help I get on this the better, and thank you in advance.

[sdaniels]

i usually use it for if statements like

if (isset($foo)) {
then do whatever here }

this says if the $foo variable has been assigned a value then proced to do whatever, and if its not set then the page will not parse whatever is in the if statement.
is extremeley helfull for form input, you dont want your page to do anything unitill a user fills out the form and hits submit, if he hits submit then the $foos are set and the page will do what you want from there.

Im terrible at explaining things sorry

[AndyB]

[b]You[/b] might always know exactly what's going on with your scripts, but your scripts (sometimes) have to deal with user input ... and users are the most unreliable things in the universe. If a user 'forgets' to provide a form input, wouldn't it be nice to know that an important variable had been set (by the user's input) before you processed their data?

[sKunKbad]

I know in my case it was suggested that I use isset() to make sure that variables weren't being changed in the browser address bar by a malicious user. You should familiarize yourself with SQL injection, and other vulnerabilities.

[Ninjakreborn]

After I dig deeper into php I am learning sql, and it's variations including mysql, but I was also told by numerous people, including people on this board, that you shoudl validate forms with javascript, and process them with php, if this is true then I would have no need for the isset() function in the forms right.

[AndyB]

A couple of observations. While javascript might be one way to 'validate' user input not every visitor will have javascript active. Regardless of platform or browser, you can always validate input server-side as you don't care what your visitors have/don't have and use/don't use.

One reason why some people might like to use client-side validation is that they create scripts in two parts: the data input script and the data processing script. In that case they may find they want the user to go back to a blank form just because one field was invalid. Bad design. Better to have the data input and processing in the same script so you can echo back user inputs when you need them to resubmit the form without filling it out again. Then you'll need some conditional branching to test whether the form has been submitted or whether this is the first visit to the form. isset() is one way of testing for specific input to use for such branching.

And, of course, when you pass data via URL (click a link like showstuff.php?id=27) you can't validate that client-side if your visitors edit what's in the browser address bar to showstuff.php (for example). Isn't isset() nice to have?

[Ninjakreborn]

Thanks for the in depth explanation, I understand isset() a lot better than i did when i first posted.