Function "isset()" needed in 4.3.5 but not 4.3.0

Re: Function "isset()&q uot; needed in 4.3.5 but not 4.3.0

On Mon, 05 Apr 2004 10:01:43 -0400, Yannick Turgeon wrote:
[color=blue]
> Hello all,
>
> We are currently changing our web server and, in the process, updating PHP
> version from 4.3.0 to 4.3.5. The problem we've got is that our PHP
> applications generate errors saying that some of the variables are
> Undefined.
>
> I didn't use "if(isset($myVa r))" to validate if a variable has been passed
> from a HTML form but instead "if($myVar) ".
>
> Is there a way to make it work without changing the code?
>
> TIA
>
> Yannick[/color]


Interesting.. is $myVar a bool value? If not.. then why do you assume
something is "wrong"? This would appear to be perfectly reasonable.

isset() checks for definition not for data type.

if ($foo) is a boolean check not a def / undef check.

Seriously... the code needs rewriting.. this is seriously flawed if mu
assumptions are correct.. and unfortunately, something all too easily done
in PHP. Maybe they're slowly getting around to making things more strict
and "standard". . which is IMO, a good thing(tm).

Just my £0.02 worth =)



Regards,

Ian

--
Ian.H
digiServ Network
London, UK

Re: Function "isset()&q uot; needed in 4.3.5 but not 4.3.0

Thanks Ian for your reply,

I finally found the answer. Yes, I realise this way of testing if variable
has been passed or not from a form is very poor practice. Why I didn't get
any error on the old server was because the parameter "error_reportin g" was
set to exclude "Notices". I did the same on the new server because it would
be too long for the moment to change all the code. It worked.

Yannick

"Ian.H" <ian@WINDOZEdig iserv.net> wrote in message
news:pan.2004.0 4.05.14.57.23.6 57000@bubbleboy .digiserv.net.. .[color=blue]
> On Mon, 05 Apr 2004 10:01:43 -0400, Yannick Turgeon wrote:
>[color=green]
> > Hello all,
> >
> > We are currently changing our web server and, in the process, updating[/color][/color]
PHP[color=blue][color=green]
> > version from 4.3.0 to 4.3.5. The problem we've got is that our PHP
> > applications generate errors saying that some of the variables are
> > Undefined.
> >
> > I didn't use "if(isset($myVa r))" to validate if a variable has been[/color][/color]
passed[color=blue][color=green]
> > from a HTML form but instead "if($myVar) ".
> >
> > Is there a way to make it work without changing the code?
> >
> > TIA
> >
> > Yannick[/color]
>
>
> Interesting.. is $myVar a bool value? If not.. then why do you assume
> something is "wrong"? This would appear to be perfectly reasonable.
>
> isset() checks for definition not for data type.
>
> if ($foo) is a boolean check not a def / undef check.
>
> Seriously... the code needs rewriting.. this is seriously flawed if mu
> assumptions are correct.. and unfortunately, something all too easily done
> in PHP. Maybe they're slowly getting around to making things more strict
> and "standard". . which is IMO, a good thing(tm).
>
> Just my £0.02 worth =)
>
>
>
> Regards,
>
> Ian
>
> --
> Ian.H
> digiServ Network
> London, UK
> http://digiserv.net/
>[/color]

Re: Function &quot;isset()&q uot; needed in 4.3.5 but not 4.3.0

[ Posting rearranged into proper Usenet order ]

[color=blue]
> "Ian.H" <ian@WINDOZEdig iserv.net> wrote in message
> news:pan.2004.0 4.05.14.57.23.6 57000@bubbleboy .digiserv.net.. .[color=green]
>> On Mon, 05 Apr 2004 10:01:43 -0400, Yannick Turgeon wrote:[/color][/color]


[ snip ]
[color=blue][color=green][color=darkred]
>> > I didn't use "if(isset($myVa r))" to validate if a variable has been[/color][/color]
> passed[color=green][color=darkred]
>> > from a HTML form but instead "if($myVar) ".
>> >
>> > Is there a way to make it work without changing the code?[/color][/color][/color]


[ snip ]

[color=blue][color=green]
>> if ($foo) is a boolean check not a def / undef check.
>>
>> Seriously... the code needs rewriting.. this is seriously flawed if mu
>> assumptions are correct.. and unfortunately, something all too easily done
>> in PHP. Maybe they're slowly getting around to making things more strict
>> and "standard". . which is IMO, a good thing(tm).[/color][/color]


On Mon, 05 Apr 2004 11:06:21 -0400, Yannick Turgeon wrote:
[color=blue]
> Thanks Ian for your reply,
>
> I finally found the answer. Yes, I realise this way of testing if variable
> has been passed or not from a form is very poor practice. Why I didn't get
> any error on the old server was because the parameter "error_reportin g" was
> set to exclude "Notices". I did the same on the new server because it would
> be too long for the moment to change all the code. It worked.[/color]


No probs Yannick.. glad you found an answer anyway.. but it's also good to
see that you do recognise the "problem" (some people just don't care.. "we
got it to work.. so up yours!" kind of attitude).

I have had similar issues with my own code in the past with some things
(probably most remembered was the register_global s change over for some of
my old scripts). I implemented some hacks to get around the problem until
I had some spare time to rewrite the code _properly_. If a job's worth
doing, it's worth doing right as they say.. but I also appreciate
"immediatel y" isn't often a possible reality =)



Regards,

Ian

--
Ian.H
digiServ Network
London, UK

Re: Function &quot;isset()&q uot; needed in 4.3.5 but not 4.3.0

I noticed that Message-ID:
<pan.2004.04.05 .15.29.01.59400 0@bubbleboy.dig iserv.net> from Ian.H
contained the following:
[color=blue]
>I have had similar issues with my own code in the past with some things
>(probably most remembered was the register_global s change over for some of
>my old scripts).[/color]

It doesn't help when bad habits are shown in tutorials. Although my
server (out of my control) has register globals set to on I always use
$_POST, $_GET etc. I resented having to type extra code at first but
now I'm used to it I find it easier to see where my variables are coming
from.

--
Geoff Berrow (put thecat out to email)
It's only Usenet, no one dies.
My opinions, not the committee's, mine.
Simple RFDs http://www.ckdog.co.uk/rfdmaker/

Re: Function &quot;isset()&q uot; needed in 4.3.5 but not 4.3.0

On Mon, 05 Apr 2004 18:11:38 +0100, Geoff Berrow wrote:
[color=blue]
> I noticed that Message-ID:
> <pan.2004.04.05 .15.29.01.59400 0@bubbleboy.dig iserv.net> from Ian.H
> contained the following:
>[color=green]
>>I have had similar issues with my own code in the past with some things
>>(probably most remembered was the register_global s change over for some of
>>my old scripts).[/color]
>
> It doesn't help when bad habits are shown in tutorials. Although my
> server (out of my control) has register globals set to on I always use
> $_POST, $_GET etc. I resented having to type extra code at first but
> now I'm used to it I find it easier to see where my variables are coming
> from.[/color]


Most definitely Geoff.. like you, it comes as "second nature" now
(although my servers are configured with globals off).

That's the other popular explanation / reason for using them (besides the
obvious security).. $_POST['foo'] is a _lot_ more descriptive than $foo =)

I used a kind of securish hack to get around it.. by adding:


$foo = $_GET['foo'];
$bar = $_POST['bar'];


etc etc as the first few lines in the script(s). This still kept the
validation then on where they were coming from. Not the best situation for
debugging.. but the scripts worked.. so this wasn't so important at this
time (not like during development).

As time went on I replaced all of these (actually ended up taking the
application down and replaced with phpBB (was a forum)) because I didn't
have the time to create the next phpBB / vBulletin and the features were
lacking somewhat (administration tasks too longer to do just with phpMA..
les automation).

It's an ever growing learning / experience curve.. by the time I get to 10
years of PHP coding.. I'd still lay a rather large £sum on the table and
say I'd still have lots to learn... but that's also half the fun =)



Regards,

Ian

--
Ian.H
digiServ Network
London, UK

Re: Function &quot;isset()&q uot; needed in 4.3.5 but not 4.3.0

"Yannick Turgeon" <nobody@nowhere .com> wrote in message
news:nFdcc.6395 $wq4.566669@new s20.bellglobal. com...[color=blue]
> We are currently changing our web server and, in the process, updating PHP
> version from 4.3.0 to 4.3.5. The problem we've got is that our PHP
> applications generate errors saying that some of the variables are
> Undefined.
>
> I didn't use "if(isset($myVa r))" to validate if a variable has been passed
> from a HTML form but instead "if($myVar) ".
>
> Is there a way to make it work without changing the code?[/color]

Just change error_reporting in php.ini to something like E_ALL &~ E_NOTICE.

Re: Function &quot;isset()&q uot; needed in 4.3.5 but not 4.3.0

"Geoff Berrow" <blthecat@ckdog .co.uk> wrote in message
news:pi43709lrq 6kg7cprnn7cs1qr 7gnsg1tl1@4ax.c om...[color=blue]
> It doesn't help when bad habits are shown in tutorials. Although my
> server (out of my control) has register globals set to on I always use
> $_POST, $_GET etc. I resented having to type extra code at first but
> now I'm used to it I find it easier to see where my variables are coming
> from.[/color]

Now wait a second. When has using register-globals become a bad habit?
Quoting the PHP manual: "the directive itself isn't insecure but rather it's
the misuse of it." My biggest problem with the whole register-globals debate
is that people some how think that it's a more secure way of programming in
PHP. There is, of course, no such thing as more secure--you are either
vulnerable or you're not. And there are plenty of ways to screw up. I don't
know how many times I have seen stuff like

include $_GET['section'] . '.php';

or

if($_SESSION['auth']) {
include("forum. php");
}

or

$ids = implode(',', $_POST['checkboxes]);
mssql_query("SE LECT * FROM books WHERE book_id IN ($ids)");

where the programmer is satistied that he has followed good practice and let
serious issues slip by under his nose.

Re: Function &quot;isset()&q uot; needed in 4.3.5 but not 4.3.0

I noticed that Message-ID: <quKdnVdL0qvige _dRVn-sw@comcast.com> from
Chung Leong contained the following:
[color=blue][color=green]
>> It doesn't help when bad habits are shown in tutorials. Although my
>> server (out of my control) has register globals set to on I always use
>> $_POST, $_GET etc. I resented having to type extra code at first but
>> now I'm used to it I find it easier to see where my variables are coming
>> from.[/color]
>
>Now wait a second. When has using register-globals become a bad habit?[/color]

Where did I say that? It is a bad habit to write code that is not
portable, as we see here on a daily basis.

--
Geoff Berrow (put thecat out to email)
It's only Usenet, no one dies.
My opinions, not the committee's, mine.
Simple RFDs http://www.ckdog.co.uk/rfdmaker/