Avoid using isset () on a form?

Question

Avoid using isset () on a form?

If you have many inputs (select / textarea / input), it will look really messy if you enable isset()

For instance:

 <input id="firstname" type="text" name="firstname" value="<?php echo (isset($_POST['firstname']) ? $_POST['firstname'] : "";?>">

Is there an alternative way to make it look neat and maintained?

I am using MVC Framework if this help.

+4

php forms

I'll-be-back Feb 17 '12 at 16:27

source share

6 answers

You can pre-analyze all the variables you use:

 <?php $v_list = array('firstname', 'lastname', 'birthdate'); $v_vals = array(); foreach ($v_list as $v) { if (isset($_POST[$v])) $v_vals[$v] = $_POST[$v]; else $v_vals[$v] = ""; } ?> <input ... value="<?php echo $v_vals['firstname']; ?>" />

+3

Mikhail Feb 17 '12 at 16:35

source share

If the behavior is always the same, define a short-range function:

 function val ($variable, $default) { if isset($variable) return $variable; else return $default; }

Then use it as follows:

 <input id="firstname" type="text" name="firstname" value="<?= val(@$_POST['firstname'],"")?>">

Also note that the final ";" not required if you have nothing in

Finally, <?= Is a shortcut to <? echo, but it only works with short tags ( <? ), not with <?php .

This is not surprising, but much shorter.

+2

Roadmaster Feb 17 '12 at 16:34

source share

Since you are using MVC, you should avoid polling super viruses in the view. In addition, array_key_exists is superior to isset for this kind of thing.

So, in the controller you should have:

 $myview->firstname = array_key_exists( 'firstname', $_POST ) ? $_POST['firstname'] : '';

and in view

 <input id="firstname" type="text" name="firstname" value="<?= $this->firstname ?>" />

+1

Matt H. Feb 17 '12 at 16:41

source share

Like many other concepts, PHP users are wrong.

When the user receives the message "Undefined variable", the usual attitude is: "What a fuss! Is there a godly method to get rid of it?" "Sure!" - comes along with another PHP user with some code, without addressing the question: what is this error message? Why am I getting this? Should I fix this?

So here comes isset or some kind of wrapper for isset.

But if you want to think about the meaning of the error message, it will become clear that the programmer should always know what variables he has and what values.

And the “Undefined variable” message is just a hint: you don’t know which variable you are using, and if it ever exists!

So, the right solution would be to define the variable that you are going to use in the form. For empty, you need to define empty. However, usually you do not need to check everything. One condition is enough.

So, the true rule would be to define each variable that you intend to use in the template before loading it.

Not to mention that you should not publish raw data in the value attribute, but always pass it through htmlspecialchars ()

0

Your common sense Feb 17 '12 at 16:51

source share

Access to the undefined variable calls E_NOTICE . E_NOTICE can be more or less ignored (otherwise they would be E_WARNING or E_ERROR s), so set error_reporting(E_ALL ^ E_NOTICE) and discard these variables without first checking for their existence.

Alternatively, instead of isset enter the following function for each of them:

 <?php function echoifset(&$var) { if( isset($var)) echo $var; } ?>

Then you can just call <?php echoifset($_POST['firstname']); ?> <?php echoifset($_POST['firstname']); ?> and do the same as all ongoing checks.

-2

Niet the dark absol Feb 17 '12 at 16:33

source share

Vyktor · Accepted Answer · 2012-02-17T16:37:03+0000

You can create your own function that will fill in the values:

 function get_post( $key, $default = ''){ if( isset( $_POST[$key])){ return htmlspecialchars( $_POST[$key]); } return htmlspecialchars( $default); }

And use it like:

 <input ... value="<?php echo get_post( 'firstname', 'Your name'); ?>" />

In any case, this will be included in your infrastructure.

If you need more complete keys, you can do it like this:

 function get_post( ){ $args = func_get_args(); if( count( $args) < 2){ // Wrong usage, throw an exception } $default = array_pop( $args); $progress = $_POST; while( $key = array_shift( $args)){ if( !is_array( $progress) || !isset( $progress[$key])){ $progress = $default; break; } $progress = $progress[$key]; } return htmlspecialchars( $progress); } echo get_post( 'my', 'multiple', 'keys', 'default');

Variable preparation

You can also use php array operator+ and set all variables:

 <?php $myList = array( 'name' => 'Your name', 'another' => 'Another'); $values = $_POST + $myList;

And what is simple:

 <?php echo htmlspecialchars( $values['name']); ?>

Avoid using isset () on a form?

Variable preparation

More articles: