Can I use empty and isset in a variable?

11

Here's an example:

if(isset($_POST['nome']) && !empty($_POST['nome'])) {
    session_start();
    $_SESSION['nome'] = $_POST['nome'];
}

View demonstração

If I can not use this, what would be recommended? I'm trying to take the best security issues for my site.

Interesting quote from a reference displayed in @qmechanik's response:

  

isset() tests whether the variable was "started" in>) "and if it is not null .

     

empty() can return "true" when the variable was "started" > isset ) for certain values.

Final logic : !empty checks if it is not empty, so if it is not empty it has started, so !empty is already enough and does not depend on isset , unlike isset that depends on !empty (this does not remove the fact that you can put isset and empty in such a situation) in some situations, finally any thoughts or quotes that contradict this, please answer if possible, thanks. p>     

asked by anonymous 18.05.2015 / 22:51

2 answers

7

Power can, but it's redundant .

Both have different goals, empty determines whether a variable is empty (an empty array , FALSE , NULL , 0 number, or string ), isset in turn informs if a variable has been started , for example, if a variable is null or was destroyed with unset , isset will return FALSE . One important detail: it does not check if a variable is empty .

Using both is redundant , basically empty is an abbreviation for !isset($variavel) || !$variavel , !empty() is analogous to isset($variavel) && $variavel , but without issuing warnings, the PHP manual mentions:

  

empty() is the opposite of ( boolean ) var, except that it does not generate a   warning ) if the variable does not exist.

empty is implemented in the zend_language_parser.y line 1204 that runs the zend_compile_isset_or_empty method present in the file zend_compile.c - 6117 line, empty is almost !$variavel . This is the main point of this function: make a comparison Boolean without having the concern of the set to be variable or not.

If it is to use one or the other, use empty .

Example

$variavel;      // Variável indefinida
echo $variavel; // Notice: Undefined variable: variavel in...

if (!empty($variavel))
    echo "A {$variavel} pode ser usada, pois não está vazia ou indefinida.";
else
    echo "A variável está vazia ou não foi definida.";

View demonstração

% w / o% was not required to check whether the variable was started or not.

References:

  • Why check both isset () and! empty ()
  • The empty ($ v) function is actually (! isset ($ v) || $ v! = true) -and- silence-warnings
  • 19.05.2015 / 00:18
    4

    Can! You are checking whether a variable exists and whether it has any value.

    A variable in php can be initialized without value so it can be started and has no value attached to it, so there are several cases where you need to check if the variable exists and if it has value.

    Note

    In your code you are checking for or is empty, this can lead to an error in the scan because the check of isset() is after empty() .

    So check it out to make sure your code works:

    $post = $_POST['nome'];
    
    if(isset($post) && !empty($post)) {
        session_start();
        $_SESSION['nome'] = $post; 
    }
    
      

    Note that I used && instead of using || so I need the variable either to exist or not to be empty.

        
    18.05.2015 / 23:47