|
Posted by Jochem Maas on 08/01/05 01:01
Tom Chubb wrote:
> The purist method is what I wanted.
dev'ing with E_ALL is a good thing, but turn off E_NOTICE on productions sites... IMHO
in fact make sure your production sites don't output any php errors at all (even if they occur!),
sure log them, but don't show - it makes it just a little harder for hackers (as in shitheads
who feel the need to try and crack you site - rather than the oldschool meaning) to
hack you.
> I know it sounds a bit silly, but I would like to be able to run all
not silly at all. :-)
> my scripts with error reporting set to e_all without any
> notices/errors.
> What you've shown me is perfect, so thanks for your help.
> T
>
> On 31/07/05, Jochem Maas <jochem@iamjochem.com> wrote:
>
>>Tom Chubb wrote:
>>
>>>Thanks Jochem, useful info.
>>>I've changed that now, but why is there still an Undefined index: id error?
>>
>>its a notice technically not an error.
>>and its showing up because you have error reporting set to show notices.
>>to be really purist/correct do it something like this:
>>
>>if (isset($_GET['id']) && ($cleanID = intval( $_GET['id'] ))) {
>> $article = "$cleanID.php";
>> if (file_exists($article)) {
>> include $article;
>> } else {
>> echo "The article you've requested does not exist!";
>> }
>>} else {
>> echo "No article selected";
>>}
>>
>>or you can suppress the notice with a @ (know what you are doing when
>>you use the @ symbol), e.g.:
>>
>>if ($cleanID = intval( @$_GET['id'] )) {
>> $article = "$cleanID.php";
>> if (file_exists($article)) {
>> include $article;
>> } else {
>> echo "The article you've requested does not exist!";
>> }
>>} else {
>> echo "No article selected";
>>}
>>
>>
>>>Any ideas?
>>>
>>>
>>>On 31/07/05, Jochem Maas <jochem@iamjochem.com> wrote:
>>>
>>>
>>>>Tom Chubb wrote:
>>>>
>>>>
>>>>>I have changed it a bit, and don't have the old code now!!!
>>>>>I saw a post which identified a problem using isset when $var = ""; as
>>>>>it returns true, so I changed my code to use...
>>>>>
>>>>
>>>>the fact that you are using $id suggests you have register_globals on
>>>>- not recommended practice. and mixing using of auto registered globals ($id)
>>>>and the equivelant $_GET index ($_GET['id']) is going to lead to confusion
>>>>somewhere do the line.
>>>>
>>>>
>>>>
>>>>>if ($_GET['id'] != "")
>>>>>{ $article="$id.php";
>>>>> if (file_exists($article)) { include $article; }
>>>>> else { echo "The article you've requested does not exist!"; }
>>>>>}
>>>>>else {
>>>>>echo "No article selected";
>>>>>}
>>>>
>>>>you hint that the id must always be an integer.... so sanitize your data as such.
>>>>to avoid nasty things happening, try like so:
>>>>
>>>>if ($cleanID = intval( $_GET['id'] )) {
>>>> $article = "$cleanID.php";
>>>> if (file_exists($article)) {
>>>> include $article;
>>>> } else {
>>>> echo "The article you've requested does not exist!";
>>>> }
>>>>} else {
>>>> echo "No article selected";
>>>>}
>>>>
>>>>
>>>>
>>>>
>>>>>This works fine, except that when the url is www.mysite.com/index.php
>>>>>I get the following error...
>>>>>
>>>>>Notice: Undefined index: id in
>>>>>/home/5217/tomchubb/public_html/index.php on line 14
>>>>>No article selected
>>>>>
>>>>>I kmow this will disappear when I turn off error reporting, but how
>>>>>can I suppress it properly?
>>>>>
>>>>>
>>>>>On 31/07/05, Edward Vermillion <evermillion@doggydoo.net> wrote:
>>>>>
>>>>>
>>>>>
>>>>>>Tom Chubb wrote:
>>>>>>
>>>>>>
>>>>>>
>>>>>>>I am trying to create my own news system and to start with I'm using
>>>>>>>static news pages until I get the db working properly.
>>>>>>>I'm using the following code:
>>>>>>>
>>>>>>><?php
>>>>>>>if(!isset($_GET['id']))
>>>>>>>{ $article="$id.php"
>>>>>>> if (file_exists($article)) { include $article; }
>>>>>>> else { echo "The article you've requested does not exist!"; }
>>>>>>>}
>>>>>>> else { echo "You did not select an article"; }
>>>>>>>?>
>>>>>>>
>>>>>>>I am testing using the following links...
>>>>>>>
>>>>>>>www.myurl.co.uk/index.php
>>>>>>>www.myurl.co.uk/index.php?id=1
>>>>>>>www.myurl.co.uk/index.php?id=2
>>>>>>>
>>>>>>>When I try the first one, I'd expect it to say you did not select an
>>>>>>>article, but it says
>>>>>>>
>>>>>>>
>>>>>>>Notice: Undefined variable: id in
>>>>>>>/home/5217/tomchubb/public_html/index.php on line 15
>>>>>>>The article you've requested does not exist
>>>>>>>
>>>>>>>
>>>>>>>When I try the third link, I would expect it to say The article
>>>>>>>you've requested does not exist! but it says:
>>>>>>>
>>>>>>>Parse error: parse error in /home/5217/tomchubb/public_html/index.php on line 16
>>>>>>>
>>>>>>>Lines 15 & 16 are:
>>>>>>>if (file_exists($article)) { include $article; }
>>>>>>>else { echo "The article you've requested does not exist!"; }
>>>>>>>
>>>>>>>I don't understand why this isn't working and I've tried looking into
>>>>>>>this for 2 hours!
>>>>>>>Can anyone tell me where I'm going wrong please?
>>>>>>>
>>>>>>>Thanks,
>>>>>>>
>>>>>>>Tom
>>>>>>
>>>>>>What I notice is that the first error says it's on line 15, then you
>>>>>>give lines 15 and 16 in the second example but line 15 doesn't have "id"
>>>>>>in it. Are you sure your looking at the right lines? Try posting the
>>>>>>whole script and maybe someone can catch the problem.
>>>>>>
>>>>>
>>>>>
>>>>>
>>>
>>
>
>
[Back to original message]
|