"isset" not working :-(

Baby_Bean · July 19, 2017, 6:10am

Hi everyone,
A very simple code that aims to know whether value was inserted to an input field in a form is not working :-(.
In the following code, when a value is inserted to field 'A" I want ‘a’ to be echoed and if ‘b’ recieves value the program should
show ‘b’ on the display.
Whether I insert a value or weather no value is inserted at all the following program always shows shows both ‘a’ and ‘b’.
Can anyone help me with mnaking that program show ‘a’ only when ‘a’ was inserted value and ‘b’ only when be was inserted value?
[php]

<?php //myIsset.php $a = ''; $b = ''; if (isset($_GET['a'])) echo 'a
'; if (isset($_GET['b'])) echo 'b'; echo ' myIntval.php A B '; ?>

[/php]
Thanks !

benanamen · July 19, 2017, 7:19pm

Its working exactly as you wrote it. The form fields are set so it displays as you told it to. You need to learn empty

boionfire81 · July 19, 2017, 8:39pm

yeah try

[php]
if(!empty)[/php]

you technically defined ‘a’ & ‘b’ with
[php]$a = ‘’;
$b = ‘’;[/php]

on the fly, lemme try this way:

[php]
$a = “{$_GET[‘a’]}”;
$b = “{$_GET[‘b’]}”;
if(!empty($_GET[‘a’])) {
echo “{$_GET[‘a’]}”;
}
if (!empty($_GET[‘b’])) {
echo “{$_GET[‘b’]}”;
}[/php]

I’m probably the last person to talk about security, but why use $_GET? I’m more of a $_POST person myself. Looks cleaner to me.

benanamen · July 19, 2017, 9:44pm

You’re “on the fly” is no good. It assumes that $_GET is set.

I'm probably the last person to talk about security, but why use $_GET? I'm more of a $_POST person myself. Looks cleaner to me.

You do not use one over the other because of the way it looks. You use what is correct based on what you are doing. You are either getting information FROM the server, or you are putting information ON the server.

boionfire81 · July 19, 2017, 9:50pm

:o

But you know how simple find and replace is? $_GET is way more vulnerable.

And no, I did not supply the entire code :-X just a portion. But it was error checked. No errors were found in that small portion. Assuming he/she had already secured their own script, that portion should be fine.

benanamen · July 19, 2017, 10:43pm

$_GET is way more vulnerable.

No, it isn’t any more or less vulnerable to anything.

Paste this in a .php file and open the file from a server. If you don’t get errors, you don’t have error reporting turned on. Do you not even see the pointless variables for nothing you created that you do not even use?
[php]<?php
$a = “{$_GET[‘a’]}”;
$b = “{$_GET[‘b’]}”;
if(!empty($_GET[‘a’])) {
echo “{$_GET[‘a’]}”;
}
if (!empty($_GET[‘b’])) {
echo “{$_GET[‘b’]}”;
}
?>[/php]

benanamen · July 20, 2017, 12:16am

OP, this is what you would do. Learn what this code is doing.

[php]<?php
if ($_SERVER[‘REQUEST_METHOD’] == ‘POST’)
{
echo !empty($_POST[‘a’]) ? $_POST[‘a’] : ‘’;
echo !empty($_POST[‘b’]) ? $_POST[‘b’] : ‘’;
}
?>

A B [/php]