loading...

re: Elegant code in PHP VIEW POST

TOP OF THREAD FULL DISCUSSION
re: Suppressing errors is really absolutely the wrong method to teach. Why not $name = $_POST['name'] ?? false;
 

DELETE AT REQUEST OF DEV.TO because apparently, it is offensive. 🤷

Problem solved.

 

Right now, I am using PHP 7.3 and it is a PITA to target most of my code to PHP 5.6

You are not, in any form, obligated to target <7.0. In fact, you're doing a disservice to a language and community by still supporting non-supported and outdated versions. And with all that legacy support baked in your code suddenly becomes much less "elegant".

For example, one problem if what if the user sends other malicious information, for example, over-flow. PHP self-protects against it (limit of the post) but what if the information will be stored in the database (even if we use prepared statements). So we must add more restriction to this value.

There are solid and proven validation libraries out there, most frameworks have them built-in. That's one of the reasons frameworks exist :)

However, and for this basic example, the code is safe.

Nope.

 

Suppressing errors, regardless of PHP version, is a practice that should not be taught! It's highly discouraged, and for a good reason.

code of conduct - report abuse