#1
  1. No Profile Picture
    Dazed&Confused
    Devshed Novice (500 - 999 posts)

    Join Date
    Jun 2002
    Location
    Tempe, AZ
    Posts
    506
    Rep Power
    128

    For the simple things: @ or condition?


    Just looking for folks' opinions.

    I've long used the following syntax for picking up potentially undefined keys:

    PHP Code:
    $foo = isset($_REQUEST["foo"]) ? $_REQUEST["foo"] : "default"
    Today I became tempted by a shorter syntax:
    PHP Code:
    $foo = ($_REQUEST["foo")?:"default"
    But obviously that'll still throw a notice if "foo" isn't defined, so:
    PHP Code:
    $foo = @($_REQUEST["foo")?:"default"
    And thus I began to wonder: just how bad is using @ generally considered to squelch errors?

    There are definitely places I've seen it used that I would never use it, such as on function calls with a lot of logic behind them and a lot of very valid and important potential errors. Those shouldn't just be ignored.

    But what about for things that you *know* the error conditions are limited and functionally painless?

    Acceptable?
  2. #2
  3. Sarcky
    Devshed Supreme Being (6500+ posts)

    Join Date
    Oct 2006
    Location
    Pennsylvania, USA
    Posts
    10,908
    Rep Power
    6351
    Always do it properly, and never ignore errors.
    HEY! YOU! Read the New User Guide and Forum Rules

    "They that can give up essential liberty to obtain a little temporary safety deserve neither liberty nor safety." -Benjamin Franklin

    "The greatest tragedy of this changing society is that people who never knew what it was like before will simply assume that this is the way things are supposed to be." -2600 Magazine, Fall 2002

    Think we're being rude? Maybe you asked a bad question or you're a Help Vampire. Trying to argue intelligently? Please read this.
  4. #3
  5. --
    Devshed Expert (3500 - 3999 posts)

    Join Date
    Jul 2012
    Posts
    3,959
    Rep Power
    1014
    Hi,

    this is not as bad as the typical (mis)uses of the @ operator, but it's still a hack, don't you think?

    Personally, I prefer clarity and readability over saving a few characters. The first variant is clear: Everybody can understand it immediately. The second variant is rather obscure. Also note that it will apply the default value in case of a falsy value (0, 0.0, '', false, ...).

    The thing is: You write your code once, but it usually gets read many times (unless you're programming just for fun without anybody else involved). This means fancy shortcuts usually don't pay off. You may save 2 seconds while you write a code, but 10 people (or whatever) each lose 5 seconds trying to figure out what the f*** this does.
    Last edited by Jacques1; June 17th, 2013 at 01:58 PM.
    The 6 worst sins of security ē How to (properly) access a MySQL database with PHP

    Why canít I use certain words like "drop" as part of my Security Question answers?
    There are certain words used by hackers to try to gain access to systems and manipulate data; therefore, the following words are restricted: "select," "delete," "update," "insert," "drop" and "null".
  6. #4
  7. Did you steal it?
    Devshed Supreme Being (6500+ posts)

    Join Date
    Mar 2007
    Location
    Washington, USA
    Posts
    14,056
    Rep Power
    9398
    If it's at all possible to check for the error condition, do it.
    * Not sure if a GET variable is present? isset()
    * Not sure if a file exists? file_exists()
    * File is readable or writable? is_readable() and is_writable()

    There is exactly one circumstance where I would use a @ and that's because there is no reasonable way to check for the error condition: getimagesize() to determine if a file is an image.
  8. #5
  9. Sarcky
    Devshed Supreme Being (6500+ posts)

    Join Date
    Oct 2006
    Location
    Pennsylvania, USA
    Posts
    10,908
    Rep Power
    6351
    You can even solve the getimagesize problem with either finfo_fopen() or mime_content_type(), but both require you to hand-code all possible image types rather than relying on the library to figure it out.

    Comments on this post

    • requinix agrees : and/or need server-level configuration to set up. yeah, no thanks
    HEY! YOU! Read the New User Guide and Forum Rules

    "They that can give up essential liberty to obtain a little temporary safety deserve neither liberty nor safety." -Benjamin Franklin

    "The greatest tragedy of this changing society is that people who never knew what it was like before will simply assume that this is the way things are supposed to be." -2600 Magazine, Fall 2002

    Think we're being rude? Maybe you asked a bad question or you're a Help Vampire. Trying to argue intelligently? Please read this.
  10. #6
  11. No Profile Picture
    Dazed&Confused
    Devshed Novice (500 - 999 posts)

    Join Date
    Jun 2002
    Location
    Tempe, AZ
    Posts
    506
    Rep Power
    128
    Originally Posted by ManiacDan
    Always do it properly, and never ignore errors.
    Depends what you consider an error. Even PHP sees those as just Notices and, by default, wouldn't even report them. I just prefer to have them reported on to help ensure every anomaly is accounted for.

    That said, I wouldn't consider this ignoring anything either. Turning Notice reporting off altogether would be ignoring it. I'm explicitly choosing to accept that the error can occur and let it happen without explicit prevention.

    Similarly, there have been times I've chosen to do nothing after catching an exception because the failure doesn't impact the overall business logic.

    Originally Posted by Jacques1
    Also note that it will apply the default value in case of a falsy value
    Ah, good catch. I'd missed that. Back to the original syntax then...

    You write your code once, but it usually gets read many times (unless you're programming just for fun without anybody else involved). This means fancy shortcuts usually don't pay off.
    It's actually the readability of the code that I was considering. When I have a line per passed variable that can easily add up to many lines--especially for form ingestion. The original syntax makes lines roughly twice as long and makes for a very blocky segment of code that can be hard to wade through when reading.
  12. #7
  13. No Profile Picture
    Lost in code
    Devshed Supreme Being (6500+ posts)

    Join Date
    Dec 2004
    Posts
    8,317
    Rep Power
    7170
    Using the error suppression operator is also a lot less efficient than using an isset or empty statement because PHP still has to invoke its error handling code when you use the error suppression operator even if all the error handling code does is ignore the error.
    PHP FAQ

    Originally Posted by Spad
    Ah USB, the only rectangular connector where you have to make 3 attempts before you get it the right way around

IMN logo majestic logo threadwatch logo seochat tools logo