Peter Jay Salzman wrote:
Slightly off topic, I apologise.

Yeah, you should ask this on

Total newbie.  In many php DB tutorials I've seen, it's recommended to set
register_globals off, and error reporting to E_ALL.

Good recommendations. Setting the error reporting to E_ALL is for when you are developing your application. You'd want to turn off error reporting (and log them to a file, for example) when it goes live.

When I looked at my system, register_globals was enabled and error reporting
was set to E_FATAL.  I changed them to the suggested values (off and E_ALL),
and all hell broke loose.  Clearly, I must not be very good at PHP yet.  ;)

First question:

register_globals is a matter of security, so that's definitely valuable to
turn off.

In your case, being a new programmer, yeah it's better to have it off. Note that having register globals ON makes it easier for you to introduce security issues into your code, especially if you're new. You can program security with it ON or OFF, it just takes some experience.

> Is setting error reporting really useful if my aim is to become a
better PHP programmer?

It is in my opinion. It'll help you during development to debug your code.

I'm wondering whether it's useful for a scripting language, like PHP, to
warn me when I use code like:

if ( $_REQUEST['action'] == 'foo' ) do_something;

when I don't access the URL with a "?action=foobar" type request.

In that specific example it may not be helping a lot. That's because you know what's going on, though and you know why the value isn't defined. What if you're doing something like


though. You're 100% sure $something is set to a known value so if it really wasn't (for whatever reason), without error reporting telling you it's undefined, you'd probably waste time troubleshooting something else. Just one example, but either way it's going to help.

If being compulsive is good for me, what's the best way of handling
something like above?   From browsing, I've thought of a few ways,
like a "controlled" suspension of compulsion:

if ( @ $_REQUEST['action'] == 'foo' ) do_something;

or, lord forbid:

   if ( isset($_REQUEST['action']) && $_REQUEST['action'] == 'foo' )

Why "lord forbid"? This is how you should do it. I mean, since you do know what the issue is here, you could use the first method if you're afraid of isset() or something. I do it the second way, but yeah, it's personal preference.


---John Holmes...

Amazon Wishlist:

php|architect: The Magazine for PHP Professionals –

PHP Database Mailing List (
To unsubscribe, visit:

Reply via email to