RE: [PHP] Warning: Division by zero
It's always better to validate your inputs in any was possible, this helps prevent exploits. -Original Message- From: Gary [mailto:gwp...@ptd.net] Sent: Thursday, April 30, 2009 8:51 AM To: php-general@lists.php.net Subject: [PHP] Warning: Division by zero I have a script that is a result of data entered in a form On the script (when I test without data entry), I am getting a warning that Warning: Division by zero in .inc.php on line 15. The warning is correct, however the viewer cannot access the second script without entering the data that would cancel the warning. Is this something I should worry about? or would it be better to right in an isset? I'm sorry if this does not seem clear. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Warning: Division by zero
I have a script that is a result of data entered in a form On the script (when I test without data entry), I am getting a warning that Warning: Division by zero in .inc.php on line 15. The warning is correct, however the viewer cannot access the second script without entering the data that would cancel the warning. Is this something I should worry about? or would it be better to right in an isset? Well, just as a general rule, you'll want to validate all possible user input. That includes checking whether or not particular input has been defined, whether or not it is valid for it's intended use and whether or not it's malicious. Applying that guideline to your situation, I would check to see if: * the input is set * the input is numeric If either or those are not true, I would default the value to 1 since division is being used. e.g., $iVar = 1; if(( isset( $_REQUEST['MY_NUMBER'] ) ( is_numeric( $_REQUEST[MY_NUMBER']))) { $iVar = $_REQUEST['MY_NUMBER']; } $iCalculatedValue = $x / $iVar; thnx, Christoph -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Warning: Division by zero
Thanks for your response. The error I am getting is when I am defining a variable. (line 15) $percent_difference=($assess_difference)/($assess_value); Does this make a difference? Thanks again for all your help. Gary Christoph Boget christoph.bo...@gmail.com wrote in message news:540509760904300600i7af94667w6bad30ed068d1...@mail.gmail.com... I have a script that is a result of data entered in a form On the script (when I test without data entry), I am getting a warning that Warning: Division by zero in .inc.php on line 15. The warning is correct, however the viewer cannot access the second script without entering the data that would cancel the warning. Is this something I should worry about? or would it be better to right in an isset? Well, just as a general rule, you'll want to validate all possible user input. That includes checking whether or not particular input has been defined, whether or not it is valid for it's intended use and whether or not it's malicious. Applying that guideline to your situation, I would check to see if: * the input is set * the input is numeric If either or those are not true, I would default the value to 1 since division is being used. e.g., $iVar = 1; if(( isset( $_REQUEST['MY_NUMBER'] ) ( is_numeric( $_REQUEST[MY_NUMBER']))) { $iVar = $_REQUEST['MY_NUMBER']; } $iCalculatedValue = $x / $iVar; thnx, Christoph -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Warning: Division by zero
The error I am getting is when I am defining a variable. (line 15) $percent_difference=($assess_difference)/($assess_value); Does this make a difference? No, it doesn't make a difference. The simple fact is that $assess_value is either undefined or has been set to 0 at some point. For it's use in the above equation, neither case is valid. Consequently, you really should be doing some validation at some point prior to that line. thnx, Christoph -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php