Reputation: 1288
How to find undefined variables in a PHP script
Suppose we have following function in PHP:
public function testSomething()
{
$name = perform_sql_query("SELECT name FROM table WHERE id = $entity_id;");
assert($name == "some_name");
}
The query is syntactically correct, but since $entity_id is undefined - the query will always search for 'id = 0', which is semantically incorrect.
I would like such functions to fail automatically, when they try to use an undefined variable. Is there such a mechanism in PHP? Or maybe there is some tool, that can be used to analyze PHP source code to find such cases?
Those undefined variables can occur anywhere in the project, so correct the decision will be to check function arguments in every function.
Setting an error handler helped. Now anytime an uninitialized variable is used, an exception is thrown.
Upvotes: 3
Views: 4299
Answers (6)
Reputation: 75784
PHP has several severity levels in script errors. You can define what the interpreter should consider an error: Either use the function error_reporting() or set the php.ini-directive with the same name for that purpose.
Here is an example for configuring PHP to report anything which might lead to errors (this can lead to quite a lot of messages, if you are setting it for the first time, but fixing these errors will give you a much more stable application):
# In your PHP script:
error_reporting(E_ALL | E_STRICT);
# Or in your php.ini file:
error_reporting = E_ALL | E_STRICT
Upvotes: 6
Reputation: 19325
One issue to consider is that for a live site, you may not want users to see errors and warnings. Some web-hosts provide an error.log file which logs PHP errors. Here's a custom error handler for live sites:
function log_error($no, $msg, $file, $line)
{
$errorMessage = "Error no $no: $msg in $file at line number $line";
file_put_contents("errors_paypal.txt",$errorMessage."\n\n",FILE_APPEND);
}
set_error_handler('log_error');
The great thing about this is that you can format it and dump various information you want.
Upvotes: 2
Reputation: 272436
Set error reporting to E_ALL in your PHP applications by using:
error_reporting(E_ALL);
Or by setting appropriate values for the error_reporting variable in file php.ini or .htaccess. This allows you to catch all errors, including those related to undefined variables.
- Set up the PHP error_log in your development environment and inspect it carefully during development stages.
Lastly, for the above mentioned code, include all common sense error handling in the "perform_sql_query" function. Your perform_sql_query function is probably a wrapper over the mysql_query function, so check for errors generated by mysql_query (and similar) functions.
Upvotes: 1
Reputation: 10043
I normally check if my values are null within my function. You can use isset() and also if it's a empty string, using something like below:
public function testSomething()
{
if(!empty($entity_id)){
$name = perform_sql_query("SELECT name FROM table WHERE id = $entity_id;");
assert($name == "some_name");
return true;
}
return false;
}
I would also set the error reporting using the below line:
error_reporting(E_ALL | E_STRICT);
Upvotes: 2
Reputation: 301135
If you turn on all warning and notices, evaluating that string should throw you an error message.
Also, it will evaluate to invalid SQL (it will be id= not id=0), so your perform_sql_query should be reporting that also.
Upvotes: 2
Related Questions
- How to tell whether a variable is null or undefined in php
- Check if a variable is undefined in PHP
- Best practice for checking for undefined php variables?
- How to PHPUnit test for general errors like "undefined index"
- PHP - determine whether the variable is undefined or NULL
- How to check if any variables are set?
- how to test if variables exists in function with phpunit
- How to check do variable is initialized
- php check if an instance variable is declared but not assigned
- Writing tests with unknown variables