0

I think the question is fairly self-explainatory, here's the code:

HTTP Request: localhost/execute.php?password=testing&command=create&api=api

This is part of the execution code.

try 
{
    $TFA_SAMP->createUser($_GET['email'], $_GET['cellphone'], $_GET['area_code']);
}
catch(Exception $createError)
{
    echo $createError->getMessage();
}

Here's the class method:

function createUser($email, $cellphone, $areaCode = 1)
{   
    if(!isset($email))
        throw new BadMethodCallException('(CTFA_SAMP->createUser) email ('. $email .') is missing.');
        
    if(!isset($cellphone))
        throw new BadMethodCallException('(CTFA_SAMP->createUser) cellphone ('. $cellphone .') is missing.');

    $authyLibrary = new Authy_Api($this->API, $this->connectionURL);
    $requestResult = $authyLibrary->registerUser($email, $cellphone, strval($areaCode));
    
    if($requestResult->ok())
    {
        echo $requestResult->id();
    }
    else
    {
        foreach($requestResult->errors() as $field => $message) 
            echo "$field = $message";
    }
}

The PHP pages prints:

Notice: Undefined index: email in D:\xampp\htdocs\tfasamp\execute.php on line 46

Notice: Undefined index: cellphone in D:\xampp\htdocs\tfasamp\execute.php on line 46

Notice: Undefined index: area_code in D:\xampp\htdocs\tfasamp\execute.php on line 46

(CTFA_SAMP->createUser) email () is missing.

How do I prevent PHP from giving me those notices as I am using exceptions to show them?

Community
  • 1
  • 1
GiamPy
  • 3,543
  • 3
  • 30
  • 51
  • 9
    Those aren't exeptions. They're **WARNINGS**. You also shouldn't suppress/hide them: You fix the code that's generating them. – Marc B Dec 29 '13 at 19:50
  • @MarcB I am aware of that, the thing is that I am using _exceptions_ to show invalid argument messages as you can see in the code. – GiamPy Dec 29 '13 at 19:52
  • Why do you throw these variables in exception if they are not `isset`? – str Dec 29 '13 at 19:52
  • 1
    You can use error_reporting(E_ERROR); in your script – makriria Dec 29 '13 at 19:52
  • 7
    Think of your code: You're checking if a variable exists. If it doesn't, you throw an execption, USING THE VARIABLE THAT YOU JUST CONFIRMED DOESN'T EXIST. You're also checking variables that are non-optional function parameters. By definition they'd have to be set anyways for the function call to succeed. – Marc B Dec 29 '13 at 19:53
  • @str That's right. I'll fix that. – GiamPy Dec 29 '13 at 19:54
  • possible duplicate of [PHP: “Notice: Undefined variable” and “Notice: Undefined index”](http://stackoverflow.com/questions/4261133/php-notice-undefined-variable-and-notice-undefined-index) – tereško Dec 29 '13 at 22:27

1 Answers1

4
$TFA_SAMP->createUser($_GET['email'], $_GET['cellphone'], $_GET['area_code']);
                      ^^^^^^^^^^^^^^  ^^^^^^^^^^^^^^^^^^  ^^^^^^^^^^^^^^^^^^

The non-existing variables are accessed here. Nobody cares that you're later checking for isset on completely different variables and are throwing exceptions, the problem is in the above line. You need to fix it there. For example:

$args = $_GET + array('email' => null, 'cellphone' => null, 'area_code' => null);
$TFA_SAMP->createUser($args['email'], $args['cellphone'], $args['area_code']);

Alternatively, use isset statements here and throw exceptions for missing user input.

Basically, the code which touches $_GET deals with completely unpredictable user input. That's your first line of defence in which you need to check for existing or non-existing values. You can't roll this as responsibility into code which comes later.

deceze
  • 510,633
  • 85
  • 743
  • 889