I was looking at different ways to save a user's input in a form after they refresh the browser and I came across this:
value="<?php echo @$_POST['blah'];?>">
and I have also seen it like the following:
value="<?php echo $_POST['blah'];?>">
They both appear to do the same thing. What is the significance of the @ sign prepended to the $_POST array? Is one way preferred over the other?
@ is PHP's error control operator. Basically, putting it before an expression (such as an array access or a function call) will suppress any errors that would normally be generated. Functionally, there's no difference, it's just in what warnings/notices will be generated and logged or displayed, depending on your settings.
In this case, if 'blah' is not defined in the $_POST array, the first form (with the @) won't generate a notice, whereas the second form will.
As for what's preferred, in my experience @ is generally discouraged, as is anything that just suppresses errors - better practice is to be proactive about checking for things first. Among other reasons, the PHP docs give this reason to be wary of it:
Warning: Currently the "@" error-control operator prefix will even disable error reporting for critical errors that will terminate script execution. Among other things, this means that if you use "@" to suppress errors from a certain function and either it isn't available or has been mistyped, the script will die right there with no indication as to why.
TL;DR: It suppresses errors, which is generally discouraged unless you have a good reason to do so. Better to be proactive.
The @ sign surpresses any errors thrown by the POST. For example, when its undefined, you wont receive a warning.
In Php when placing the @ is to prevent show us system errors that we have in that portion of code.
