Make a difference between empty value and 0

Question

Its' about a form to enter results of a soccer tournament.

The form got the already inputed data from the db and writes it into the value argument of the html form. If the value in the db NULL so in the html i got

value=""`

It's important that games with no inputs doesn't make a change in the db so i filter it before i do the query. But now could it happen that a game ends 0 : 0 But the db won't safe that. How can i say the system its not empty/NULL it is 0?

      if(!empty($_POST[$tore_heim] OR !empty($_POST[$tore_gast]))){
         $spiele_save = "UPDATE spiele SET tore_heim = '".$_POST[$tore_heim]."', tore_gast = '".$_POST[$tore_gast]."' WHERE id_spiele = ".$spiele_id[$i]."";    
         $spiele_save = mysqli_query($con, $spiele_save);};
        };

Maybe check with `===` or `!==` operator. This will help maybe — SacrumDeus, May 09 '17 at 13:21
The simple answer is to look at the [manual for `empty()`](http://php.net/manual/en/function.empty.php) and there you will see that Zero is considered EMPTY — RiggsFolly, May 09 '17 at 13:22
Your script is at risk of [SQL Injection Attack](http://stackoverflow.com/questions/60174/how-can-i-prevent-sql-injection-in-php) Have a look at what happened to [Little Bobby Tables](http://bobby-tables.com/) Even [if you are escaping inputs, its not safe!](http://stackoverflow.com/questions/5741187/sql-injection-that-gets-around-mysql-real-escape-string) Use [prepared parameterized statements](http://php.net/manual/en/mysqli.quickstart.prepared-statements.php) — RiggsFolly, May 09 '17 at 13:23
if(!empty($_POST[$tore_heim]) OR !empty($_POST[$tore_gast]) or (isset($_POST[$tore_gast]) && $_POST[$tore_gast]==0) ){ — Sugumar Venkatesan, May 09 '17 at 13:24
@Fabrizio Cocco I think deceze answer best isset(...) && strlen(trim(...)) > 0 — Sugumar Venkatesan, May 09 '17 at 13:30

score 0 · Accepted Answer · answered May 09 '17 at 18:02

0

Thank you deceze

    if(isset($_POST[$tore_heim]) && strlen($_POST[$tore_heim]) > 0 
    OR
    isset($_POST[$tore_gast]) && strlen($_POST[$tore_gast]) > 0)

The Problem is solved!

answered May 09 '17 at 18:02

Fabrizio Cocco

171
10

score -1 · Answer 2 · answered May 09 '17 at 13:21

-1

Check if value is '0': !empty($_POST[$tore_gast])) || $_POST[$tore_gast] === '0'

answered May 09 '17 at 13:21

Justinas

41,402
5
66
96

This runs the risk of accessing an undefined index and producing a warning! It tries to access `$_POST[$tore_gast]` when it's `empty`, which could mean it either **doesn't exist** or is `0`. – deceze May 09 '17 at 13:27

score -1 · Answer 3 · answered May 09 '17 at 13:47

-1

look at this example.

function isEmpty( $variable ){

    return ( 
     !isset($_POST[$variable]) ||
     ( empty($_POST[$variable]) && $_POST[$variable] !== "0" ) 
    );

}

if ( !isEmpty($tore_heim) ){

    // run your code here...

}

answered May 09 '17 at 13:47

Akash Bose

82
1
8

Why are you testing for `empty` again when you have already established the value to be `isset`…? – deceze May 09 '17 at 13:54
because isset does not checks for space or an empty string. isset only checks if the variable is set, and then I checked if the variable does not contain any empty values. @deceze – Akash Bose May 09 '17 at 14:08
Then just use `!$variable`, it has the same outcome and doesn't use superfluous error suppression. `empty` is `isset` + `!`, you've already done the `isset`, don't (implicitly) repeat it. – deceze May 09 '17 at 14:10

Make a difference between empty value and 0

3 Answers3