Undefined Index

[Geates]

I just got PHP 5 working with IIS7. I'm getting an "Undefined Index" error when the script references $_GET['dir']. Obviously, the error indicates that the index 'dir' is undefined in the GET verb. Defining the index resolves the problem - I have never had to do this in the past. It seems apparent to me that I've overlooked a PHP/IIS7 configuartion setting for strictness. Any idea?

-Geates

 

[jpadie]

@Geates

the issue is vanishingly unlikely to have anything to do with system architecture. purely and simply the issue of E_NOTICE is a configuration option. in your previous installs you will have suppressed the error and/or not reported on it. in your current install, you are not doing so.

that's all there is to it.

@all:
the discussion on good coding practice: whilst i agree with all the posters; it does not seem apposite to the OP's question which relates to why he is suddenly seeing a change in behaviour.

 

[Geates]

In the end, jpadie, you were right. I run Windows 7 x64 and manually installed PHP. I forgot to set the "Path" enrivonmental variable to include "C:\php".

-Geates

 

[vacunita]

the discussion on good coding practice: whilst i agree with all the posters; it does not seem apposite to the OP's question which relates to why he is suddenly seeing a change in behaviour.

True, but are we not here to help people out? It seems quite irresponsible to not address the root cause of the issue. Instead of just helping to hide it from view.

Which down the line may come back to bite the user.






----------------------------------
Phil AKA Vacunita
----------------------------------
Ignorance is not necessarily Bliss, case in point:
Unknown has caused an Unknown Error on Unknown and must be shutdown to prevent damage to Unknown.

 

[jpadie]

True, but are we not here to help people out?

yes, we are, I agree but the OP made it clear he was not looking for advice on coding practice and we agree, i assume, that we should treat people like adults! ;-)

 

[IPGuru]

these threads are not just read by the OP but by many prople who have similar problems or are juust looking for guidance

I know that my coding style has changed dramaticaly thanks to responses given here that were not always directly related to the original post.

 

[jpadie]

then, for those other readers, here are some quotes from the php manual

It is not necessary to initialize variables in PHP however it is a very good practice. Uninitialized variables have a default value of their type depending on the context in which they are used - booleans default to FALSE, integers and floats default to zero, strings (e.g. used in echo()) are set as an empty string and arrays become to an empty array.

Relying on the default value of an uninitialized variable is problematic in the case of including one file into another which uses the same variable name. It is also a major security risk with register_globals turned on. E_NOTICE level error is issued in case of working with uninitialized variables, however not in the case of appending elements to the uninitialized array. isset() language construct can be used to detect if a variable has been already initialized.

personally, I habitually use empty() rather than isset unless it is possible (or if I care) that the variable may be instantiated but zero, a zero length string or set to false.

secondly, since register_globals is now turned off by default, the core security risk in unitialised variables should now be immunised.

In PHP 4 and PHP 5 the default value is E_ALL & ~E_NOTICE. This setting does not show E_NOTICE level errors. You may want to show them during development.

Note: Enabling E_NOTICE during development has some benefits. For debugging purposes: NOTICE messages will warn you about possible bugs in your code. For example, use of unassigned values is warned. It is extremely useful to find typos and to save time for debugging. NOTICE messages will warn you about bad style. For example, $arr[item] is better to be written as $arr['item'] since PHP tries to treat "item" as constant. If it is not a constant, PHP assumes it is a string index for the array.

 

[DonQuichote]

secondly, since register_globals is now turned off by default, the core security risk in unitialised variables should now be immunised.

If you install PHP yourself, this is true. However, lots of providers put it back on to prevent users whining about some really insecure application that will not run without it. So if your provider is one of them, or if you are writing a piece of code that could be run on such a server, you should be very careful about uninitialized variables.


+++ Despite being wrong in every important aspect, that is a very good analogy +++
Hex (in Darwin's Watch)

 

[jpadie]

'immunised' ... not cured!
perhaps i should have said inoculated (but i wasn't sure of the spelling!)

DQ: you are, of course, wholly correct.