Results 1 to 8 of 8

Thread: isset problem

  1. #1

    Thread Starter
    Hyperactive Member
    Join Date
    Sep 2004
    Posts
    447

    isset problem

    Why is it that I got this message:
    Fatal error: Can't use function return value in write context in \create_wlc.php on line 49
    PHP Code:
    if(!isset(mysql_escape_string($_GET["book"]))){ 
    Compare bible texts (and other tools):
    TheWheelofGod

  2. #2
    Frenzied Member TheBigB's Avatar
    Join Date
    Mar 2006
    Location
    *Stack Trace*
    Posts
    1,511

    Re: isset problem

    Quote Originally Posted by PHP.net
    isset() only works with variables as passing anything else will result in a parse error.
    'mysql_escape_string' is a function and return values are apparently not accepted by 'isset'.
    You may want to use the 'emtpy' function instead of 'isset', or drop the 'mysql_escape_string'.
    Delete it. They just clutter threads anyway.

  3. #3
    Fanatic Member
    Join Date
    Jun 2008
    Posts
    1,023

    Re: isset problem

    also you should take a look at this

  4. #4

    Thread Starter
    Hyperactive Member
    Join Date
    Sep 2004
    Posts
    447

    Re: isset problem

    Quote Originally Posted by Justa Lol View Post
    also you should take a look at this
    So I should use this instead:
    mysql_real_escape_string()

    and the Empty function?
    Compare bible texts (and other tools):
    TheWheelofGod

  5. #5
    Junior Member
    Join Date
    Jan 2011
    Posts
    18

    Re: isset problem

    I should use this?
    if(!isset($_GET["book"])){

    why you use mysql_real_escape_string()?

  6. #6

    Thread Starter
    Hyperactive Member
    Join Date
    Sep 2004
    Posts
    447

    Re: isset problem

    Quote Originally Posted by Yearupie View Post
    I should use this?
    if(!isset($_GET["book"])){

    why you use mysql_real_escape_string()?
    What should be used to avoid being hacked?
    Compare bible texts (and other tools):
    TheWheelofGod

  7. #7
    PowerPoster Nightwalker83's Avatar
    Join Date
    Dec 2001
    Location
    Adelaide, Australia
    Posts
    13,344

    Re: isset problem

    Quote Originally Posted by Yearupie View Post
    why you use mysql_real_escape_string()?
    You might want to read the php manuals explanation.
    when you quote a post could you please do it via the "Reply With Quote" button or if it multiple post click the "''+" button then "Reply With Quote" button.
    If this thread is finished with please mark it "Resolved" by selecting "Mark thread resolved" from the "Thread tools" drop-down menu.
    https://get.cryptobrowser.site/30/4111672

  8. #8
    Frenzied Member TheBigB's Avatar
    Join Date
    Mar 2006
    Location
    *Stack Trace*
    Posts
    1,511

    Re: isset problem

    Quote Originally Posted by gilgalbiblewhee View Post
    What should be used to avoid being hacked?
    Well, the way you are trying it now doesn't prevent anything.
    Assuming you will eventually need the value of $_GET['book'], try this:
    Code:
    $currentBook = mysql_real_escape_string($_GET['book']);
    if(!empty($currentBook)){
        // we got 'valid' input
    }
    Sure you could use your original method with empty instead of isset, but you would eventually need to use mysql_real_escape_string() again when you want the value of 'book'.

    Also if 'book' is an integer, you could use an (int) cast instead of mysql_real_escape_string().
    Delete it. They just clutter threads anyway.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  



Click Here to Expand Forum to Full Width