Home/ Questions/Q 933101
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-05-15T20:46:35+00:00

dispatch_address_postcode isn’t mandatory and it will still run even if it’s blank: if (!is_null($_POST[‘personal_info_first_name’])

  • 0

dispatch_address_postcode

isn’t mandatory and it will still run even if it’s blank:

if (!is_null($_POST['personal_info_first_name']) && 
    !is_null($_POST['personal_info_surname']) && 
    !is_null($_POST['personal_info_email']) && 
    !is_null($_POST['personal_info_telephone']) && 
    !is_null($_POST['dispatch_address_country']) && 
    !is_null($_POST['dispatch_address_first_name']) &&
    !is_null($_POST['dispatch_address_surname']) && 
    !is_null($_POST['dispatch_address_address']) && 
    !is_null($_POST['dispatch_address_town']) && 
    !is_null($_POST['dispatch_address_postcode']) && 
    !is_null($_POST['dispatch_address_county']) && 
    (   ($_POST['payment_method'] == "Pay by credit card.") ||
        (
            ($_POST['payment_method'] == "Pay by new credit card.") && 
            !is_null($_POST['card_number']) && 
            !is_null($_POST['expiration_date']) && 
            !is_null($_POST['security_code'])
        )
    )
)

What gives?

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    dispatch_address_postcode isn’t mandatory and it will still run even if it’s blank…”

    Just look at that sentence again. If the field is not mandatory, it is perfectly okay if the code runs if the field is blank. If a field isn’t mandatory, don’t test it as mandatory.

    The real problem is though, is_null only tests if the variable is null. POSTed values will never be null, if they’re empty they will be '' (an empty string). All your !is_null tests will always be true, and you will get a warning if the variable isn’t set (something you don’t want to happen). The more appropriate test would be !empty.

    Even more appropriate tests would include a test if the value appears to be valid (does email look like an email address, does telephone have at least x digits in it?). You should also loop through the fields to make your code more readable, endless nested and chained if conditions are no joy to look at.

    $mandatoryFields = array('foo' => 'email', 'bar' => 'telephone');

foreach ($mandatoryFields as $field => $rule) {
    if (empty($_POST[$field]) || !validateByRule($_POST[$field], $rule)) {
        raiseHell();
    }
}
    • 0