Well I guess I could clarify things a bit further.
If you code bad, like I realise I have been doing, (I have spent almost every day and evening of the last two weeks reading about code design and such) you might happen to do things in an include script without triggering it with a call from the surrounding script (is there a term for that?). If these actions perform anything that has to do with POST or GET data, things (database) might get trashed up. Instead of spending time to set up rules about where POST & GET comes from, what things they contain and all that, I have been lazy and made an in system validation procedure at the top of each include.
Yeah, I know. If nothing is performed at include time, there would only be a blank page for the user. Correct and a better design.
And, Yeah, I know, sensitive stuff should go outside the web directory. But when making a distributable php application one might choose a more convenient (lazy) way to place certain include files. (I can feel it coming... don't hit me!).
This kind of checking from within the include file itself whether the include has been performed correctly is also done in phpbb.
Check it out. There is where I saw that kind of validation the first time, and since it was so simple I liked it. If the constant is not defined, execution aborts before doing anything.
By replacing
if (!isdefined('IN_MY_SYSTEM')) exit;
with
isdefined('IN_MY_SYSTEM') or exit;
one can shorten it down a bit.
By reading BDKR's reply posts I see that this kind of coding is a little special. Maybe I am doing something so unusual that poeple think there is something wrong with that code when they read it. But I like the very short form of validation. I am asking you:
Can it get shorter?
Are there any technical reasons why I shouldn't do it? (hidden system errors that takes time or something. I guess you really have to know the Zend engine well to be able to answer this question.)
Every time you use a function that returns a value without using its result, you do what .... Let me show you with some examples:
Code: Select all
<?php
function echoAndReturnVal(){
echo "funny feeling!";
return rand(0,100);
}
// here, we call function that returns value. But we don't care about the result.
// Thus, the returned value just "disappears".
echoAndReturnVal();
//and here, we do kind of the same thing, except for that a lonely variable is not executing anything
$aVariable;
//since boolean evaluation goes from left to right the following is true for the following expression:
$bool1 or functioncall();
// if $bool1 is false, the "or" causes the program to also evaluate functioncall(), wich can perform any action, including "exit;"
// but if $bool1 is true, the program does not look at what's to the right of "or".
//Thus!
isdefined('IN_MY_SYSTEM') or exit;
//...causes the include file to exit if that constant is not defined.
// So, the constant needs to be defined before the include script is included.
?>