2

Is there any simpler format for the following if statement below?

if((!empty($_SESSION['email'])) && (!empty($_SESSION['serial'])) && (!empty($_SESSION['name'])) && (!empty($_SESSION['number'])) && (!empty($_SESSION['institution'])) && (!empty($_SESSION['address'])) && (!empty($_SESSION['item2']))){ 
    echo "OK u can proceed";
} else {
    echo "U didn't complete the requested info";
}

Sorry if this is too simple for you, but really appreciate any pro suggestion.

mickmackusa
  • 43,625
  • 12
  • 83
  • 136
P. Lau
  • 165
  • 1
  • 11
  • 1
    Why don't you just have a `!empty($_SESSION); ` – Rotimi Nov 18 '17 at 10:36
  • This isn't equivalent, @Akintunde. What if there's some more information in `$_SESSION`? It won't be empty, but maybe the required values are. – Jordi Nebot Nov 18 '17 at 10:39
  • I tried !empty($_SESSION), it didn't work like what I expect. I think it means : as long as it is not empty, even 1 out of 10 parameters exist. But what I want is 10 out out 10 parameters must be fulfilled. – P. Lau Nov 18 '17 at 11:12
  • I should ask if you are aware of `empty()`'s assumptions about zero-ish, empty-ish values. Is there any chance that valid values will be passed via these elements that will cause an unintended failure by `empty()`? Please read the manual if you are unsure what I mean: http://php.net/manual/en/function.empty.php – mickmackusa Nov 18 '17 at 11:32

4 Answers4

2

Because conditional statement will "short circuit" on the first failure, re-writing your process using an iterator will be less performant.

If you only want to provide generalized feedback to the user, use your current method without the surplus parentheticals.

if(!empty($_SESSION['email']) &&
   !empty($_SESSION['serial']) &&
   !empty($_SESSION['name']) &&
   !empty($_SESSION['number']) &&
   !empty($_SESSION['institution']) &&
   !empty($_SESSION['address']) &&
   !empty($_SESSION['item2'])){
    // valid
}

Alternatively (same same):

if(empty($_SESSION['email']) ||
   empty($_SESSION['serial']) ||
   empty($_SESSION['name']) ||
   empty($_SESSION['number']) |
   empty($_SESSION['institution']) ||
   empty($_SESSION['address']) ||
   empty($_SESSION['item2'])){
    // invalid
}

Only if you wish to specify the cause of the invalidation should you bother to set up an iterative process. Furthermore, if you are going to perform iterations to validate, you can take the opportunity to remove any unwanted elements from the $_SESSION array that evil-doers may have injected to take advantage of any future loops on the superglobal.

$valid_keys=['email','serial','name','number','institution','address','item2'];
$validated=true; // default value
foreach($valid_keys as $key){
    if(!empty($_SESSION[$key])){
        $session_data[$key]=$_SESSION[$key];
    }else{
        echo "Oops, there was missing data on $key";
        $validated=false;
        break;
    }
}
if($validated){...
// from this point, you can confidently run loops on `$session_data` or slap it directly into a pdo call knowing that it has been validated and ordered.

All that said, if there is even the slightest chance that your $_SESSION elements could hold zero-ish/false-y/empty values, then isset() is the better call (only NULL will get caught). Another good thing about isset() is that it allows multiple variables to be written into the single call and maintains the same/intended performance.

if(isset($_SESSION['email'],$_SESSION['serial'],$_SESSION['name'],$_SESSION['number'],$_SESSION['institution'],$_SESSION['address'],$_SESSION['item2'])){
    // valid
}

or

if(!isset($_SESSION['email'],$_SESSION['serial'],$_SESSION['name'],$_SESSION['number'],$_SESSION['institution'],$_SESSION['address'],$_SESSION['item2'])){
    // invalid
}
mickmackusa
  • 43,625
  • 12
  • 83
  • 136
  • Is the 3rd method the one that can tell user which part is not completed? – P. Lau Nov 18 '17 at 12:07
  • Yes, that is the option to use if you want to be highly informative about the cause of the invalidation. There are cases when you want to be informative and cases when you want to keep this info secret for security purposes. – mickmackusa Nov 18 '17 at 12:09
1

You could build a function where you pass all the keys you want to check. I've changed $_SESSION to $SESSION to cheat the array with some values ... 

<?php

$SESSION = [
    'email' => 'xx',
    'serial' => 'xx',
    'name' => 'xx',
    'number' => 'xx',
    'institution' => 'xx',
    'address' => 'xx',
    'item2' => 'xx'
];

$keys = [
    'email',
    'serial',
    'name',
    'number',
    'institution',
    'address',
    'item2'
];

if(isNotEmpty($SESSION, $keys)) {
    echo "OK u can proceed";
} else {
    echo "U didn't complete the requested info";
}

function isNotEmpty($array, $keys) {
    foreach($keys as $key) {
        if(empty($array[$key])) {
            return false;
        }
    }

    return true;
}

PHP Fiddle

caramba
  • 21,963
  • 19
  • 86
  • 127
0

Just "mind games"

$arr = array_flip('email', 'serial', 'name','number'...);
if (count(array_filter(array_intersect_key($_SESSION, $arr))) == count($arr)) {
splash58
  • 26,043
  • 3
  • 22
  • 34
0

This is just my opinion, but I think your expression is fine. Maybe you could format it in another way to make it more readable:

if ( !empty($_SESSION['email']) && 
     !empty($_SESSION['serial']) && 
     !empty($_SESSION['name']) && 
     !empty($_SESSION['number']) && 
     !empty($_SESSION['institution']) && 
     !empty($_SESSION['address']) &&
     !empty($_SESSION['item2']) ) {

     /* Proceed */

} else {

     /* Don't proceed */

}

Or maybe use a custom validation function:

/* My original version */
function filled_required_fields($fields, $array) {
    $valid = true;
    foreach ($fields as $field) {
        $valid = $valid && !empty($array[$field]);
        if (!$valid) return false;
    }
    return $valid;
}

/* Cleaner solution based on @caramba's answer */
function filled_required_fields($fields, $array) {
    foreach ($fields as $field) {
        if (empty($array[$field])) return false;
    }
    return true;
}


if (filled_required_fields(['email', 'serial', 'name', 'number', 'institution', 'address', 'item2'], $_SESSION) {

    /* Proceed */

} else {

    /* Don't proceed */
}
Jordi Nebot
  • 3,355
  • 3
  • 27
  • 56