我注意到有一些函数,如is_int()或isset()或file_exists()或functions_exists(),它们在某种程度上非常有用.当我编写一些代码时,我总是会想到可能发生在我网站上的所有不好的事情,但有时候我遇到的问题包括:
Wait, this variable is set inside the PHP file; this means that no one could ever edit it, right? And if this “user” could edit it I would have a lot of more troubles because it would be able to manage the PHP file.
要么
Does this really worth something to keep checking for file that should exists always?
让我们考虑下面的例子,它本身没有意义,但会帮助我让你理解我在说什么.
PS:我故意夸大了代码.
config.php文件
$doActions = true;
的functions.php
function getID() {
return $_COOKIE['userid'];
}
class eye {
public static function see() {
// gain the object the user is looking at
return $object;
}
}
的index.php
class viewer {
private $poniesSeen = 0;
public function __construct() {
/* Magic ponies are created here */
}
public function sawAPony($id) {
if (file_exists('config.php')) {
if (isset($doActions)) {
if (is_bool($doActions)) {
if ($doActions) {
if (file_exists('functions.php')) {
if (function_exists('getID')) {
$id = getID();
if (!empty($id)) {
if (!is_int($id)) {
settype($id, 'int');
}
if (class_exists('eye')) {
if (method_exists('eye', 'see')) {
$o = eye::see();
if (is_string($o)) {
if ($o = 'pony') {
if (isset($this->poniesSeen) and is_int($this->poniesSeen)) {
++$this->poniesSeen;
return true;
} else {
return false;
}
} else {
return false;
}
} else {
return false;
}
} else {
return false;
}
} else {
return false;
}
} else {
return false;
}
} else {
return false;
}
} else {
return false;
}
} else {
return false;
}
} else {
return false;
}
} else {
return false;
}
} else {
return false;
}
}
}
现在,我想,应该保留哪些条件以及因为它们根本没有意义而抛弃的东西?我为什么不检查它们,我为什么要这样做?关于这种痴迷有没有一个黄金法则?