Search the Community

I have a question related to the scope of a conditional and what would be the best practice. A few threads away some user asked what happens when updates a record and using the "mysqli_stmt_affected_rows" to check if the record was updated or not, as well as the update is not mandatory, will return "0" if the user do not change anything. Another member gave a book answer: if (mysqli_affected_rows ($dbc) == 1) { // If it ran OK echo "Password Updated"; } elseif (mysqli_affected_rows ($dbc) === 0) { // use three equal signs so there is no confusion with a false return echo "Password unchanged because it was the same as on record"; } elseif (mysqli_affected_rows ($dbc) == -1) { // update query failed echo "Oopsie! System error."; } (I am using prepared statements, but the idea is the same). Now I would be tempted to say that I am interested to catch the error, so I would rather reduce the code to: if (mysqli_affected_rows ($dbc) >= 0) { // updated or canceled } elseif { // system error } Or even better, I would prefer to eliminate as much as possible unnecessary accolades and do just the check for the error and leave the rest of the code flow naturally. If there is no error, it will execute, otherwise what is between the accolades will execute and will probably be an exit() so it will not spill outside the conditional. if (mysqli_affected_rows ($dbc) < 0) { // do something when error occurs... exit(); } I found it more readable this way and in OOP I would probably use try-catch in a quite similar manner I guess. I am wondering if this is a good practice or not as some may argue that it makes more sense to keep everything within the scope, in this case, the conditional statement. The question may be well generalized. For example if the user is logged-in we check for a session value, like the email in your examples. Wouldn't be easier instead of something like if(userAuthenticated){ // do what is supposed to do } else{ // throw error } to check for the error only. if(! userAuthenticated){ // throw error } // do what is supposed to do Now it probably works either way, what I am asking is what is the best practice under the circumstances? A few moths ago I was asking a similar question regarding the validation and an user replied that changing the type of a variable is bad practice and it should be value or NULL, TRUE or FALSE. Now the code written at the beginning of your book use this practice of changing the type of a variable. You first declare it FALSE, than if it pass the validation you give the variable the value from the form. Later in the book, you are using an error_array() to catch the errors, than check if this is empty before moving forward. It works either way, but if it's agreed that it is bad practice to change the type of a variable than the second way of doing things is appropriate, even if the first one works (and I personally, using a ternary operator) I found it much easier to use, read, understand). Related to the same issue, I noticed that some programmer open the database connection at the beginning of the script/page and perform cleaning, like mysqli_free_result($query) and mysqli_close($database) even bellow the tag. Something like: mysqli_free_result($q); mysqli_close($dbc); ?> I can clearly see it is easier this way (probably they are using some automated method of generating pages), but I am wondering if it's correct (I guess not). If you insert data into the database, let's say, if it's a success you will redirect the user to the next page; if there is an error you redirect it to an error page (like the code from beginning). Either way the code will not get to the end of the page to perform the cleaning. This happen in some of your examples as well, even if you do not place it at the end of the page, but in the context of "success operation" branch of conditional. On short, most of your examples contain something similar to this: if (mysqli_affected_rows ($dbc) == 1){ // do something } else { // error header("Location: error.php"); exit(); } Here I have two questions: if the code executes the redirect, why it reads the next line with exit()? Second question, why don't we treat the "error" part of the branch in the same way we treat the "success" one? Why we do not perform the cleaning before exit() statement as well? I assume closing the database connection and freeing the query are optional? else { // error mysqli_free_result($q); mysqli_close($dbc); header("Location: error.php"); exit(); }