I have included error_reporting(E_ALL) in my system. I want to write a better code. I am wondering between this two options.
Should I declare absolutely all variables before insert/update (I have a lot of it)?
$name = isset($_POST['name']) ? $_POST['name'] : '';
...
$insert = $dbh->prepare('INSERT INTO table_name (name, ...) VALUES (?, ...)');
$insert->execute(array($name, ...));
Or I can quote each variable in the insert/update.
$name = $_POST['name'];
...
$insert = $dbh->prepare('INSERT INTO table_name (name, ...) VALUES (?, ...)');
$insert->execute(array("$name", ...));
With the second option of course I receive a notice for undeclared variable but I save the load for the ternary check (I add quotes in the insert/update for each variable but this is smaller load compared with the ternary check). With this quotes if the variable is undeclared I insert empty string. After setting the variables I just insert/update, I don't use it for anything else.
I guess the first option is better but a bit slower. I just want an additional opinion.
Why send an aditional query when we don't need?
actually when you haven't
$_POST['s_id']you don't need to send query, so you can like this, and you'll never receive a notice message, and your queries will optimizied.