From 6723420421f809bba2008fec5f15bf8190216130 Mon Sep 17 00:00:00 2001
From: Andreas Gohr <andi@splitbrain.org>
Date: Fri, 19 Feb 2016 13:27:58 +0100
Subject: [PATCH] removed isset() from blank() function

As discussed in #1471, an uninitialized variable will always be
implicitly created when passed to the blank() function. Calling isset()
is thus a no-op. A warning about this behavior has been added to the
function comment.
---
 inc/common.php | 9 ++++++++-
 1 file changed, 8 insertions(+), 1 deletion(-)

diff --git a/inc/common.php b/inc/common.php
index 55916dc05..44bc1d19a 100644
--- a/inc/common.php
+++ b/inc/common.php
@@ -35,12 +35,19 @@ function hsc($string) {
  *
  * This is similar to empty() but will return false for "0".
  *
+ * Please note: when you pass uninitialized variables, they will implicitly be created
+ * with a NULL value without warning.
+ *
+ * To avoid this it's recommended to guard the call with isset like this:
+ *
+ * (isset($foo) && !blank($foo))
+ * (!isset($foo) || blank($foo))
+ *
  * @param $in
  * @param bool $trim Consider a string of whitespace to be blank
  * @return bool
  */
 function blank(&$in, $trim = false) {
-    if(!isset($in)) return true;
     if(is_null($in)) return true;
     if(is_array($in)) return empty($in);
     if($in === "\0") return true;
-- 
GitLab