Understanding PHP Strict - why should I care?

In a re开发者_运维百科cent question I posted I describe how I developed a site on my local server and everything was working fine. Then after deploying it live I was getting errors because of the use of undefined variables. Mainly due to situations like the following...

if($var!=""){...}

I know I should use PHP strict and fix all of the errors based on the responses I got on my last question.

Now I want to know... why? What vulnerabilities may be created by leaving such code? I want to be able to justify to others why the errors need to be fixed.

---

The purpose of E_STRICT messages is:

to have PHP suggest changes to your code which will ensure the best interoperability and forward compatibility of your code.

^{Source: Error Handling Constants}

---

In this case, it's because the behaviour won't be predictable.

If your variable is not defined, your condition could be true or wrong, randomly.

---

if (isset($var) and $var != "")

or:

if(strlen($var) > 0)

---

Reminder isset function accept multiple variable while empty does not.

if(isset($var_1, $var_2) && !empty($var_1) && !empty($var_2)){
  // code
}