register globals off

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

Post Reply
User avatar
php3ch0
Forum Contributor
Posts: 212
Joined: Sun Nov 13, 2005 7:35 am
Location: Folkestone, Kent, UK

register globals off

Post by php3ch0 »

Hi all

is there any easier way to submit forms with register_globals off than this?

Code: Select all

$entry1 = $_POST['entry1'];
$entry2 = $_POST['entry2'];
$entry3 = $_POST['entry3'];
$entry4 = $_POST['entry4'];
$entry5 = $_POST['entry5'];
$entry6 = $_POST['entry6'];

etc...
GM
Forum Contributor
Posts: 365
Joined: Wed Apr 26, 2006 4:19 am
Location: Italy

Post by GM »

Depends what you want to do with the data, but I often use something like:

Code: Select all

foreach($_POST as $key=>$data) {
   $$key = $data;
}
This will generate a series of variables with names corresponding to your $_POST array.

Remember to clean/parse etc. too.
User avatar
php3ch0
Forum Contributor
Posts: 212
Joined: Sun Nov 13, 2005 7:35 am
Location: Folkestone, Kent, UK

Post by php3ch0 »

of course clean/parse etc

Thats just saved me loads of work. I got loads of forms all with about 20 variables.
User avatar
John Cartwright
Site Admin
Posts: 11470
Joined: Tue Dec 23, 2003 2:10 am
Location: Toronto
Contact:

Post by John Cartwright »

GM wrote:

Code: Select all

foreach($_POST as $key=>$data) {
   $$key = $data;
}
If your going for this method, then your far better to use extract() and avoid looping all together. A more recommended method is check for expected variables, usually followed with their validation rules..

I usually do something along the lines of

Code: Select all

<?php 

/** 
  * Params array
  * param name => validation pattern, required (true)/optional (false)
  */

$params = array(
   'firstname' => array('/[a-Z]+/', true),
   'lastname' => array('/[a-Z]+/', true),
   'somekey' => array('/[0-9]+/', false)
);

$validation = new Validation($params, $_POST);

if ($validation->isValid())
{
   //do some action because all required params are valid and present
}
else
{
   echo '<pre>';
   print_r($validation->getInvalidParams());
   echo '</pre>';
}

?>
the validation object looking roughly like

Code: Select all

class Validation()
{
   protected $invalid;
   protected $params;
   protected $source;

   public function __construct($params, $source)
   {
      $this->params = $params;
      $this->source = $source;
   }

   public function isValid()
   {
      if (!is_array($this->params) && !count($this->params))
      {
         throw Exception('Must supply array of required paramaters');
      }

      foreach ($this->params as $param => $rules)
      {
         if (empty($this->source[$param]) && $rules[1] == true)
         {
            array_push($this->invalid, $param);
         }
         elseif (isset($this->source[$param]) && !preg_match($rules[0], $this->source[$param]))
         {
            array_push($this->invalid, $param);
         }
      }

      return (is_array($this->params) && count($this->params) ? true : false);
   }

   public function getInvalidParams()
   {
      if (!is_array($this->params) && !count($this->params))
      {
         throw Exception('Method cannot be called unless invalid params recognized');
      }

      return $this->invalid;
   }
}
GM
Forum Contributor
Posts: 365
Joined: Wed Apr 26, 2006 4:19 am
Location: Italy

Post by GM »

Jcart wrote: If your going for this method, then your far better to use extract() and avoid looping all together.
Good stuff, thanks. I didn't know the extract() function existed!

I agree about the validation methods - I also have a Validation object that cleans input depending on the variables I'm expecting to find.
Post Reply