Page 1 of 1

Variables

Posted: Mon Jan 15, 2007 12:32 am
by Jim_Bo
Hi,

Is the following code bad practice:

Code: Select all

foreach($_POST as $key=>$value){
$$key = ValidateOutput($value);
}
allowing you to call on the variables with just:

$variable

rather than:

Code: Select all

foreach($_POST as $key=>$value){
$_POST[$key] = (ValidateOutput($value));
}
and calling the variables as:

$_POST['variable']


?


Thanks

Posted: Mon Jan 15, 2007 12:44 am
by Christopher
They are both essentially the same, so it depends on other factors which one you might use. The first extracts the values into the current scope which is what some template systems do. The second overwrites the original values which prevents you from accessing them -- which can be good and bad depending on need. And is it not clear what your ValidateOutput() function does. Usually you validate input based on specific rules for each variable, and then escape output depending on destination.