I'm looking for some input on a syntax choice: is there any practical advantage to using the $_POST[] array rather than import_request_variables("P","P_")? I've written most of my sites using the latter, but I've been wondering whether the former might save me some trouble. Any informed opinions out there?
Tek-Tips is the largest IT community on the Internet today!
Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!
-
Congratulations Rhinorhino on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!
Techique Q: $_POST[ ] versus import_request_variables( )
- Thread starter dspitzle
- Start date
Well, for one thing, $_POST is a superglobal, so you can use it in functions directly. With your method, you'd have to use $GLOBALS or add a "global $varname" line. So it can save you a little typing.
Also, with $_POST, you have no possibility of unexpected input clobbering other variables and so forth. With import_request_variables(), you have the potential for the same kind of scenarios that cause problems with register_globals. Of course, you can avoid that by coding carefully, but it's just one more thing to worry about.
There are also a number of situations where using superglobals is just more convenient. For example, you sometimes need to loop over the POST data, which is more convenient when it's already in an array. Likewise, if you want a central routine to sanitize input, it's a bit easier with superglobals. It's also more straight-forward to use superglobals when you have data in the GET, POST, and cookie variables, as it's clearer where the data's coming from and you don't have to worry about having the same name in, e.g. GET and POST.
So yes, there are some advantages to using superglobals. I would definitely recommend using them.
Also, with $_POST, you have no possibility of unexpected input clobbering other variables and so forth. With import_request_variables(), you have the potential for the same kind of scenarios that cause problems with register_globals. Of course, you can avoid that by coding carefully, but it's just one more thing to worry about.
There are also a number of situations where using superglobals is just more convenient. For example, you sometimes need to loop over the POST data, which is more convenient when it's already in an array. Likewise, if you want a central routine to sanitize input, it's a bit easier with superglobals. It's also more straight-forward to use superglobals when you have data in the GET, POST, and cookie variables, as it's clearer where the data's coming from and you don't have to worry about having the same name in, e.g. GET and POST.
So yes, there are some advantages to using superglobals. I would definitely recommend using them.
- Thread starter
- #3
You raise some good points. Just for context, I use the prefix feature of import_request_variables, so I'm not in any danger of stomping on non-imported variables. However, you're right about the need to use the global statement frequently. I also find that I have to resort to variable variables often which could be avoided by using the superglobals. Does anybody have anything nice to say about import_request_variables?
- Status