{"id":164,"date":"2008-06-16T10:18:04","date_gmt":"2008-06-16T18:18:04","guid":{"rendered":"http:\/\/www.oeconomist.com\/blogs\/daniel\/?p=164"},"modified":"2020-11-05T02:14:56","modified_gmt":"2020-11-05T10:14:56","slug":"a-useful-bit-o-php-code","status":"publish","type":"post","link":"https:\/\/www.oeconomist.com\/blogs\/daniel\/?p=164","title":{"rendered":"A Useful Bit o' PHP Code, Set Right"},"content":{"rendered":"<p>I came upon <a href=\"http:\/\/www.nutt.net\/2004\/12\/27\/a-quick-php-function-to-get-post-get-or-session-variables-and-cookies-too\/\">someone's ancient &#39;blog entry in which he or she attempted to present what would be a useful PHP function<\/a>.  Unfortunately, the code has a few bugs.<\/p> <p>A dynamic webpage may seek data from various sources, including data passed by <a href=\"http:\/\/www.faqs.org\/rfcs\/rfc2616.html\"><code>GET<\/code> and <code>POST<\/code> methods<\/a> (which is how web forms normally), persistent data in <a href=\"http:\/\/www.faqs.org\/rfcs\/rfc2965.html\">cookies<\/a> (stored on the client but provided to the server with each visit), and persistent data on the server.<\/p> <p>Towards that end, <a href=\"http:\/\/www.php.net\/\">PHP<\/a> maintains five associative arrays: <a href=\"http:\/\/si2.php.net\/manual\/en\/reserved.variables.get.php\"><code>$_GET<\/code><\/a>, <a href=\"http:\/\/si2.php.net\/manual\/en\/reserved.variables.post.php\"><code>$_POST<\/code><\/a>, <a href=\"http:\/\/si2.php.net\/manual\/en\/reserved.variables.cookies.php\"><code>$_COOKIE<\/code><\/a>, <a href=\"http:\/\/si2.php.net\/manual\/en\/reserved.variables.request.php\"><code>$_REQUEST<\/code><\/a>, and <a href=\"http:\/\/si2.php.net\/manual\/en\/reserved.variables.session.php\"><code>$_SESSION<\/code><\/a>. (<a href=\"http:\/\/si2.php.net\/manual\/en\/reserved.variables.request.php\"><code>$_REQUEST<\/code><\/a> combines the contents of <a href=\"http:\/\/si2.php.net\/manual\/en\/reserved.variables.get.php\"><code>$_GET<\/code><\/a>, <a href=\"http:\/\/si2.php.net\/manual\/en\/reserved.variables.post.php\"><code>$_POST<\/code><\/a>, and <a href=\"http:\/\/si2.php.net\/manual\/en\/reserved.variables.cookies.php\"><code>$_COOKIE<\/code><\/a>.)  To access a variable named <q><code>user<\/code><\/q> sent by <code>POST<\/code> method, one would refer to <code>$_POST&#91;\"user\"&#93;<\/code>, and so forth.<\/p>\r\n\r\n<a href=\"http:\/\/www.nutt.net\/2004\/12\/27\/a-quick-php-function-to-get-post-get-or-session-variables-and-cookies-too\/\">The &#39;blog entry in question<\/a> may have been written before <a href=\"http:\/\/si2.php.net\/manual\/en\/reserved.variables.request.php\"><code>$_REQUEST<\/code><\/a> was introduced; in any event, the author had two good ideas: <ol><li>Avoid errors resulting from trying to access variables that don't actually exist.  If no variable <code>user<\/code> was passed by <code>POST<\/code>, then <code>$_POST&#91;\"user\"&#93;<\/code> throws an error.  To avoid that sort of thing, the author checks for the presence of the variable before attempting to access it.<\/li><li>Combine the variables in <a href=\"http:\/\/si2.php.net\/manual\/en\/reserved.variables.session.php\"><code>$_SESSION<\/code><\/a>, as well as those in <a href=\"http:\/\/si2.php.net\/manual\/en\/reserved.variables.get.php\"><code>$_GET<\/code><\/a>, <a href=\"http:\/\/si2.php.net\/manual\/en\/reserved.variables.post.php\"><code>$_POST<\/code><\/a>, and <a href=\"http:\/\/si2.php.net\/manual\/en\/reserved.variables.cookies.php\"><code>$_COOKIE<\/code><\/a>.  Indeed, session data is more analogous to cookie data than is cookie data to data transmitted by <a href=\"http:\/\/si2.php.net\/manual\/en\/reserved.variables.get.php\"><code>$_GET<\/code><\/a> or by <a href=\"http:\/\/si2.php.net\/manual\/en\/reserved.variables.post.php\"><code>$_POST<\/code><\/a>.<\/li><\/ol> The problems with <a href=\"http:\/\/www.nutt.net\/2004\/12\/27\/a-quick-php-function-to-get-post-get-or-session-variables-and-cookies-too\/\">the actual code<\/a> are these: <ul><li>If the server is not maintaining session data, then the attempt to use <a href=\"http:\/\/si2.php.net\/manual\/en\/reserved.variables.session.php\"><code>$_SESSION<\/code><\/a> will itself cause an error.<\/li><li>There is an attempt to get cookie data from the array <a href=\"http:\/\/si2.php.net\/manual\/en\/reserved.variables.session.php\"><code>$_SESSION<\/code><\/a>.<\/li><li>In the aforementioned attempt, the array is treated as a function.<\/li><\/ul> Here's a version of the code that fixes those problems: <blockquote style=\"width: 100%; overflow: auto;\"><pre>function getvar($var_name)\r\n{\r\n  if (array_key_exists($var_name, $_GET) == TRUE) $ret_value = $_GET[$var_name];\r\n  else if (array_key_exists($var_name, $_POST) == TRUE) $ret_value = $_POST[$var_name];\r\n  else if (session_id() != \"\")\r\n  {\r\n    if (array_key_exists($var_name, $_SESSION) == TRUE) $ret_value = $_SESSION[$var_name];\r\n  }\r\n  else if (array_key_exists($var_name, $_COOKIE) == TRUE) $ret_value = $_COOKIE[$var_name];\r\n  else $ret_value = \"\"; \r\n  return $ret_value;\r\n}<\/pre><\/blockquote> <a href=\"http:\/\/www.php.net\/\">PHP<\/a> also provides <a href=\"http:\/\/si2.php.net\/reserved.variables\">analogous associative arrays for other global variables<\/a>, but what unites the variable types of the five here is that they are commonly used in session-tracking &mdash; keeping data associated with a specific visitor as she moves through one's site.  Possibly, <code>getvar<\/code> would be better named something else, if not distinguished by being made a member of some class of objects.","protected":false},"excerpt":{"rendered":"I came upon someone's ancient &#39;blog entry in which he or she attempted to present what would be a useful PHP function. Unfortunately, the code has a few bugs. A dynamic webpage may seek data from various sources, including data passed by GET and POST methods (which is how web forms normally), persistent data in [&hellip;]","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_bbp_topic_count":0,"_bbp_reply_count":0,"_bbp_total_topic_count":0,"_bbp_total_reply_count":0,"_bbp_voice_count":0,"_bbp_anonymous_reply_count":0,"_bbp_topic_count_hidden":0,"_bbp_reply_count_hidden":0,"_bbp_forum_subforum_count":0,"footnotes":""},"categories":[69,4],"tags":[249,115,250],"class_list":["post-164","post","type-post","status-publish","format-standard","hentry","category-information-technology","category-public","tag-coding","tag-php","tag-programming"],"_links":{"self":[{"href":"https:\/\/www.oeconomist.com\/blogs\/daniel\/index.php?rest_route=\/wp\/v2\/posts\/164","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.oeconomist.com\/blogs\/daniel\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.oeconomist.com\/blogs\/daniel\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.oeconomist.com\/blogs\/daniel\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.oeconomist.com\/blogs\/daniel\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=164"}],"version-history":[{"count":1,"href":"https:\/\/www.oeconomist.com\/blogs\/daniel\/index.php?rest_route=\/wp\/v2\/posts\/164\/revisions"}],"predecessor-version":[{"id":11460,"href":"https:\/\/www.oeconomist.com\/blogs\/daniel\/index.php?rest_route=\/wp\/v2\/posts\/164\/revisions\/11460"}],"wp:attachment":[{"href":"https:\/\/www.oeconomist.com\/blogs\/daniel\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=164"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.oeconomist.com\/blogs\/daniel\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=164"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.oeconomist.com\/blogs\/daniel\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=164"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}