Safely extracting variables in PHP
Published: August 7, 2003
User Rating: 7.7 (20 votes)
Solution
Don't you wish there was just one function which could handle this. Well, there is now. It is small
tiny function called SafeExtract()
which does the following
- Extract specific GET, POST and COOKIE variables to global variables
- Check the variables (that needs to be extract) against other submission, which would otherwise be a secuity lapse
- Should format data considering the setting of
magic_quotes_gpc
andregister_globals
Now the simple solution would be to add this small snipet of code at the begining of the php file
SafeExtract( array( 'any' => array('subject'), 'post' => array('name', 'email') ) );
Now writing this small piece of code would accomplish the following
- Create variable
$subject
with value passed either through GET or POST - Create variable
$name
and$email
ONLY if passed by POST. And if there exists a previous variable $name or $email, it will be removed from the globale array - The data would be formated according to the current state of the
magic_quotes_gpc
and you would get the same data no matter what is the state ofmagic_quotes_gpc
Imagine the help it can provide when you are writing the complex forms and you can concentrate on processing the data rather then formatting it.
About
Amit Arora is web developer with expertise in developing eCommerce enabled websites for the businesses.
Monitored by Site24x7
Uptime