Welcome Guest, Not a member yet? Register   Sign In
Under the Bonnet $_REQUEST
#1
Question 

Hi,

The way my code has mutated, it currently appears sensible (for a couple of- perhaps misguided(?)- reasons) to forego using the $_POST variable and restrict all my interaction with the user's offerings to $_REQUEST.

So today's questions are:

1) I am aware CI uses $_REQUEST for input destined for Validation... are there other significant places where there is a distinction between $_POST and $_REQUEST?

2) Are there any reasons for my intentions being a really stupid idea?

3) As an aside, I'm also using $_SERVER variables directly in my code, and not from the $_REQUEST copy of it. Having done a superficial scan of the CI system code, it appears that $_SERVER is also used directly (and not via the $_REQUEST copy, as what is done for CI’s Validation)... so if I remove $_SERVER from PHP’s registration of $_REQUEST (which, in my current "default" setup does contain $_SERVER), it shouldn't have any untoward effects on CI, should it?

Any ideas and expert advice would be greatly appreciated, thanks.

Gary
Reply
#2

I think the direct modification of the globals is to ensure that environment variables are all available where needed. I'm not entirely clear about what you are trying to do but I'd be cautious of a few things:
1) $_REQUEST doesn't contain some CLI elements necessary for spark commands
2) Runtime modifications of $_GET and $_POST don't retroactively apply to $_SERVER (e.g. $_POST['test'] = 'yes'; isset($_REQUEST['test']) //false)
3) It's possible to have duplicate keys, which I think are handled by overwrite in variable order (e.g. posting a form with 'name' field to myserver.com/route?name=me )
Reply
#3

Thanks MGatner, I appreciate the additional insight- which I'm finding difficult (as a noob) to easily pull out of the documentation or system code.

Some of the motivation of my obtuse way of doing things is to help me keep track of (and process) only one copy of user-entered variables (as a simple example: when using a trim or input filter, and then applying the input to Validation, I know that what's coming out and being processed or redisplayed for correction/further editing is a (verbatim) copy of what's been validated. It also lets the user see exactly what's been "fixed" in their subsequent reattempts).

I'll keep the CLI details in mind, when/if I get to needing that, thank you
Reply




Theme © iAndrew 2016 - Forum software by © MyBB