Please consider querystring support in 2.x

[eluser]mddd[/eluser]
[quote author="clooner" date="1280927161"]
So why not simply use?

Code:

$this->input->get('var1');

[/quote]
Agreed. That is how it should be. Now "all someone has to do" is to build a reliable implementation of that..

[eluser]Clooner[/eluser]
[quote author="mddd" date="1280927307"]
Agreed. That is how it should be. Now "all someone has to do" is to build a reliable implementation of that..[/quote]

Isn't this already how it works?

Code:

//whenever you need query string support enable it using
parse_str($_SERVER['QUERY_STRING'], $_GET);
// retrieve variables like so
$var1 = $this->input->get('var1');
$var2 = $this->input->get('var2', TRUE); // to force xss cleaning

I seriously don't $_GET why this is so troublesome.

[eluser]mddd[/eluser]
From all the posts about this issue, I got the idea that $_GET was not coming through in a reliable way.. that it depends on server configuration what you have to do to get it. That's what I meant: it should be a 'works for everyone' solution. And one that is triggered automatically if some setting is switched on or off.

[eluser]WanWizard[/eluser]
@clooner: what do you mean with "So why not simply use?"

To be able to use that, you still need values in your $_GET global array. Are you honestly saying that parsing the query string at a 'random' place in your code is a better solution that to deal with it where you should, namely in the Input class?

@mddd: $this->input-get() relies on _sanitize_globals() to clean the $_GET variables, it does more than XSS_clean.

The implementation is already there, using the new config variable 'allow_get_array', as I've posted earlier, to detach the decision whether or not to route via the query string (enable_query_strings) from the decision whether or not to wipe the $_GET array clean.
As I wrote, all you need to do is to tell CI *NOT* to empty $_GET array (which now happens if 'enable_query_strings' is FALSE, Input.php, line 131). Once you've archieved that, the rest is standard CI, including using $this->input->get().

And for people not wanting to modify the core code, there's the solution with extending the Input class and overloading the _sanitize_globals() method, to archieve the same thing.

[eluser]Clooner[/eluser]
@WanWizard
Actually I'm saying that it is just the way CI is structured. CI basic setting is that you use segments. In case you want to use query strings it is also based on a certain structure, c=controller&m=method. Things are set in a frame when using a framework, hence the name... In case you don't want this, there is always the option to make it yourself. I'm just going about it in a different way but with exactly the same result!

Code:

// rebuild and clean the $_GET
parse_str($_SERVER['QUERY_STRING'], $_GET);
// now it uses the same cleaning as sanitize_globals!
$this->input->_clean_input_data($_GET);

And of course I won't be placing this randomly in my code. I just won't extend my input library when I can place only 2 lines of code somewhere else. Probably if I already extended the input library I would go with something similar to your solution but in most cases your solution will be bloated.

[eluser]WanWizard[/eluser]
Ok, clear.

I just have a problem with "In case you want to use query strings it is also based on a certain structure, c=controller&m=method". That structure has to do with segment routing within a CI environment, and nothing with the issue at hand, external services requiring query string parameters. I see these as two different things, which need to be dealt with differently. Hence the two config variables for the two functions.

You could even have a situation where both 'enable_query_strings' is TRUE (which requires the $_GET keys 'c' and 'm'), and 'allow_get_array' is TRUE, which allows all other $_GET keys.

The only other logical place to put your code to get a consistent solution is in a MY_Controller or MY_Model, both of which provide a similar solution to a MY_Input. So just put it where it belongs, and where everyone working with CI expects it to be.

Please explain to me why my suggestion would create a "bloated" solution?

Putting your solution in any other place than a MY_Controller or MY_Model constructor would create a maintenance issue in the future (you're modifying CI behaviour from inside a controller or model), which in my professional opinion is not the way to do it. Extending the model or controller class is the same effort as extending the input class.

[eluser]Clooner[/eluser]
It depends, do you want to enable $_GET application wide or just for a certain controller/method?

It's likely to already have a MY_Controller in place for other functionality. In that case add the two lines to the construct and you have application wide $_GET.

In the case that you don't need application wide $_GET simply call it from the controller construct or the method where you need to access $_GET.

[eluser]tuffy[/eluser]
Is it not considered bad practice to modify $_GET (I realize that CI wipes it clean...) ?

Also, this solution seems to allow segments and query parameters to work for me:

In config.php:

Code:

$config['uri_protocol']    = "AUTO";

and in .htaccess (just removed the ?):

Code:

RewriteRule ^(.*)$ /index.php/$1 [L]

Is there anything this would break?

[eluser]WanWizard[/eluser]
The idea is not to modify it, but to prevent CI wiping it.

That rewiterule just inserts index.php info the URL, it doesn't do anything with the rest. I don't know what you mean by removing the ?, my .htaccess doesn't have a ? in the rule...

If this works for you, how do you access the query parameters, given the fact that the input class will remove all values from $_GET?

[eluser]tuffy[/eluser]
[quote author="WanWizard" date="1280973308"]The idea is not to modify it, but to prevent CI wiping it.

That rewiterule just inserts index.php info the URL, it doesn't do anything with the rest. I don't know what you mean by removing the ?, my .htaccess doesn't have a ? in the rule...

If this works for you, how do you access the query parameters, given the fact that the input class will remove all values from $_GET?[/quote]

I have enable_query_string set to true and the following works for me:

Code:

$this->input->get('var');