Welcome Guest, Not a member yet? Register   Sign In
Status of GET and querystrings in CodeIgniter?
#1

[eluser]pbreit[/eluser]
Just to confirm, is this a reliable way to implement querystrings in CodeIgniter:
$config['uri_protocol'] = "PATH_INFO";
$config['enable_query_strings'] = TRUE;

Are there any "gotchas" to watch out for? Is it reasonably secure?

It really is quite surprising that CodeIgniter does not support querystrings by default. I imagine that this deficiency alone is a show-stopper for many potential users. The fact is that while an individual developer may be able to avoid using GET, the web as a whole depends on it. GET is an extremely important aspect of web programming and totally proper to use. There is zero excuse for it not to be supported as a full-fledged member of a developer's arsenal.

EDIT: "GET" should be replaced with "querystring". Sorry for the confusion.
#2

[eluser]pbreit[/eluser]
Also, instead of or in addition to XML-RPC, there should be a simple HTTP Client library that does POST/GET (and maybe PUT/DELETE).
#3

[eluser]n0xie[/eluser]
Quote:It really is quite surprising that CodeIgniter does not support querystrings by default
It does support querystring by default. It's turned OFF by default. There is a big difference.
#4

[eluser]packetfox[/eluser]
I like that GET isn't there. Maybe sometimes its a slight inconvenience, but for all form data i use $_POST, and using $this->uri->segment(x,0) has done it for me so far where i normally would have used GET.

I used to use $_GET for things like changing a setting or so;eg. ?lang=en . What i do now is i make a controller that takes arguments, then redirects the user back to where he came from. Eg. now the link to change the language looks like /config/language/english. Someone goes there, a Session variable gets set, and the user gets redirected back to where he was.

regards,
D
#5

[eluser]pbreit[/eluser]
But do you understand that many times you *have* to use GET because, since GET is a proper HTTP method, *other* people use it? GET is the correct method to use for reads, searches, etc. How these forums do search, for example, is lousy. It should be like every other site on the web: http://www.ellislab.com/forums/search?q=get+querystring
#6

[eluser]n0xie[/eluser]
There is nothing stopping you from doing search that way. CI uses segmented url's by default in which querystrings are just plain silly, so there is no need for them. You seem to be under the impression that without access to querystrings, the world will end tomorrow. I can assure you it will not.

The behaviour can easily be modified by a setting in the config:
Code:
$config['enable_query_strings'] = FALSE;

Stop making such a fuzz about something that is not a problem.
#7

[eluser]pbreit[/eluser]
Wow, amazing response. It is in fact a major problem for developers who hope to ever interface with other systems since querystrings are so widespread and have a very proper place in web development. CI is doing developers a dis-service by making querystrings a second class citizen. CI needs to stop sweeping this major deficiency under the rug. It doesn't help that users think this is fine. It is most definitely not fine.
#8

[eluser]danmontgomery[/eluser]
It was a design decision. Like n0xie said, it's a simple matter of toggling a configuration variable.

I'm curious, what great functionality do you lose by having to toggle this option? What personal harm has EE's search caching done you, or in what way is it deficient? What do you hope to gain by presenting yourself with such a poor attitude to a community comprised almost entirely of people with no input in CI's core functionality?

CodeIgniter is a tool. If that tool doesn't suit your needs, don't use it.
#9

[eluser]n0xie[/eluser]
[quote author="pbreit" date="1267488216"]Wow, amazing response. It is in fact a major problem for developers who hope to ever interface with other systems since querystrings are so widespread and have a very proper place in web development. [/quote]
It's funny you should mention that to someone who makes a living building interfaces to different webservices. FYI: outbound requests work fine without it.

Unless you provide an API, OR the interface you are talking redirects you back to your site with some parameters appended to the URL, it doesn't even matter if querystring is enabled or not. That's how non-interesting this issue is.

If you provide an API, you could just as well have used segmented url's. Or REST, XML-RPC, SOAP, JSON or any of the other zillion ways to transfer data over the wire without needing a querystring.

If you get redirected back (Paypall comes to mind), then YES you are forced to use querystrings. Oh noes, I have to set a boolean from false to true.

Again your argument would be valid if you had to jump through hoops to get querystrings to work like you would expect them. This is not the case: it's a damn configuration option.

Turn it on when you need to. If that's too hard for you, use a different framework.
#10

[eluser]pbreit[/eluser]
I know anything that can be done with a querystring can be done without a querystring. That's not the point. But frequently, one does not have control over the other party. PayPal is a good example and there are many more. Enabling querystrings in CI is sub-optimal because it changes up all the URLs, it doesn't just allow for querystrings when needed.

This should not even be debatable. Any framework that wants to be taken seriously needs to fully support one of the most basic aspects of HTTP. CodeIgniter is a very fine framework but this is a glaring ommission. And I'm not the only one to feel this way.

This is the worst search URL I have ever seen:
http://ellislab.com/forums/search_result...83bbb018e/

This would simply be unacceptable for most web sites.




Theme © iAndrew 2016 - Forum software by © MyBB