Safely extracting variables in PHP
by Amit Arora
Published: August 7, 2003
User Rating: 7.7 (20 votes)

Page Page » 1 2 3 4 5


Don't you wish there was just one function which could handle this. Well, there is now. It is small tiny function called SafeExtract() which does the following

  1. Extract specific GET, POST and COOKIE variables to global variables
  2. Check the variables (that needs to be extract) against other submission, which would otherwise be a secuity lapse
  3. Should format data considering the setting of magic_quotes_gpc and register_globals

Now the simple solution would be to add this small snipet of code at the begining of the php file

SafeExtract( array( 'any' => array('subject'), 'post' => array('name', 'email') ) );

Now writing this small piece of code would accomplish the following

  1. Create variable $subject with value passed either through GET or POST
  2. Create variable $name and $email ONLY if passed by POST. And if there exists a previous variable $name or $email, it will be removed from the globale array
  3. The data would be formated according to the current state of the magic_quotes_gpc and you would get the same data no matter what is the state of magic_quotes_gpc

Imagine the help it can provide when you are writing the complex forms and you can concentrate on processing the data rather then formatting it.

Page Page » 1 2 3 4 5


Amit Arora is web developer with expertise in developing eCommerce enabled websites for the businesses.

Contact | Resume

Subscribe to newsletter

Get Firefox

Monitored by Site24x7