0

I'm looking for the best way how to use external variables in PHP with error level including E_NOTICE.

I have three possible ways, I would be happy, if you can give some hints on each or suggest a different approach that YOU like.

    1. 
class WebApp {

    public static function _GET($Index) {
        if (isset($_GET[$Index])) {
            return $_GET[$Index];
        } else {
            return NULL;
        }
    }
}

// E_NOTICE, does not throw a notice:
echo WebApp::_GET('ID');

// E_NOTICE, throws a notice:
echo $_GET['ID'];

2.

class RequestSanitizer {
    const V_INTEGER = 1;
    const V_STRING = 2;
    const V_REAL = 3;

    public static function Sanitize($arr) {
        foreach ($arr as $key => $val) {
            if (array_key_exists($key, $_GET)) {
                switch ($val) {
                    case RequestSanitizer::V_INTEGER:
                        $_GET[$key] = $_GET[$key] + 0;
                        break;
                    case RequestSanitizer::V_STRING:
                        $_GET[$key] = $_GET[$key] + '';
                        break;
                    case RequestSanitizer::V_REAL:
                        $_GET[$key] = $_GET[$key] + 0;
                        break;
                }
            } else {
                $_GET[$key] = null;
            }
        }
    }
}

RequestSanitizer::Sanitize(array(
    'GraphID' => RequestSanitizer::V_INTEGER,  
    'UserName' => RequestSanitizer::V_STRING,  
    'Password' => RequestSanitizer::V_STRING,  
    'Price' => RequestSanitizer::V_REAL 
));

echo $_GET['GraphID'];

3.

if (isset($_GET['ID']) && ($_GET['ID']+0>0)) {
   echo $_GET['ID']
}
Improve this question

2 Answers 2

Reset to default
1

I would use 

if (isset($_GET['ID']) && ($_GET['ID']+0>0)) {
   echo (int)$_GET['ID']
}

with a casting to integer (int). If the value must be an integer.

Improve this answer
Sign up to request clarification or add additional context in comments.

4 Comments

In this case you have to: 1) always use casting 2) always test, if the variable is set (isset($_GET['ID']))
Yes, and there will be no shorter way to achieve this. If the variable is not set, the second condition of the expression will not be executed. But only if its sure that the value has to be an integer.
Shorter way with class from option 1: echo (int)WebApp::_GET('ID');
But you didn't checked if the var is set. You would get "0" even if there was no value provided!
0

i'd use a Request class that encapsulates all Php "superglobals" and provides methods like "param()", "numParam()", "arrayParam()" and so on.

$req = new Request();
$user_id = $req->numParam('id');
 // user_id is guaranteed to be a valid integer or 0
Improve this answer

1 Comment

This is very similar to my first option. I used static method, so I don't have to create new class every time I need to use it. I like your approch with "numParam", "arrayParam", etc...

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.