...

View Full Version : convert $_GET variables to regular variables? about 10 times



croatiankid
07-27-2007, 09:07 AM
Do you guys always convert your GET and/or POST variables to regular variables
$variable = foo;? On a page, I'm using a GET variable about 10 times, would it be more efficient to convert it to a regular variable (I'm sure there's a name for this type of variable) at the beginning? Does it have anything to do with load on the PHP (interpreter, like it goes to check the variable from the URL every time, which is maybe more of a strain than from the document itself), or just mere file size?

_Aerospace_Eng_
07-27-2007, 09:08 AM
I just think its easier to type a variable name rather than $_GET['var'];

The strain on the parser is the same whether you assign it to a variable or not. Also it helps for preventing mysql injection. Declaring the variables to empty to start with and then checking the data to see if its valid and then reassigning it the variable. I don't think you can do this

$_GET['var'] = '';
I could be wrong though, don't know.

Guess you can do that though again, it takes a little more work to type e.g. SHIFT + 4 _ G E T [ ' foo ' ], compared to a variable called foo.

$foo = $_GET['foo'];

if(isset($foo)) echo 'Foo is set!';

sdcomputerz
07-27-2007, 09:28 AM
I second that

firepages
07-27-2007, 03:30 PM
I prefer to leave variables in their original form unless there is an overriding need to alter it (or I alter the variable via script) , there is no protection against injection unless register_globals is on and variables are not declared locally before they are used (or filtered if they are GPC)

From a resource viewpoint there is an (probably too small to measure) overhead in declaring the variable twice (even if you then unset the original) so if resource usage worries you then don't do it.

It is easier on the typing though ;)

CFMaBiSmAd
07-27-2007, 03:59 PM
For variables that might or might not exist (from a form, a url, a cookie, a session...) I always do something like this near the beginning of the code -

$get_action = isset($_GET['action']) ? $_GET['action'] : '';The variable is then only checked if it exists once and is evaluated only once. The internal variable will then exist through out the remainder of the code with either the actual input or an empty string.

croatiankid
07-27-2007, 04:03 PM
I don't understand making it empty first, why does that help?
I have example.com/?var=foo, and let's say I want to echo $var on that page (plain text, all that is on the page is foo). How would you do that?



EZ Archive Ads Plugin for vBulletin Copyright 2006 Computer Help Forum