Hello and welcome to our community! Is this your first visit?
Register
Enjoy an ad free experience by logging in. Not a member yet? Register.
Results 1 to 4 of 4

Thread: form variables

  1. #1
    Regular Coder
    Join Date
    Dec 2002
    Location
    Seattle, WA
    Posts
    116
    Thanks
    1
    Thanked 0 Times in 0 Posts

    form variables

    I was just wondering if there is a certain way that you are definitely supposed to use variables passed to a script from a form. I usually just call the variable using the name of the form field such as $email.

    But I noticed that most people seem to use either $_POST['email']

    or

    $HTTP_POST_VARS['email']

    My question is, does it actually make a difference? Is there a good reason why I would want to use one of the longer versions rather than the way I do it? As always, thanks for the input.

  • #2
    Regular Coder
    Join Date
    May 2002
    Location
    London, England
    Posts
    367
    Thanks
    0
    Thanked 0 Times in 0 Posts
    It makes it more secure. For example, assume that you had the form going to form.php. I could go to www.domain.com/form.php?email=whatever and it'd process it.....

    Jee
    Jeewhizz - MySQL Moderator
    http://www.sitehq.co.uk
    PHP and MySQL Hosting

  • #3
    Senior Coder
    Join Date
    Jun 2002
    Location
    frankfurt, german banana republic
    Posts
    1,848
    Thanks
    0
    Thanked 0 Times in 0 Posts
    It also improves readability of your good immensely. Think of a script, 500 lines long, that you haven't touched a year long. Then you suddenly need to make some changes to it, and you run into a bunch of undeclared variables that seem to come from anywhere. No indication (if you don't explicitly comment this) is left *where* the variables come from - GET, POST, cookies, session, server environment... no one knows for sure unless you take the burden of testing this script in a context it's normally used.
    Compared against $_POST, it's immediately clear where the variable is supposed to come from. Plus, the new $_POST|GET|etc. predefined variables are super-globals, which means you can access them in functions without the need to import them with the "global" keyword.

  • #4
    Regular Coder
    Join Date
    Dec 2002
    Location
    Seattle, WA
    Posts
    116
    Thanks
    1
    Thanked 0 Times in 0 Posts
    Awesome. Thanks for the info. I knew there had to be a reason I just couldn't think of what it was.


  •  

    Posting Permissions

    • You may not post new threads
    • You may not post replies
    • You may not post attachments
    • You may not edit your posts
    •