coolphpdude Posted September 12, 2009 Share Posted September 12, 2009 hi, I was told to use $_request instead of $_post or $_get. can somebody explain in plain english what $-request does and is it better/more efficient, etc... than the others. Thanks Pete Quote Link to comment Share on other sites More sharing options...
Garethp Posted September 12, 2009 Share Posted September 12, 2009 $_REQUEST gets BOTH POST and GET. It means that you don't have to worry about whether the information is coming in through POST or GET Quote Link to comment Share on other sites More sharing options...
cbolson Posted September 12, 2009 Share Posted September 12, 2009 $_REQUEST is actually a bit more complicated than that as it also returns variables sent by the browser. Whilst it is true that you can *normally* use it to access $_GET and $_POST values, some servers have this desactivated so you shouldn't rely on it. Also, as $_POST and $_GET are different, theoretically both of them could be passed to the page which might result in confusing results (I can't remember right now which one takes priority). Anyway, more info can be found here: http://us2.php.net/manual/en/reserved.variables.request.php Chris Quote Link to comment Share on other sites More sharing options...
DEVILofDARKNESS Posted September 12, 2009 Share Posted September 12, 2009 I personaly use or $_POST or $_GET (or both) but not $_request. Quote Link to comment Share on other sites More sharing options...
MatthewJ Posted September 12, 2009 Share Posted September 12, 2009 I'll have to say I have not ever run into a server that does not support $_REQUEST... Though there might be some exceptions, I have to agree with garethp on this one... it is just superglobal that contains $_GET, $_POST, and $_COOKIE if you don't duplicate variable names, you'll be fine but I wouldn't call it "better" Quote Link to comment Share on other sites More sharing options...
DEVILofDARKNESS Posted September 12, 2009 Share Posted September 12, 2009 I don't use it because I know I sometimes use duplicate names, but it's more something you prefer or you don't prefer. We can't say You have to use that because ... and not that because .... Quote Link to comment Share on other sites More sharing options...
PFMaBiSmAd Posted September 12, 2009 Share Posted September 12, 2009 Since $_REQUEST combines post/get/cookie, it has two problems and should not be used - 1) If you happen to add a post/get/cookie with the same name as an existing post/get/cookie, your code won't work as expected, so you must spend more time keeping track of which post/get/cookie you have used so that you don't duplicate any names. In larger projects and in projects that are divided between multiple programmers, $_REQUEST would never be considered. And don't forget that when you look at your code a month from now or a year from now and you have forgotten exactly where the $_REQUEST variable is coming from and you must change or add something, do you really want to spend the extra time figuring out what any $_REQUEST variable actual means or you do want to use the actual $_POST/$_GET/$_COOKIE so that just looking at the code will tell you where it is coming from? 2) Since you cannot tell where a $_REQUEST variable actually comes from you loose a level of automatic validation against hackers trying to break into your script. You might be expecting a $_COOKIE or $_POST variable in your code, but a hacker can just sit there changing a $_GET variable on the end of the URL to send different cookie/post values to your script in order to try to break in. Why make it EASIER for a hacker? By using the exact $_POST/$_GET/$_COOKIE that your code is expecting, you get a free level of automatic built-in validation that the data is coming where you expect it to be coming from. In those rare cases where a value your script expects might come from a same name $_POST variable one time and a $_GET variable a different time, why not just put in the necessary code to test for, validate which one they came from, and combine them yourself. $_REQUEST was one of several things put into php in its' early days to make writing code 'easier'. However, every one of the lazy-way short-cuts have turned out to cause more problems, like making code less secure and wasting time troubleshooting when code and data does not work, then they ever saved in typing time while the code was being written. Quote Link to comment Share on other sites More sharing options...
PFMaBiSmAd Posted September 12, 2009 Share Posted September 12, 2009 LOL, since typing $_REQUEST (9 characters) is more than $_POST (6 char), $_GET (5 char), or $_COOKIE (8 char), using $_REQUEST to reference values that always come from the same source is actually more typing. The most common usage of $_REQUEST actually wastes the programmer's time. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.