开发者

Can I assign a value to a $_POST variable in PHP?

For example, I am using a $_POST variable to insert data into a DB. Just before this query I have a few tests and if they are true I want to adjust that (hidden) $_POST value.

Ex.

if($baby_dragon_eats_children){
  $_POST['hidden_value'] = "grapes";
}

Can $_POST['hidden_value'] be assigned a new value and then be passed to another function as $_POST and be able to access the new $_POST['hidden_value']?

Thanks


$_POST['consolidate_answers']

  • IF you assign a value to $_POST you should document is very clearly as it is not common nor considered "best" practice.
  • IF you have any extensions of PHP such as Suhosin Patch... it may block such actions..
  • Handle your own arrays, don't depend on $_POST!
  • IF need be, make a copy of $_POST and wor开发者_运维百科k with that.


You can assign values to $_POST, but if you do so you should document it very clearly with comments both at the point of assignment and the later point of access. Manually manipulating $_POST can break future programmers' (including your own) expectations of what is in the superglobal and where it came from.

There may be other alternatives, like:

$my_post = $_POST;
$my_post['hidden_value'] = 12345;

// In a function:
function func() {
   // Emulate a superglobal
   echo $GLOBALS['mypost']['hidden_value'];
}


Can $_POST['hidden_value'] be assigned a new value and then be passed to another function as $_POST and be able to access the new $_POST['hidden_value']?

It can in normal PHP.

However, extensions like the Suhosin Patch may block this.

Also, it feels wrong in general. $_POST is intended to contain the raw, incoming POST data - nothing else. It should not be modified IMO.

A better way to go would be to fetch all the data you plan to insert into the database into an array, and do the manipulations in that array instead.


You can, it will work, but don't.

Create a copy of $_POST, perform your tests on that and modify that instead. For example.

$postdata = $_POST;
if ($postdata['somevalue'] != 'someothervalue') $postdata['newvalue'] = 'anothervalue';
// ...

If you manipulate variables auto-created by PHP, it will probably come back to haunt you later on when the variable doesn't hold the data you expect it to.


Find an alternative!

The $_POST variable has a distinct responsibility. Do not abuse its globalism.

I'd say don't abuse globalism either way, even if it means changing the design you have (or have in mind).

But if you choose not to, then consider creating a dedicated global registry just for your needs. Don't manipulate language built-ins.

0

上一篇:

下一篇:

精彩评论

暂无评论...
验证码 换一张
取 消

最新问答

问答排行榜