If they do exist, you can’t discount the possibility that the user has tampered with them.You cannot assume that they will always exist.GET parameters should always be treated with extreme caution. If it doesn’t, then our variables will retain their default FALSE values. If it does exist, we assign it to one of our variables. In the example above, we use PHP’s isset function to check whether or not the parameter in question actually exists. To guard against this kind of issue, you will need to check to see if the GET variable exists before you attempt to use it: $id = false Notice: Undefined index: id in /path/to/file.php on line 4 This will result in PHP spitting out the following message: Notice if a user removes one of the parameters from the URL. If we want to retrieve the values of those two parameters, we can access the $_GET superglobal array like so: //Get our two GET parameters.Īlthough the PHP code will work, it wrongly assumes that the GET parameters in question will always exist.Īs a result, there is a possibility that our script will throw an ugly undefined index Retrieve those values so that we can use them in our PHP script. id, which contains the value 23, and page, which contains the value 34. In the URL above, we have two GET parameters.
0 Comments
Leave a Reply. |