How to send get&post&cookie at once?
if($_GET[get] && $_POST[post] && $_COOKIE[cookie])
{
//blah blah
}
How to send get,post,cookie data for that code at once??
give me a sample code please!
I used form tag but couldnt send at once but I don't know how to send it at once
Sounds like you want $_REQUEST - this is by default "An associative array that by default contains the contents of $_GET, $_POST and $_COOKIE."
Be aware that by using $_REQUEST you lose information about where the variable came from, so it is recommended to use the individual variables, or set $_REQUEST to only contain GET and POST data, with POST overwriting GET: $_REQUEST = array_merge($_GET, $_POST);
Related
I am writing a interceptor to validate request and decode data received from POST. After decoding data I have to set data to $_POST so that my all previous writer functionality will work as it is.
I have set values like below
$_POST['amount'] = $data['a'];
$_POST['currency'] = $data['c'];
I am able to get these variables using $_POST but these values are not accessible in Yii::$app->request->post()
So my question is can I get these values by Yii::$app->request->post()
Post data is cached inside of Request component, so any changes in $_POST will not be reflected in Yii::$app->request->post(). However you may use setBodyParams() to reset this cache:
Yii::$app->request->setBodyParams(null);
$post = Yii::$app->request->post();
Or just use setBodyParams() to set your data directly without touching $_POST:
Yii::$app->request->setBodyParams(['amount' => $data['a'], 'currency' => $data['c']]);
I think you should consider refactoring your code a bit, especially if you are not the only person working on the project because artificially adding values to $_POST is just confusing and should be avoided, if possible. If I see a code that reads a variable from $_POST, I go looking for it being set on the frontend not somewhere in the controller.
You could make your interceptor do:
$post = Yii::$app->request->post();
// or $post = _ $POST;
$post['foo'] = 'bar';
someNamespace::$writeData = $post;
Then when you want to access the data (assuming it doesn't always go through the interceptor and needs to be initialized when empty):
if (empty(someNamespace::$writeData)) {
someNamespace::$writeData = $_POST;
}
$data = someNamespace::$writeData;
and read everything from that static variable instead of $_POST. It's neater and much more maintanable code, IMHO.
Just to extend on the accepted answer of #rob006, in response to the comment below that by Budi Mulyo.
You can add to the post data by doing the following:
$params = Yii::$app->request->getBodyParams();
$params['somethingToAdd'] = 'value'
Yii::$app->request->setBodyParams($params);
Still not sure if you want or need to do this, but it is possible :)
I have a web form that submits some hidden input fields with post parameters and I want to use Request object from Symfony.
This is how I'm doing it now using an API based request also with Postman app I can access the son values like this.
myAction(Request $request){
$content = $request->getContent();
$params = json_decode($content, true);
$value = $params['value'];
}
But when i use a web form it doesn't get the values this way. I was trying to figure out how to get the values and i ended up using the post variable which works fine.
$value = $_POST['value'];
I don't want to use the global variable but rather grab the value from the request. I don't have a super good reason why, other than I prefer it the Request way. Any help would be appreciated.
Is there something special I'd have to do with the HTML form?
Use $value = $request->request->get('value'); to get a single POST value.
Use $values = $request->request->all() to get all POST values.
From symfony docs
I have a bit of code which checks 2 $_GET variables with preg_match. It also looks up one variable value in the database. The problem is that the email address which is url encoded and the # symbol is replaced with %40 is not turned back into readable text when I call the variable.
So if I call $_GET['email'] the value displayed is someone%40example.com while it should be someone#example.com
I understand $_GET variables get decoded automatically but it is not working for me. This problem came with the installation of SSL on this domain. Could it have something to do with that?
Here's my code:
if (isset($_GET['Email']) && preg_match('/^([a-zA-Z0-9])+([a-zA-Z0-9\._-])*#([a-zA-Z0-9_-])+([a-zA-Z0-9\._-]+)+$/', $_GET['Email'])) {
$Email = $_GET['Email'];
}
U need to put urldecode()
$_GET variable doesnot get url decoded automatically. You have to do it manually.
Do something like this
if (isset($_GET['Email']) && preg_match('/^([a-zA-Z0-9])+([a-zA-Z0-9\._-])*#([a-zA-Z0-9_-])+([a-zA-Z0-9\._-]+)+$/', urldecode($_GET['Email'])))
{
$Email = urldecode($_GET['Email']);
}
Also, this is not the proper way of validating email
Check your content-type header you are sending. If you are submitting a form, then I you should probably be using application/x-www-form-urlencoded type in your form to tell PHP that the data is URL-encoded and should be automatically decoded. That is unless you are submitting a file upload, in which case multipart/form-data is appropriate and may require manual decoding of content (using urldecode() depending on how it is actually sent. You can inspect $_SERVER['CONTENT_TYPE'] to help you programatically determine whether you need to manually decode.
A few other pointers:
You should probably consider using POST here instead of GET unless your expectation is that this would be a navigable page/or endpoint tied to that email address (i.e. something someone could bookmark). Think for the GET action is reading something from a location specified by the query string and POST as being related to making some specific action related to the POSTed data.
You should consider using filter_var() or filter_input() along with the email validation filter instead of regex.
Suggested usage would be:
$email = filter_var($_GET['email'], FILTER_VALIDATE_EMAIL);
if(false === $email) {
// validation failed
}
// or
$email = filter_input(INPUT_GET, 'email', FILTER_VALIDATE_EMAIL);
if(is_null($email) {
// key was not present in GET params
} else if (false === $email) {
// validation failed
}
I'm learning PHP and specifically how to secure php forms.
I'm reading an article entitled "Sanitize and Validate Data with PHP Filters" wherein the author checks if the form was submitted using the following code:
if (isset($_POST['Submit'])) {
// do something...
}
Which does work, but I've read that its best to use input filters (i.e. filter_input).
Secondly, using filter_input would also stop netbeans from nagging me about not "accessing the superglobal $_POST Array directly"
So I wrote the following:
function is_form_submit() {
$request = filter_input(INPUT_SERVER, "REQUEST_METHOD");
return $request === 'POST' ? true : false;
}
Which could be used like so:
if ( is_form_submit() ) {
// do something...
}
So my question is: doesn't my code achieve the same thing? If not, why not. Please advise.
While your code would achieve the same result in most cases, it is not the same as the isset call.
What your code does is checks if the REQUEST_METHOD is POST. That is, it checks if the user made a POST request to access the current page.
What the isset does is checks if something with the name of Submit was sent via POST. This usually happens when your submit button is <input name="Submit" type="submit" value="Submit" />, as clicking that (or hitting enter in a text field and it's the first submit button) will result in $_POST['Submit'] being set.
To see the different behaviours, compare the results of curl -X POST your-url.com/page.php with curl -F Submit=submit your-url.com/page.php.
filter_input is untouched user input.
Some scripts add/modify $_POST and $_GET directly. Fine if your code is fail-safe, but if something goes wrong with the manipulated keys/values, there could be errors.
filter_input( INPUT_POST, 'requiredID' )
Would not be affected by the type of coding below
$_POST['requiredID'] = brokenFunction( $_POST['requiredID'] );
I have made an interface whereby the user can create his own form. I've just managed to load that form in a separate php file.
What I want to know is that after posting the form, how do I capture all the id and values of the inputs in an array so that I can display the the form (read-only) and display it on another page.
If your <form> method attribute is post - you send POST request to server. You can access all POST data through $_POST like var_dump($_POST);.
If your <form> method attribute is get or you have no method set - you send GET request to server. You can access all GET data through $_GET like var_dump($_GET);.
No matter which input fields was in form - they all would be here.
$post = array();
foreach($_POST as $key => $value) {
$post[$key] => $value;
}
But this example is not too good. It's not protected against SQL-injection - pay attention to it. But with it you can get all $_POST data in $post array.
When you post a form, you have the "array" $_GET or $_POST according to the method (but you could use $_REQUEST which gets both post and get "arguments") where you have all the data you need to process the content of the form. The PHP array_keys returns the keys which are the names given for each field in the form. Using each key in a loop, you can do some kind of processing over the "content" of that field, that you can retrieve using the current key in the loop; e.g.
foreach(array_keys($_GET) as $a)
{
echo $a . " => " . $_GET[$a];
}