Hello and welcome to our community! Is this your first visit?
Register
Enjoy an ad free experience by logging in. Not a member yet? Register.
Results 1 to 9 of 9
  1. #1
    New Coder
    Join Date
    Jul 2002
    Location
    Florida
    Posts
    60
    Thanks
    0
    Thanked 0 Times in 0 Posts

    PHP $_POST and variables

    I've decided to recode all my variables on my pages as PHP 4.3 now demands they be (unless you have register_globals = on) as :

    $_POST['var_name']

    I'm doing this in advance in case any server I am on has register_globals = off (as is now recommended). Thus, using just $var_name is no longer sufficient to obtain its value. You must fetch the value as shown above.

    The problem is, however, when doing things like a trim() on a variable, e.g. "FirstName" this will not obviously work :

    $FirstName = trim(\"$_POST['FirstName']\");

    Nor will :

    $FirstName = trim($_POST['FirstName']);

    The trim() function seems to demand a string literal. The only way I can see around this issue is to do :

    $FirstName = $_POST['FirstName'];
    $FirstName = trim(\"$FirstName\");

    This seems like a double operation on any variable that I want to manipulate, a lot of extra coding.

    Anybody have a better idea?

    Thanks in advance.

  • #2
    Senior Coder
    Join Date
    Jun 2002
    Location
    frankfurt, german banana republic
    Posts
    1,848
    Thanks
    0
    Thanked 0 Times in 0 Posts
    $FirstName = trim($_POST['FirstName']);

    works as expected for me. PHP 4.2.1 on Apache 1.3, register_globals set to "off".
    De gustibus non est disputandum.

  • #3
    Senior Coder
    Join Date
    Jun 2002
    Location
    paris, france
    Posts
    1,216
    Thanks
    0
    Thanked 0 Times in 0 Posts
    i don't actually see the problem with
    $my_var = trim($_POST['me_var']);

    is it just me?
    i use it all the time
    photoshop too expensive? use the GIMP! www.gimp.org

  • #4
    New Coder
    Join Date
    Jul 2002
    Location
    Florida
    Posts
    60
    Thanks
    0
    Thanked 0 Times in 0 Posts

    I found the problem, but not the solution.

    I was actually trying to use this construction inside of an UPDATE SET statement as :

    $sql = "UPDATE $table_name
    SET
    FirstName = trim($_POST['FirstName']),
    .
    .
    ";

    And the PHP interpreter keeps complaining with :

    Parse error: parse error, unexpected T_ENCAPSED_AND_WHITESPACE, expecting T_STRING or T_VARIABLE or T_NUM_STRING

    It doesn't mind the original, of course :

    FirstName = trim(\"$FirstName\"),

    So now I have a new issue to tackle, e.g. how to format this correctly for the SET statement.

  • #5
    Senior Coder
    Join Date
    Jun 2002
    Location
    frankfurt, german banana republic
    Posts
    1,848
    Thanks
    0
    Thanked 0 Times in 0 Posts
    If you refer to an array element by it's key, you can't have the key in quotes when the variable is contained in a string. So this should work:

    PHP Code:
    $sql "UPDATE $table_name
    SET
    FirstName = trim($_POST[FirstName]),
    .
    .
    "

    or


    PHP Code:
    $sql "UPDATE $table_name
    SET
    FirstName = trim({$_POST['FirstName']}),
    .
    .
    "

    See also the manual entry on string parsing:
    http://us2.php.net/manual/en/languag...string.parsing
    De gustibus non est disputandum.

  • #6
    Supreme Overlord Spookster's Avatar
    Join Date
    May 2002
    Location
    Marion, IA USA
    Posts
    6,280
    Thanks
    4
    Thanked 83 Times in 82 Posts
    You should really just declare and initialize all of your variables anyways in the beginning and never try to do multiple things all in one line. That detracts from readability of the code.


    For example this is more readable...

    //Declare and Initialize POST data
    $firstname = $_POST['first'];
    $lastname = $_POST['last'];

    //Remove whitespace from data
    $firstname = trim($firstname);

    //Define query
    $sql = "SELECT col FROM tablename WHERE yaks = '$firstname'";

    than this

    $sql = "SELECT col FROM tablename WHERE yaks = 'trim($_POST['first']'";

    Yes it takes a few more lines of code but will save you time or others time if you every have to go back to the code later on. Plus if you declare and initialize your variables in the beginning then if you ever needed to change the name of a form element or something then you won't have to go through the code looking for each occurence where you used it at. You would just need to change it at the beginning.
    Spookster
    CodingForums Supreme Overlord
    All Hail Spookster

  • #7
    New Coder
    Join Date
    Jul 2002
    Location
    Florida
    Posts
    60
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Yes, thanks!

    I had forgotten about that rule, or never even realized it.

    Both examples work fine for me.

  • #8
    New Coder
    Join Date
    Jul 2002
    Location
    Florida
    Posts
    60
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Yes, I agree.

    I guess we can sometimes be too clever by 1/2 as programmers, always trying to squeeze in more and more functionality.

    I still prefer (for the reasons you mention) the old

    if . . . else

    construction, rather than the "?" conditional operator.

    I'll take readable (and thus maintainable) code over obfuscated & compacted code every time, even if it might be a tad slower. Who cares anyway while the 56k modem still reigns supreme?

  • #9
    Supreme Overlord Spookster's Avatar
    Join Date
    May 2002
    Location
    Marion, IA USA
    Posts
    6,280
    Thanks
    4
    Thanked 83 Times in 82 Posts

    Re: Yes, I agree.

    Originally posted by Nomadicus
    I guess we can sometimes be too clever by 1/2 as programmers, always trying to squeeze in more and more functionality.

    I still prefer (for the reasons you mention) the old

    if . . . else

    construction, rather than the "?" conditional operator.

    I'll take readable (and thus maintainable) code over obfuscated & compacted code every time, even if it might be a tad slower. Who cares anyway while the 56k modem still reigns supreme?
    My computer science professors in college would give me dirty looks if I mentioned the ternary operator. Not many people can easily read expressions using it so overall it makes code more unreadable.
    Spookster
    CodingForums Supreme Overlord
    All Hail Spookster


  •  

    Posting Permissions

    • You may not post new threads
    • You may not post replies
    • You may not post attachments
    • You may not edit your posts
    •