Passing $_GET / $_POST to function

tdnxxx444

I have a form that is submitted to another page. The page then processes the form in a function. My question, what is the best way to process these superglobals ($POST, $GET) ?

processVariables($_POST);
processVariables($POST['name'], $POST['age']);
function processVariables()
{
echo $POST['name'];
echo $POST['age'];
}

vaaaska

It's too hard to say really...

If all your data is the same...or being validated the same way then you could simply write one little function and use array_map.

But I'm guessing you'll have more than one method so calling them up individually (via individual functions) is probably the way to go.

When I validate stuff I do it on a case by case basis...

thorpe

what do you mean by process? the first thing you should do is make sure they have a value.

if (isset($_POST['foo'])) {
  // foo has a value
}

then you'll want to determine that the values passed are what you actually want. this all depends on the data your expecting so i wont get into it here. but a quick search for 'validating user input' or something allong those lines should help you out.

tdnxxx444

Process as in validating the data and then doing what I need to do with it as in manipulation, database insertion, etc.

thorpe

did you search at all?

here is just one article i found. there is another 747000 articles like this if you google it.

tdnxxx444

I already have functions to validate the data and throw errors. That part I don't have any problem with. I'm just wondering what the best practice is for using the data in functions. If its best to use it as a global variable or if I should pass the superglobal into the function and how -- via an array or individually, or is there a better way?

thorpe

well $POST and $GET variables are global, so why bother passing them? they are available to all your application, inluding inside functions.

passing them in individually is just more typing.

tdnxxx444

Well I was thinking maybe using the superglobals in the actualy function might bring up extra issues such as maintainability or even security issues.

Like for example what if we are working a function that some other programmer may us in the future. If we process the functions with

function process()
{
echo $POST['name'];
echo $POST['age'];
}

instead of

process($POST['name'], $POST['age']);

the first method might look simple, but what if the function turns into lines and lines of code. The new programmer will have a hard time figuring out what variables are all posted to the form. The second verison however, lists out all the parameters in the argument list for cleaner code.