$_GET question

Jon12345

On my url, I have mypage.com/index.php?abc=test

If I want to use that variable on my page, do I need to do this first?

$abc=$_GET['abc'];

Or is it automatically available?

Thanks,

Jon

laserlight

It is automatically available as $_GET['abc']

stolzyboy

laserlight wrote:
It is automatically available as $_GET['abc']

tho laserlight is correct, of course... "cleaning" the variable is advised 😉

Jon12345

If that is the case, why would you ever need to use $_GET?

laserlight

If that is the case, why would you ever need to use $GET?

I do not really understand the question. $GET provides one way to get the data passed via the query string. You do not need to use it, since you can pass via post, obtain via $_REQUEST etc.

But, whether your incoming variables are passed by GET, POST, or from a cookie, since they can be manipulated by the user, you should always validate them or transform them into some safe to handle form (or both).

Jon12345

I mean if I do not need to use $abc=$GET['abc']; to store the value "test" in $abc, then you don't need $GET in this instance, ever. Correct?

laserlight

I mean if I do not need to use $abc=$GET['abc']; to store the value "test" in $abc, then you don't need $GET in this instance, ever. Correct?

Actually, that means that you don't need to use $abc, since you can use $GET['abc'] directly. Of course, if you do something like:

$abc = (int)$_GET['abc']; // ensure $abc is an int

then you should only use $abc after that.

djdejan

If you have url mypage.com/index.php?abc=test

then you can use $abc variable and it has value "test", but only if your php is configured with register_globals=On

else

you should use global $GET variable as $GET['abs'].

bradgrafelman

Jon12345 wrote:
but only if your php is configured with register_globals=On

Then again, if this is the case, you should promptly turn register_globals off. If you do not host your own server and are unable to do this, find a competent host.