What are the ways to receive external parameters in PHP?-PHP Problem-php.cn

Home

Backend Development

PHP Problem

What are the ways to receive external parameters in PHP?

醉折花枝作酒筹

Jun 09, 2021 pm 05:17 PM

php

This article will introduce to you how to receive external parameters in PHP. It has certain reference value. Friends in need can refer to it. I hope it will be helpful to everyone.

What are the ways to receive external parameters in PHP?

For a web language like PHP, receiving parameters is a very important ability. After all, the data passed from the front-end form or asynchronous request must be obtained for normal interactive display. Of course, this is also an essential capability for all languages capable of web development. Today we will take a look at various parameter access forms in PHP.

First, we need to prepare a static page, like the one below, which provides a form and a GET parameter in the url:

<!DOCTYPE html>
<html lang="en">
<head>
    <meta charset="UTF-8">
    <title>Document</title>
</head>
<body>
    <form action="?show=1" method="post">
        姓名：<input type="text" name="name"/><br />
        电话：<input type="text" name="tel"/><br/>

        地址（省）：<input type="text" name="address.prov"/><br/>
        地址（市）：<input type="text" name="address city"/><br/>

        兴趣1：<input type="text" name="interest[]"/><br/>
        兴趣2：<input type="text" name="interest[]"/><br/>
        兴趣3：<input type="text" name="interest[]"/><br/>

        学历1：<input type="text" name="edu[one]"/><br/>
        学历2：<input type="text" name="edu[two]"/><br/>

        <input type="submit" value="提交" >
    </form>
</body>
</html>

Normal$ _GET, $_POST method

// 正常的GET、POST
    echo $_GET[&#39;show&#39;], &#39;<br/>&#39;; // 1
    echo $_POST[&#39;name&#39;], &#39;<br/>&#39;; // 提交的内容

This is the most basic and direct method of receiving parameters. GET parameters are obtained through $_GET, and POST parameters are obtained through $_POST. They do not interfere with each other.

Normal $_REQUEST method

    // 使用REQUEST
    echo $_REQUEST[&#39;show&#39;], &#39;<br/>&#39;; // 1
    echo $_REQUEST[&#39;tel&#39;], &#39;<br/>&#39;; // 提交的内容

$_REQUEST obtains all parameters in the request, excluding uploaded files. In other words, it includes all the contents of the three access parameter variables $_GET, $_POST and $_COOKIE (configuration required, not included by default). One thing to note here is that after PHP5.3, the parameter variable content accepted by $_REQUEST is specified by request_order in the php.ini file. By default, the value of this configuration parameter is GP, that is, GET and POST, and there is no COOKIE. I think If you want COOKIE, you need to modify it and add a C.

What if there is content with the same name in $_GET and $_POST? The order in which $_REQUEST is displayed is also based on the order of the configuration parameters, from left to right, with the latter covering the previous ones. For example, if you configure GP, the order of parameter coverage is: POST > GET, and the final display is in POST. Content.

register_globals problem

    // register_globals 如果打开
    echo $name, &#39;<br/>&#39;; // 提交的内容
    echo $tel, &#39;<br/>&#39;; // 提交的内容

This is an unsafe configuration and is also configured in the php.ini file. Its function is to directly convert the requested parameters into variables. There is a problem of global variable pollution, so do not open it! ! ! The current php.ini file is basically turned off by default.

import_request_variables

    // import_request_variables 抱歉，5.4之后已经取消了
    import_request_variables(&#39;pg&#39;, &#39;pg_&#39;);
    echo $pg_show, &#39;<br/>&#39;;
    echo $pg_name, &#39;<br/>&#39;;

This function manually registers the contents of the specified parameter variable as a global variable. Similarly, it was also canceled after 5.4, so There are risks in all functions. Let’s find out if there has ever been such a function.

extract

    extract($_POST, EXTR_PREFIX_ALL, &#39;ex&#39;);
    echo $ex_name, &#39;<br/>&#39;; // 提交的内容
    echo $ex_tel, &#39;<br/>&#39;; // 提交的内容

extract is currently supported as a method that can replace the above two parameter conversions. It is up to us to control the overwriting of existing variables, which is the second parameter. This can greatly avoid the problem of contaminating global variables in a controllable environment. Of course, the premise is that we must make sure to use it ourselves. Specifically You can find the document reference by yourself!

. and spaces in parameter names

    // 参数名中的.和空格
    echo $_REQUEST[&#39;address_prov&#39;], &#39;<br/>&#39;; // 提交的内容
    echo $_REQUEST[&#39;address_city&#39;], &#39;<br/>&#39;; // 提交的内容

If the name of the input submitted by the form contains . or spaces, it will be directly converted into underscores. However, we do not recommend using . or spaces in front-end naming. Just use underscores when necessary. Do not create ambiguity between the front-end and the front-end.

The [] in the parameter name

    // 参数名中的[]
    print_r($_REQUEST[&#39;interest&#39;]); // Array (v,....) 
    echo &#39;<br />&#39;;
    print_r($_REQUEST[&#39;edu&#39;]); // Array (k/v,....)

When the name of the input submitted by the form is in the form of an array, that is, "interest[]" or "edu[one] " In this form, the parameters we receive will become the content of an array by default.

High-end php://input

    // php://input
    $content = file_get_contents(&#39;php://input&#39;);   
    print_r($content); //name=xxx&.....

Finally, the php://input form of parameter is often used in interface development. Generally, when there are many security or parameter fields, the front end directly transfers a whole section of Body content in the form of Body Raw. At this time, it can only be obtained in this form. The original content of this Body Raw will usually be a whole paragraph of text, or it may be some encrypted content. The format can be defined by yourself. When facing a normal form, what we will receive is the original form content, just like the name=xxx&tel=xxx&.... above.

It should be noted that it cannot obtain the content when enctype="multipart/form-data" is used. At the same time, this method also replaces the $HTTP_RAW_POST_DATA global variable. Don’t use the eliminated ability anymore. Update the new version of PHP as soon as possible to use the new syntax features!

Summary

After sorting it out, I found that a simple parameter connection has so many forms and things that need attention, which is really eye-opening. It’s still the same saying, there is no end to learning, if you continue to study in depth, sooner or later you will become a master!

Test code:

https://github.com/zhangyue0503/dev-blog/blob/master/php/202002/source/%E5%8F%98%E7%9D%80%E8%8A%B1%E6%A0%B7%E6%9D%A5%E6%8E%A5%E5%8F%82%EF%BC%8CPHP%E4%B8%AD%E6%8E%A5%E6%94%B6%E5%A4%96%E9%83%A8%E5%8F%82%E6%95%B0%E7%9A%84%E6%96%B9%E5%BC%8F.php

Recommended learning: php video tutorial

The above is the detailed content of What are the ways to receive external parameters in PHP?. For more information, please follow other related articles on the PHP Chinese website!

Statement

This article is reproduced at:segmentfault. If there is any infringement, please contact admin@php.cn delete