Convert Key => Value Arrays Into Standard Variables In PHP

Comments

1. Hugo Magalhães

   Interesting effect, but it has the same effect of php’s extract function! In your example, you can do extract($user); and so call $first_name; ;)

   http://www.php.net/extract

2. david

   Good point Hugo. My post wasn’t detailed enough, or perhaps was over-simplified.

   With the loop, you can do special operations to the values. For example:

   foreach($_POST as $key=>$value)
   {
   $key = stripslashes($value);
   }

   …removes slashes.

3. Peter Scarborough

   I have used this alot for both GET’s and POST’s, sure, they can create their own variables, who cares? If I use a variable, I always declare it after pulling from get or post, the variables that I use from post and get are also validated for correct values.

   Also, something I have found handy for dealing with case sensitivity for get variables, (since sometimes if someone posts it to say, ICQ for someone else to visit, ICQ will lowercase the whole string) is
   foreach($_GET as $k = $v) {
   $k = strtolower($k);
   \$$k = $v
   }
   then you can safely test to see if the get was set
   if(isset($variablenametotestfor)) {//begin execution}

4. Peter Scarborough

   Also, per using the method for GET POST or REQUEST you could use a regex match on the $k to only convert expected variable names.
   IE:
   $acceptedGETS = /(varname1)|(varname2)|(varname3)|(etc)/
   foreach($_GET as $key => $value) {
   $key = strtolower($key);
   if $key.match($acceptedGETS) $$key = $value;
   }

   This will prevent someone from creating their own variable names

5. david

   Thank you for the RegEx, Peter — that could prove very useful!

6. Peter Scarborough

   Sorry, there was an error in my regex syntax there, I learned regex with javascript, and just learning PHP regEx… I got the two confused when I wrote that

   The correct syntax for the above would be
   $acceptedGETS = “/\bvarname1\b|\bvarname2\b|\bvarname3\b|\betc\b/”;
   foreach($_GET as $key => $value) {
   $key = strtolower($key);
   if (preg_match($acceptedGETS,$key)) $$key = $value;
   }

   the \b is required on both sides of each variable name to force exact words, without them qvarname1x34r would match.

7. David Moreen

   Hey is not on google so I was wondering what the ${ } does? I have never seen it before.

8. Droope

   Hi David,

   I think the brackets are just a way of delimiting the variable’s name from the rest of the string.

   Say you had variable $table_prefix,

   echo “table name: $table_prefix_users”; // would return “table name: “;
   echo “table name: ${table_prefix}_users”; // would return “table name: wp_users”;

   I am not sure about this :) I am most likely wrong.

   Cheers!
   Droope

9. Robert

   No, Droope is correct. Mostly.

   The ${ } does designate a string.

   But the purpose of this article is showing how to easily assign array variables to their key name. I know that sounds confusing, but its it.

   Example:

   $people['me'] = ‘robert’;
   $people['friend'] = ‘sam’;
   $people['girl'] = ‘bailey’;

   foreach($people as $key => $val) {
   // ${“me”} = ‘robert’

   ${$key} = $val; //or $$key = $val;
   }

   So that

   echo $me; //echo “robert”;

10. droope

    (great blog, btw)

11. Pascal

    As Hugo Magalhães said, I think this woud be a “better” solution…
    This way, nobody can modify or change your variables!

    extract($REQUEST, EXTR_PREFIX_ALL, "my_prefix");

12. Zync

    Thank you all very much for this, was exactly what I was looking for today. using Peter’s approach just whipped up a quick match string, just add your allowed variables to the array.

    
$acceptedIncomingVars = array('id', 'name', 'code', 'cost', 'desc', 'mixtypeid', 'mixdetailid');

    $acceptedVars = "/";
for($i = 0; $i $value) {
$key = strtolower($key);

    if (preg_match($acceptedVars,$key))
{
$$key = $value;
}
}

    echo $code;