I am flabbergasted by the code, where the GET-values, such as $_GET['username'], are not included as parameters to functions.
When do you you need to include POST and GET methods as parameters to functions?
I am flabbergasted by the code, where the GET-values, such as $_GET['username'], are not included as parameters to functions.
When do you you need to include POST and GET methods as parameters to functions?
When do you you need to include POST and GET methods as parameters to functions?
I would say "never" : $_GET
and $_POST
are what is called superglobals : they exists in the whole script ; which means they exist inside functions/methods.
Especially, you don't need to you the global
keyword for those.
Still, relying on those in your functions/methods is quite a bad practice : your functions/methods should generally not depend on anything not passed as a parameter.
What I mean is ; consider those two functions :
function check_login_password()
{
$login = $_GET['login'];
$password = $_GET['password'];
// Work with $login and $password
}
and
/**
* Check login and password
*
* @param $login string
* @param $password string
* @return boolean
*/
function check_login_password($login, $password)
{
// Work with $login and $password
}
OK, with the first one, you don't have to pass two parameters... But that function will not be independant and will not work in any situation where you'd have to check a couple of login/password that doesn't come from $_GET
.
With the second function, the caller is responsible for passing the right parameters ; which mean they can come from wherever you want : the function will always be able to do it's job.
$_GET and $_POST are global variables. They have values not methods. It is their values you want to send to functions, and classes/functions should generally be unaware of anything outside them, like where the data comes from. Many use the shortcut of using the global variables in functions, and thus limiting the usability of their functions.
You don't need to send them as function parameters as they are global variables (accessible every where in the code).
But it's always a good practice to filter and validate them before you use them in your code.