Databases
StackOverflow2013
Postsdbo
PO
Body
 

Note that there are some explanatory texts on larger screens.

plurals
  1. PO
    text
    copied!<blockquote> <p>I have always used the more phpish <code>$this-&gt;_request-&gt;getPost('this')</code> and <code>$this-&gt;_request-&gt;getQuery('that')</code> (this one being not so much logical with the getquery insteado of getGet).</p> <p>What is best of this two? (or if theres another better way)</p> </blockquote> <p>Just a quick explanation on the choice of <code>getQuery()</code>. The wording choice comes from what kind of data it is, not how it got there. GET and POST are just request methods, carrying all sorts of information, including, in the case of a POST request, a section known as "post data". A GET request has no such block, any variable data it carries is part of the query string of the url (the part after the ?).</p> <p>So, while <code>getPost()</code> gets the data from the post data section of a POST request, <code>getQuery()</code> retrieves data from the query string of either a GET or POST request (as well as other HTTP Request methods).</p> <p>(Note that GET Requests should not be used for anything that might produce a side effect, like altering a DB row)</p> <p>So, in answer to your first question, use the <code>getPost()</code> and <code>getQuery()</code> methods, this way, you can be sure of where the data source (if you don't care, <code>getParams()</code> also works, but may include additional data).</p> <blockquote> <p>What is the best practice for validating php input with this methods?</p> </blockquote> <p>The best place to validate input is where you <em>first</em> use it. That is to say, when you pull it from <code>getParams()</code>, <code>getPost()</code>, or <code>getQuery()</code>. This way, your data is always correct for where you need it, and if you pass it off, you know it is safe. Keep in mind, if you pass it to another Controller (or Controller Action), you should probably check it again there, just to be safe. How you do this depends on your application, but it still needs to be checked.</p>
 

Querying!

 
Guidance
An individual column

Larger individual text columns get their own page to allow for proper reading.

SQuiL has stopped working due to an internal error.

If you are curious you may find further information in the browser console, which is accessible through the devtools (F12).

Reload