使用 foreach 创建的 PHP 变量
我有几个来自 $POST_['array'] 数组的变量,我希望进行某种循环,例如 foreach ,为变量中的每个值创建一个变量名并为其分配值。
例如,如果我有,
$POST_['name'];
$POST_['last'];
$POST_['age'];
$POST_['sex'];
我希望循环从 $_POST 内的数组创建每个变量,其变量名称如下所示:
$name = 'John';
$last = 'Doe';
$age = '32';
$sex = 'male';
注意 - 该数组来自序列化的 jquery 字符串,该字符串将所有变量和值放在一起一个表格变成一个大字符串。
这可能吗?
I have several variables coming from an array in $POST_['array'] i wish to make some kind of loop for example foreach that makes, for every value in the variable a variable name of it and assigns the value for it.
For example if i have
$POST_['name'];
$POST_['last'];
$POST_['age'];
$POST_['sex'];
I want the loop to create each variable from the array inside the $_POST with the name of the variable like the following:
$name = 'John';
$last = 'Doe';
$age = '32';
$sex = 'male';
NOTE - The array is coming from a serialized jquery string that puts together all the variables and values in a form into one big string.
Is this possible?
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(5)
您不需要循环,您需要提取:
##Cautions and best practices
如评论中所述 这会将
$_POST数组中的所有参数强制放入当前符号空间。在全局空间中
上面的代码说明了问题如本答案所示 - 一些非常危险的东西可以在全局空间中被覆盖。
在函数内部
在函数内部,作为第一行,没有什么坏处。
重要说明:您可能认为因为
$_SERVER是超级全局,该漏洞也可能发生在函数内部。但是,在我的测试中,在 PHP 版本 5.3.4 上,它在函数内部是安全的 -$_SERVER和$_POST 都不是、$_GET、$_SESSION或可能的其他超全局变量可能会被覆盖。使用选项
您还可以使用使用不覆盖的 extract_type 选项进行提取 。
在我看来,最好的选择就是简单地为提取中的所有变量添加前缀:
这样您就不会遇到覆盖问题,但您也知道您从数组中获取了所有内容。
##Alternate - 带条件循环
如果您想手动执行此操作(但仍然是动态的),或只想有条件地提取几个变量,您可以使用 变量变量:
(我使用的示例条件是防止覆盖。)< /em>
You don't need a loop, you want extract:
##Cautions and best practices
As noted in the comments this forces all parameters in the
$_POSTarray into the current symbol space.In global space
The code above illustrates the problem as shown in this answer — some pretty dangerous things can be overwritten in the global space.
Inside a function
Inside a function, as the first line, no harm done.
Important note: You might think since
$_SERVERis a super global, that this exploit could happen inside a function as well. However, in my testing, on PHP Version 5.3.4, it is safe inside a function — neither$_SERVER,$_POST,$_GET,$_SESSION, or presumably other superglobals, could be overwritten.With options
You can also use extract with extract_type options that do not overwrite.
The best option to use, in my opinion, is simply to prefix all variables from extract:
That way you don't have the overwrite problem, but you also know you got everything from the array.
##Alternate - looping w/ conditional
If you wanted to do this manually (but still dynamically), or wanted to conditionally extract only a few of the variables, you can use variable variables:
(The example condition I've used is an overwrite prevention.)
使用
$_POST时尽量不要使用extract()。您可能会覆盖所需的变量,这将导致不可预测的行为。这是一个坏习惯,而动态可能不是最好的解决方案。你可以这样做:
Try not to use
extract()when using$_POST. You may overwrite variables you want which will result in unpredictable behaviour. It is a bad habit to get into and while is dynamic may not be the best solution.You can do something like this:
您实际上可以使用名为 extract 的内置函数
You can actually use the built-in function called extract
为什么不使用
foreach?Why not use a
foreach?我只想提一下,您可以改进 foreach 技术,因为我们在 HTML 中能够使用方括号表示法命名一个表单字段,如果我们这样做,HTML 将提交一系列值作为大批。
而不是仅使用一行代码将输入字段中的所有值分配到本地数组 $args 中。
因此,这意味着当我们处理表单时,我们正在查看一个值数组,而不是必须检索的一堆单个值。
因此,我们可以简单地转到超级全局帖子并请求一项:即用户。我们返回的是一个关联数组。因此,我们不必通过一次检索所有这些值来构建该数组,而是立即获得一个数组,只是因为我们以不同的方式命名了表单字段。
I just want to mention that you can improve foreach technique because we have in HTML the ability to name one of our form fields using square bracket notation, and if we do that, what HTML will do is it will submit a series of values as an array.
Than use just one line of code to assign all values from input fields into local array $args.
So what that means is when we go to process the form, we're looking at an array of values instead of a bunch of single values that we have to go retrieve.
So we can just simply go to the post super global and ask for one item: that is user. And what we get back is an associative array. So instead of having to build up that array by going and retrieving all those values one at a time, we're instantly given an array, just because we named our form fields differently.