Do you have a question? Post it now! No Registration Necessary. Now with pictures!
- Posted on
- $$key = $value?
- Gilles Ganault
March 24, 2008, 9:21 am
rate this thread
Re: $$key = $value?
$$key is a variable variable:
Basically what this does is sets a variable name with the key in
$__POST as the name. For example, if your $_POST superglobal looked
$_POST = array ( 'firstName' => 'Steve',
Than you run it through this function, it produces tow variables:
$fistName = 'Steve';
$usenet = 'ElintPimp';
Two problems with this function:
1) There is a function to do this - extract()
2) Both what that foreach loop and the extract() function are
potential security problems. I'll copy what is said about this from
"Do not use extract() on untrusted data, like user-input ($_GET, ...).
If you do, for example, if you want to run old code that relies on
register_globals temporarily, make sure you use one of the non-
overwriting extract_type values such as EXTR_SKIP and be aware that
you should extract in the same order that's defined in variables_order
within the php.ini."