2

I am working on a function that takes a string as an argument, which I need to use to get the value of a variable of the same name.

For example

If the string $foo = "$_POST['email']"; is passed I need to retrieve the value of $_POST['email'] and store it as $example, so that $_POST['email'] == $example would return true. There is no feasable way of passing the value directly to function (the variable has to be dynamic to make the function worthwhile).

I did think of using variable variables but they don't work with super globals which will be the primary source of the values I need.

Basically is there a way to get the value of a variable (usually in a superglobal array) with the needed variable as a string?

Let me know if more detail is needed.

Thanks

Improve this question
4
  • To address secuity concerns, I am using a mysql table to provide a value set by admin, which itself will be restricted to a small number of possible variables and checked before going in the database. On the front end, everything is checked before this function is called and if it doesn't make sense with verified data, the function stops. To my mind that is fairly secure, but critism is welcome. Commented Feb 5, 2011 at 18:51
  • Also, why didn't I think of array keys? Commented Feb 5, 2011 at 18:51
  • "...which I need to use to get the value of a variable of the same name.". Another mind ruined by PHP. Please. Stop. Think. Don't do that. Think about what is really desired and then use an appropriate ADT. Problem averted. Commented Feb 5, 2011 at 19:43
  • My last comment may have been a tad harsh: I do not understand the actual use-case from the post. If this was laid out better, others could provide alternative answers using good programming techniques. Commented Feb 5, 2011 at 19:47

2 Answers 2

Reset to default
4

Variable variables would be the answer, but if you're after fetching values from $_POST array, why not pass just a key to a function?

Note: ths function is provided just for example, my actual recommendation is below.

function fetchFromPost($key) {
  if(isset($_POST[$key]) {
    return $_POST[$key];
  } else {
    return null; //or do whatever you want to do in case key is not found
  }
}

In fact filter_input(), which allows you to chose an input array, a key and a sanitaion filter to be used, is already there for you

Improve this answer
Sign up to request clarification or add additional context in comments.

8 Comments

+1 You could change $_POST to $_REQUEST so that you have post, get and cookie all at once.
@jeroen - although using $_REQUEST means you don't know where the values came from, which leaves you open to potential abuse
They all come from user, so none of them can be trusted anyway.
@Mark Baker That´s true, but the whole idea of returning a variable like that - without taking into account what it can and can´t be - already seems like a very bad idea that you should never use in a non-trusted environment. Strike that, I would never use it at all.
Nice solution, but no answer to the question. It can just read POST variables and not just any variable.
|
2

It is possible, although I seriously doubt you should use this. It allows for PHP injection and makes your source code very vulnerable if you don't know where the string came from:

<?
function eval_expression($expression)
{
    eval("\$temp = $expression;");
    return $temp;
}

// Usage:
echo eval_expression("\$_GET['plop']");
Improve this answer

3 Comments

-1 Just for the sake of using eval, even with the non-stressed disclaimer (Not that this approach may not work, rather that this approach should not be promoted.)
Yeah, maybe I should have stressed it more. I did in another reply that I deleted because the solution I gave there was wrong. Still feels a bit wrong to downvote what seems to be the only working solution to the literal question, unless you know a different and better one. For now, please accept this answer for what it is. A glimpse on the dark side, for education purposes only. ;-)
Added some bold and italic. ;-)

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.