In 1.2 I was accessing some query variables in the URL using the PHP $_GET[] method. I was using this for directing forms, and it worked quite well.

Now in 1.3, the same method works, but throws a PHP Notice:

Error:

A PHP Error was encountered
Severity: Notice
Message: Undefined index: name
Filename: controllers/test.php
Line Number: 67

Line 67:

Any idea how to access the URL vars properly to avoid this notice? Thanks.

You’ll probably want to use isset() or array_key_exists to see if the name exists in the array first before checking contents or whatever you need it to do…

Code Igniter’s Input and Security Class destroys the $_GET array. You can give the $_REQUEST array a try, which is a build of the $_POST, $_GET, and $_COOKIE arrays within one, but not sure how well that will work for you - it’s worth a shot.

On a side note: you are opening yourself up to quite a few security vulnerabilities without a strong validation backend on that page.

I went back through the docs and found

is exactly what I’m looking for. Thanks.

Does CI convert all of the variables within the $_GET array over to $_POST so they can be used via input->post? I didn’t read that anywhere but if it works - hoorah!

My original suggestion was to use input->post, but after rereading your post you weren’t referring to $_POST data…

Can anyone clarify for me? Thanks.

I’m not sure that it converts them… I had to change my forms to method=post for it to work.

Ah - well I was going to suggest that to begin with but I figured there was a legitimate reason you were using GET, although I can’t think of one myself - when you take all of the security issues into consideration.

Glad to see you found a solution. Make sure you tack on that 2nd parameter when you retrieve the data the first time so you can save yourself from an data injection vulnerabilities:

Then just refer to the $username variable (which is a safe version of the user’s submission) from there on out.

It doesn’t.  at least i last time i checked i didnt find any code that did anything similar.

Evic - 04 April 2006 09:00 AM

On a side note: you are opening yourself up to quite a few security vulnerabilities without a strong validation backend on that page.

I don’t see how, it’s merely sending header details to the browser to redirect to a page. It’s not explosing any details.

CI doesn’t accept $_GET because it uses its segment approach, your best bet it is to use post, or parse_str the segment which the $_GET details are in, although it may need a little messing around with.