Solved

Php -- what is this code doing

Posted on 2012-03-13
7
244 Views
Last Modified: 2012-06-21
Hi,
I'm working on fixing a Form issue from some old code I inherited.
Can someone tell me what exactly this code is doing and returning (or should return)?

Thanks
Nacht

function CCGetFromGet($parameter_name, $default_value = "")
{
    global $HTTP_GET_VARS;
    return isset($HTTP_GET_VARS[$parameter_name]) ? CCStrip($HTTP_GET_VARS[$parameter_name]) : $default_value;
}
0
Comment
Question by:nachtmsk
7 Comments
 

Author Comment

by:nachtmsk
ID: 37715197
I'm particularly curious about the  line that starts   'return isset  ... '
Does a FORM need the data that this line would return in order to be Submitted?

Thanks
0
 
LVL 31

Assisted Solution

by:Marco Gasi
Marco Gasi earned 150 total points
ID: 37715303
That function check if a parameter has been past: if it has been past, then the function returns its value otherwise it returns the default value, that is an empty string.

Does a FORM need the data that this line would return in order to be Submitted?

This depends on how the code is built: I would say: no, the form is submitted but submission can fails or return empty values depending on the code...

Cheers
0
 
LVL 108

Assisted Solution

by:Ray Paseur
Ray Paseur earned 150 total points
ID: 37715531
This is a giant red flag
global $HTTP_GET_VARS;

Open in new window

Suggest you refactor this code completely.  See the "deprecated" notice here.  This is probably left over from PHP4.
http://php.net/manual/en/reserved.variables.get.php

In the case of the instant function, it executes one instruction.  Kind of makes me wonder why it is a function at all - why not just use the native PHP "ternary operator" notation without wrapping it in a function?  See example 2 on this page for an explanation of the way this code works.
http://php.net/manual/en/language.operators.comparison.php
0
DevOps Toolchain Recommendations

Read this Gartner Research Note and discover how your IT organization can automate and optimize DevOps processes using a toolchain architecture.

 
LVL 14

Accepted Solution

by:
Scott Madeira earned 200 total points
ID: 37715586
Looks like the code was written using CodeCharge as the IDE.  These functions are associated with the program.

It looks like it is taking a parameter name and then checking the $_GET[] array to see if that parameter is in the data coming back from the form submit.  If it is not in the form data (user didn't enter that data on the form before submitting the form) then a default value is provided.

The CCStrip() function most likely strips leading and trailing whitespace from the string data.

"Does a FORM need the data that this line would return in order to be Submitted? "

The flow would be:  user completes form, user submits form, form data is sent to server, this PHP code checks what fields were completed and uses that value or assigns a default value.  So no, the form doesn't require the data to be submitted.  However, the script may need some of that data and if it isn't there then it should return an error message to the browser and ask that the form problems be fixed and then resubmitted.

Hope that helps...
0
 
LVL 17

Expert Comment

by:nanharbison
ID: 37715602
The PHP function isset returns true or false, so I am having trouble with the structure of this statement.. Within the isset parentheses is a true false statement using T/F shorthand called ternary operators. It says, if the parameter has been set, then return that value. If it isn't set, return the default value. So why is it in an isset statement? It should return true either way.
Have you tried echoing out what is returned?
It seems like this function is choosing a value for one element of the form, either the value the person entered or chose, or the form element is filled with the default value.
Someone correct me if I am wrong, maybe I am about to learn something new.
0
 
LVL 10

Expert Comment

by:Derokorian
ID: 37715845
Within the isset parentheses is a true false statement using T/F shorthand called ternary operators.
False, the return on isset is what is used to evaluate the conditional. These 2 stuctures are identical:
return isset($HTTP_GET_VARS[$parameter_name]) ? CCStrip($HTTP_GET_VARS[$parameter_name]) : $default_value;

// Same as
if( isset($HTTP_GET_VARS[$parameter_name]) ) {
   return CCStrip($HTTP_GET_VARS[$parameter_name]);
} else {
   return $default_value;
}

Open in new window


No points please, just trying to clarify.
0
 
LVL 17

Expert Comment

by:nanharbison
ID: 37716961
Thanks Derokorian.
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Developers of all skill levels should learn to use current best practices when developing websites. However many developers, new and old, fall into the trap of using deprecated features because this is what so many tutorials and books tell them to u…
Nothing in an HTTP request can be trusted, including HTTP headers and form data.  A form token is a tool that can be used to guard against request forgeries (CSRF).  This article shows an improved approach to form tokens, making it more difficult to…
Learn the basics of strings in Python: declaration, operations, indices, and slicing. Strings are declared with quotations; for example: s = "string": Strings are immutable.: Strings may be concatenated or multiplied using the addition and multiplic…
The viewer will learn how to count occurrences of each item in an array.

895 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

15 Experts available now in Live!

Get 1:1 Help Now