How to block some php variable from being used

StackOverflow https://stackoverflow.com/questions/12960235

  •  08-07-2021
  •  | 
  •  

Question

Team i work with keep using $_REQUEST variable when i told them many times to not use it and instead use $_POST and $_GET. i wonder if there is way to block this variable so if they use it again code gives fatal error. Or perhaps deprecate it somehow.

e.g. i can put unset($_REQUEST); in the top of my includes file but i bet they can find it and disable, i need to be able to do it on server side.

Was it helpful?

Solution

Am not sure of any official way even request_order does not mean it will leave the super globals array REQUEST empty.

What you can do is have your own little scanner .. looking of REQUEST in there code .. (Please Note this is just an experiment)

ini_set("display_erros", "On");
error_reporting(E_ALL);
set_time_limit(0);

findUsage(__DIR__,'$_REQUEST');

Output Example 

$_REQUEST Found in /public_html/www/stockoverflow/a.php Line 7 
$_REQUEST Found in /public_html/www/stockoverflow/c.php Line 3 
$_REQUEST Found in /public_html/www/stockoverflow/lib/phpThumb/demo/index.php Line 2 
$_REQUEST Found in /public_html/www/stockoverflow/lib/phpThumb/demo/phpThumb.demo.gallery.php Line 36 
$_REQUEST Found in /public_html/www/stockoverflow/lib/phpThumb/demo/phpThumb.demo.gallery.php Line 45 
$_REQUEST Found in /public_html/www/stockoverflow/lib/phpThumb/demo/phpThumb.demo.gallery.php Line 47 
$_REQUEST Found in /public_html/www/stockoverflow/lib/phpThumb/demo/phpThumb.demo.gallery.php Line 4

Function Used

function findUsage($projectDir,$find) {
    echo "<pre>";
    $di = new RecursiveIteratorIterator(new RecursiveDirectoryIterator(__DIR__, FilesystemIterator::SKIP_DOTS));
    foreach ( $di as $file ) {
        if (! $file->isFile() || $file->getExtension() != "php")
            continue;
        $n = 0;
        foreach ( file($file) as $line ) {
            $n ++;
            if (strpos($line, $find) !== false) {
                echo $find, " Found in $file Line $n \n";
                flush();
            }
        }
    }
}

OTHER TIPS

If you wanna do this to make your code safe, you can make your own $_Request and it's safe (put it in bootstrap)

$_REQUEST = array_merge($_GET, $_POST);
Licensed under: CC-BY-SA with attribution
Not affiliated with StackOverflow
scroll top