HttpFoundation: Make request->get() behave more like $_REQUEST #40974
Comments
|
Changing the order would be a BC break (with no good way to warn about it). If you want an utility method respecting the ini setting, you can implement it in your project as a function getting the Request object as argument. All parameter bags used in your implementation are available publicly. |
|
yes, the BC break is problematic. It would definitely be better as a separate function, the only question is what would be a good name for it... Regarding weird API: I would say not any weirder than PHP itself, and it's not like nothing else in Symfony changes when php.ini values are changed. Also, I think the current implementation has significant footgun potential: Let's say you have some POST form on your site and decide to read the data with |
|
Or to make it more explicit: I send the user a link like |
|
getting the wrong GET param can go equally wrong too. Note the default variable order in PHP is also GP. IMHO the only sane answer is to deprecate Request::get() |
|
@ro0NL yes, the default order is GP, and
so P takes precedence over G |
|
@flack the fact that PHP itself has a weird API does not mean that Symfony should provide an equivalent. Note that by modern standards of PHP RFCs, the
to me, that's the actual issue. If you know that you want to read a POST data, use the dedicated API doing that. |
I would totally vote for it. In my own projects, usages of |
Well, if you're using a library, you may not even be aware that you're using it. Also, see my original example with paginated search results. At least in sites I work on, pagination usually makes a query string out of the search form, and to do a new search, you would send the form again, which typically uses POST (at least from what I see). So I would say there's a usecase for POST with a fallback to GET, but not the other way around. But yes, i would also vote to deprecate the current |
|
adding something that emulates $_REQUEST doesnt help migrating away from it ;) |
well, search forms are often implemented as |
yeah, like I said, that's mostly from sites I see (or work on), and the rationale for POST in the form is precisely to avoid hitting a cache. Anyhow, should I make a "Deprecate Request::get()" ticket? If nobody likes my $_REQUEST emulation, I can also implement it on my side, it's only a few lines anyways :-) |
|
closing in favor of #40984 |
|
My 2c: search forms in an ideal world should use GET 99% of the time, but sometimes they hit max length of URL allowed by browsers, proxies, reverese-proxies or webservers, esp. when adding in faceting. This is often found after the initial build, and quick-fix is then to switch the search form to POST, possibly even in JS. This is one of the cases where being able to conflate GET with POST on the receiving end actually makes sense ;-) |
The
getmethod ofRequestcurrently looks atin that order. It's a bit unfortunate, because in PHP's default config, the order in
$_REQUESTis the opposite of that, i.e. a parameter in$_POSToverrides the same parameter from$_GETin the$_REQUESTsuperglobal. Which seems more logical: Let's say a user opens some search URL, clicks through a few pages of results (typically the search params are in GET in that scenario), then changes a value in the form and submits (let's say the form POSTs by default for the sake of argument), the POST data gets ignored.So I was wondering: Would you be open to make the order in the
getfunction depend on therequest_order(https://www.php.net/manual/en/ini.core.php#ini.request-order) ini setting? That would make$request->get('something')a drop-in replacement for$_REQUEST['something'](well, almost at least).Basically, it would look something like this:
The text was updated successfully, but these errors were encountered: