What is the best way of accessing the Get variables in my controllers. Do I have to use the $_GET suerglobal. Is the $_GET superglobal is sanitized by the framework?
I could'nt find any documentation on this.
Thanks for you help
This site requires you to update your browser. Your browsing experience maybe affected by not having the most up to date version.
Please use forum.silverstripe.org for any new questions
(announcement).
The forum archive will stick around, but will be read only.
You can also use our Slack channel
or StackOverflow to ask for help.
Check out our community overview for more options to contribute.
What is the best way of accessing the Get variables in my controllers. Do I have to use the $_GET suerglobal. Is the $_GET superglobal is sanitized by the framework?
I could'nt find any documentation on this.
Thanks for you help
You probably want HTTPRequest.
Thanks, I knew about the HTTPRequest, I just didn't knonw how to access it i a controller.
Now I fint it $this->request.
I feel stupid but I couldn't find it anywhere in the docs.
Is there some docs about sapphire the framework ?
It'll be passed to the action, eg:
function action($request) {
$var = $request->getVar('q');
// ... do stuff
}
Usually the best documentation for sapphire is http://api.silverstripe.org
I'm not sure if it helps but here is a snippet I picked up somewhere and adapted. It is for showing a bunch of pages on another page:
/**
* Get the latest n news articles, allowing us to get more
*
* @return DataObjectSet|false The DataObjectSet of the news articles you're looking at or boolean false if there aren't any articles
*/
function PortfolioItems() {
if(!isset($_GET['start']) || !is_numeric($_GET['start']) || (int)$_GET['start'] < 1) $_GET['start'] = 0;
$SQL_start = (int)$_GET['start'];
$doSet = DataObject::get(
$callerClass = "PortfolioPage",
$filter = "`ClassName` IN ('PortfolioPage')",
$sort = "'Created', 'DESC'",
$join = "",
$limit = "{$SQL_start},5");
return $doSet ? $doSet : false;
}
Just to answer the OPs question: There's nothing wrong with using the $_GET superglobal. It isn't being sanitized by the framework, so you'll have to take care of that yourself. Have a look at the Convert class, it provides some handy conversion functions.
You could also use the HTTPRequest object, but AFAIK this isn't sanitized either.
Just FYI it is desirable to avoid directly using the $_GET superglobal as it causes all kinds of bugs and inconsistencies when requests are programatically generated rather than initiated directly by the server - such as in testing or static publishing.