سلام . من یادمه قبلا می خواستیم مقداری رو بفرستیم می نوشتیم مثلا :
send.php?act=faraz
بعد تو صفحه send.php تو کد هاش می نوشتیم :
echo($act);
مقدار act رو نشون می داد . اما الان دیگه نشون نمی ده چی کار کنم؟

این قبلا که شما عرض می کنید احتمالا مال خیلی وقت پیشه که register_global روی سرورها ON بود. اگر این مشخصه غیرفعال باشه، شما باید اینطوری Echo کنید:

echo $_GET['act'];

سلام،
$_REQUEST خیلی بهتر از $_GET هستش.

سلام،
$_REQUEST خیلی بهتر از $_GET هستش.

دلیل ؟؟؟؟؟؟؟؟؟؟؟:متفکر:

$_REQUEST خیلی بهتر از $_GET هستش.
می‌شه لطف کنید دلیلش رو هم توضیح بدید.
من یه جستجو در وب کردم چیز خاصی پیدا نکردم.
ممنون

من جستجو كردم اينو پيدا كردم
عينا متن و اينجا ميزارم شما هم ببينيد

On 8/26/07, Richard Lynch <ceo@l-i-e.com> wrote:

> This is *SO* not correct at all!
>
> $_REQUEST[] is merely array_merge($_GET, $_POST, $_COOKIE);

Yes and it mimics being lazy - allowing overriding values from $_POST
vs. $_GET vs. $_COOKIE depending on what the programmer wants to
"trust"

It encourages poor practices. There is no reason to not name the
proper source of data - i.e. "i want it from POST not GET"

> It is *NOT* in any way, shape, or form, polluting the global namespace
> of all your variables, which is what register_globals is.

That is why I said it was *one* reason register_globals was disabled -
global namespace was probably the biggest reason, but also variable
overriding and sloppyness allowing for exploits was probably up there
too.

> There could easily be a script written which is expected to respond to
> GET or POST data in the same way, particularly a simplistic
> web-service that doesn't really care if the web "Designers" prefer to
> have buttons or links or CSS links that look like buttons or CSS
> buttons that look like links or rabid squirrels that send the GET
> and/or POST data to make the HTTP request.

Yes, there could. But part of that would rely on a *very* motivated
end-user (or we'll call them "hacker") - they would probably find a
way in or do what they want either way.

There's no reason to make it easier just because "well they can hack
something up to do that anyway" - that's a Microsoft approach to
security. Whatever happened to people at least trying to discourage
abuse or issues.

I have never used $_REQUEST and my applications don't seem to have any
issues. Obviously someone could have tried to switch POST/GET on me,
but I still ensure proper bounds checking/sanity checking/type
checking/etc. But I would not allow someone to issue a GET variable to
override a cookie value without having to make the extra effort (and
furthermore understand how the variables work on the server side to
make it actually work how they want.)

> Use $_POST when you expect the data to always be in POST data.

correct.

> Use $_GET when you expect the data to alwasy be in GET data.

correct.

> If you actually want to accept HTTP requests of either kind for
> flexibility to an external user, by all means use REQUEST.

In my opinion a properly coded web application shouldn't be lazy and
should know the source of data. So I consider this incorrect.

خوب این رو هم من پیدا کرده بودم.
فکر نمی‌کنم دلیل برتری یکی بر دیگری را شرح داده باشه. درسته؟

خوب این رو هم من پیدا کرده بودم.
فکر نمی‌کنم دلیل برتری یکی بر دیگری را شرح داده باشه. درسته؟

اره دقيقا اين كه ميگي درسته
تو اين نوشته هم گفته كه استفاده از اين آرايه ها توي برنامه به برنامه نويس بستگي داره