0

I know that instead of 

$_POST['var_name']

I need to use 

filter_input(INPUT_POST, 'var_name')

but what about the first check, if the server has a POST request: 

if($_SERVER['REQUEST_METHOD'] == 'POST')

does it have an equivalent? because Netbeans gives the warning

Do not Access Superglobal $_SERVER Array Directly

Phil
  • 141,914
  • 21
  • 225
  • 223
sStacker
  • 183
  • 1
  • 8
  • 4
    _"instead of ...I need to use.."_ - who says so? – Jeff Jan 01 '19 at 22:40
  • 1
    The server superglobal array is filled by the webserver. But the superglobal also contains unsafe http headers. That's probably why the warning gets shown. But the mentioned element is safe. – Charlotte Dunois Jan 01 '19 at 23:25
  • From the duplicate post, see [this answer](https://stackoverflow.com/a/24371536/283366) for specific details, including a link to [this Netbeans article](https://blogs.oracle.com/netbeansphp/improve-your-code-with-new-hints) – Phil Jan 01 '19 at 23:51
  • @Jeff Netbeans says so (apparently). – Phil Jan 01 '19 at 23:52
  • @Jeff, haha yes, that's what Netbeans says. And about the duplicate post, I already saw it, but its `$_POST` and not `$_SERVER` – sStacker Jan 02 '19 at 11:25

1 Answers1

-1

Try to use this : 

$var_name = filter_input(INPUT_POST, $_POST["var_name"]);

we have many ways to get REQUEST_METHOD like : 

getenv('REQUEST_METHOD');

If I'm wrong in the answer, it is because I did not find any code in the question :)

Saif Manwill
  • 662
  • 1
  • 9
  • 18
  • 1
    You could further distill your answer into: you could use `getenv('REQUEST_METHOD')` as an alternative to accessing the super global `$_SERVER`. (Does netbeans still yield the same warning in that case? What's the difference? What are the ramifications of the first method?) – Progrock Jan 02 '19 at 07:08
  • I did not find the code included and I answered what I know only :) – Saif Manwill Jan 02 '19 at 10:14