I'm discovering secrets of PHP. I've found one thing that I don't have answer to. I would like to access variables from super-global $_SESSION in class. Everything works but PHPMD engine to check mess in code is showing me issue.
I'm getting value from $_SESSION super-global this way
$value = $_SESSION["value"];
And I'm editting values of $_SESSION super-global this way
$_SESSION['value'] = "newValue";
PHPMD is showing me issue:
accesses the super-global variable $_SESSION.
So I'm finding another way how to edit and get values of super-global $_SESSION correctly.
I've tried to use filter_input, problem is that when I use INPUT_POST as type(argument 1), PHP shows me warning:
INPUT_SESSION is not yet implemented
Thanks for future answers :)
EDIT (Quotes from phpmd documentation)
Superglobals Since: PHPMD 0.2. Accessing a super-global variable directly is considered a bad practice. These variables should be encapsulated in objects that are provided by a framework, for instance.
Some predefined variables in PHP are "superglobals", which means that they are always accessible, regardless of scope - and you can access them from any function, class or file without having to do anything special. The PHP superglobal variables are: $GLOBALS. $_SERVER.
$GLOBALS is the superglobal variable that stores all user-defined global variables. The global variable names act as keys to their values. $_SERVER contains data about headers, scripts, and paths. The keys to the values in this array are predefined. $_REQUEST stores data input in the form of HTTP POST, GET and Cookies.
$GLOBALS is a PHP super global variable which is used to access global variables from anywhere in the PHP script (also from within functions or methods). PHP stores all global variables in an array called $GLOBALS[index]. The index holds the name of the variable.
$_POST. Where the $_GET superglobal variable is used to collect form data which is submitted with the GET method, the $_POST superglobal variable is used to get the form data for the POST method. The POST form data won't be displayed in the URL; instead, it's available as a part of the request body.
As the hint says, accessing the superglobals violates the encapsulation principle
A really basic approach would be:
class SessionObject
{
public $vars;
public function __construct() {
$this->vars = &$_SESSION; //this will still trigger a phpmd warning
}
}
$session = new SessionObject();
$session->vars['value'] = "newValue";
You can also have a look to the Symfony HttpFoundation Component for a full-fledged implementation
It's only a "bad pratice", you can still access to superglobals directly, if you are a fan on "best pratices", create a small class like that:
class Session{
public static function put($key, $value){
$_SESSION[$key] = $value;
}
public static function get($key){
return (isset($_SESSION[$key]) ? $_SESSION[$key] : null);
}
public static function forget($key){
unset($_SESSION[$key]);
}
}
And use in that way:
Session::put('foo', 'bar');
$bar = Session::get('foo');
Session::forget('foo');
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With