PHP parse REQUEST_URI into array

Question

I am parsing the REQUEST_URI into an array.

Right now i have the following code:

private function load_url_vars()
{
    if (preg_match('/^.+\?(.+)$/', $_SERVER["REQUEST_URI"], $matches))
    {
        $varpairs = preg_split("/&/", $matches[1]);
        foreach ($varpairs as $varpair)
        {
            if (preg_match('/^([A-Za-z_]+)=(.*)$/', $varpair, $varmatch))
            {
                $this->urlvars[$varmatch[1]] = urldecode($varmatch[2]);
            }
        }
    }
}

Are there any security concerns by doing it this way? Is this a good way of parsing it?

Edit: language

Answer 1

There is no security concern, but your solution is quite fiddly. It's already possible to accomplish that with parse_str (and parse_url for splitting up the path). Or in your case just:

list($path, $qs) = explode("?", $_SERVER["REQUEST_URI"], 2);
parse_str($qs, $this->urlvars);