Menu
Are there any rules one needs to follow when naming POST variables in a form or GET variables in a query string?
Thanks-
250
Go variable naming rules: A variable name must start with a letter or an underscore character (_) A variable name cannot start with a digit. A variable name can only contain alpha-numeric characters and underscores ( a-z, A-Z , 0-9 , and _ )
Rules to Declare a VariableThe first character must not be a digit. Blank spaces cannot be used in variable names. Java keywords cannot be used as variable names.
The standard naming conventions used in modern software development are as follows: Pascal case. camel case. snake case.
TO answer the question literally, there really are no "rules" I'm aware of for naming $_POST and $_GET array keys in php. It's an array like any other. Take a look at this working example on Codepad:
<?php
$_POST['♠♣♥♦'] = 'value1';
$_POST['\'\'\'\''] = 'value2';
$_POST['<?php echo "Hello World"; ?>'] = 'value3';
$_POST[' '] = 'value4';
$_POST[''] = 'value5';
$_POST['@#$%^&*()'] = 'value6';
print_r($_POST);
In the case of form input names, they just have to be legal HTML "name" attributes (see below). However, in practice, a lot of unusual characters will actually work. Keep in mind that this doesn't mean it's a good idea. Different servers (and probably different browsers) will act differently with some characters like spaces for instance.
As Tadeck has noted, duplicate keys will be overwritten by the last one when reading, but using brackets[] will solve this on the client side by turning the variable into an array.
As far as naming conventions and best practices, there isn't a lot of room. It's suggested that you stick to A-Z a-z 0-9, dashes, and underscores. Although Ajay has suggested using database column names for form input names as a matter of convenience, many people will tell you that it is bad practice to expose information about your database to the public. I think invertedlambda probably has the closest answer here to the question, and Tadeck has the closest answer as far as best practices.
Regarding HTML "name" attributes: http://www.w3.org/TR/html4/types.html#h-6.2
ID and NAME tokens must begin with a letter ([A-Za-z]) and may be followed by any number of letters, digits ([0-9]), hyphens ("-"), underscores ("_"), colons (":"), and periods (".").
Maybe someone can enlighten me as to whether or not the above document is a rule or a recommendation, I'm by no means an expert on this subject. I seem to have no issues breaking some of these rules in practice. I also have no problem validating this example document as XHTML strict:
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<title></title>
<meta http-equiv="Content-Type" content="application/xhtml+xml; charset=UTF-8" />
</head>
<body>
<div><form action="" method="post">
<div>
<input name="♠♣♥♦" />
<input name="''''" />
<input name=")(&#$)%#$%" />
</div>
</form>
</div>
</body>
</html>
Paste it into the validator, it will pass.
One more best practice to add: Make your form input names or get/post keys meaningful, as with every other naming convention of course. Don't use input1 and $_GET['param']. Use names that describe the meaning, like last_name or $_GET['sort_order'].
191
I believe the best solution is to:
name="test[][]" will create value within array that is within other array) and use it properly,?test=1&test=2 will create problems as only one of the values will be passed - better use ?test[]=1&test[]=2 so the array with two values will be passed),Furthermore, browse through different solutions that you may find on GitHub.com so you will be using practices that are good, tested and used by many people.
30
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
