Hudzilla.org - the homepage of Paul Hudson
Contents > Functions > Playing with strings Wish List | Report Bug | About Me ]

4.7.18     Parsing a string into variables: parse_str()

This is NOT the latest copy of this book; click here for the latest version.

void parse_str ( string input [, array store])

Previously we looked at a handful of the variables set for you inside the superglobal arrays, of which one was QUERY_STRING. If you recall, this is the literal text sent after the question mark in a HTTP GET request, which means that if the page requested was "mypage.php?foo=bar&bar=baz", QUERY_STRING is set to "foo=bar&bar=baz".

The parse_str() function is designed to take a query string like that one and convert it to variables in the same way that PHP does when variables come in. The difference is that variables parsed using parse_str() are converted to global variables, as opposed to elements inside $_GET. So:

<?php
    if (isset($foo)) {
        print "Foo is $foo<BR />";
    } else {
        print "Foo is unset<BR />";
    }

    parse_str("foo=bar&bar=baz");

    if (isset($foo)) {
        print "Foo is $foo<BR />";
    } else {
        print "Foo is unset<BR />";
    }
 ?>

That will print out "Foo is unset" followed by "Foo is bar", because the call to parse_str() will set $foo to "bar" and $bar to "baz". Optionally, you can pass an array as the second parameter to parse_str(), and it will put the variables into there. That would make the script look like this:

<?php
    $array = array();

    if (isset($array['foo'])) {
        print "Foo is {$array['foo']}<BR />";
    } else {
        print "Foo is unset<BR />";
    }

    parse_str("foo=bar&bar=baz", $array);

    if (isset($array['foo'])) {
        print "Foo is {$array['foo']}<BR />";
    } else {
        print "Foo is unset<BR />";
    }
 ?>

That script outputs the same as before, except that the variables found in the query string are placed into $array. As you can see, the variable names are used as keys in the array and their values are used as the array values.





<< 4.7.17 Complex string printing: printf()   4.8 Regular expressions >>
Table of Contents
 Want to see this stuff in print? PHP in a Nutshell takes the core topics covered here, adds in thousands of edits from the editorial team and myself, and combines them to make an unbeatable reference for PHP programmers at all levels.



My latest book has hundreds more tips on how to use PHP, Apache, and MySQL, plus Perl, Python, shell scripts, performance tuning, and more!
Top-right shadow
 
Bottom-left shadow Bottom shadow

Comments from other readers
deathgod - 06 Sep 2008
so people how have turned global variables to off for security reasons will not have need of this then?

global variables on allow people to edit their url to change the variables like so:

mypage.php?foo=bar&bar=baz
people can just change this url to
mypage.php?user=anyone=deathgod

and this can be a major problem if the variables are usernames because people can use that to impersonate other members leading to anything/who knows what

Steve - 06 Sep 2008
Again, an example of why this is useful would be great for beginners.

Ganesan Rajagopal - 06 Sep 2008
You should warn against using parse_str() without the optional array parameter because it can overwrite arbitrary existing variables and is a security concern.



Add comment
Please note that by posting a comment here you are committing it to the public domain. This is important so that others can make use of your code themselves, and also so that I can incorporate helpful notes directly into the main text. Comments are limited to 2000 characters in length.

If you are reporting an error in the content, please tell me directly.

Your name/email address:
Your comment:
 
Now, in order to verify that you're a real person, please answer this simple question: what is three plus five?
The answer is:
(please write in
numbers, eg 19)


Top-right shadow
 
Bottom-left shadow Bottom shadow

This website and its content is copyright © Paul Hudson 2005, all rights reserved.