[TYPO3-english] How to get URL query string in extension class
David Bruchmann
typo3-en at bruchmann-web.de
Wed Oct 21 15:46:09 CEST 2009
----- Ursprüngliche Nachricht -----
Von: Pero Matic <takoje at takoje.hr>
Gesendet: Mittwoch, 21. Oktober 2009 15:17:40
An: typo3-english at lists.typo3.org
CC:
Betreff: Re: [TYPO3-english] How to get URL query string in extension
class
> Thx. This should do it:
>
> $get_para = t3lib_div::_GET();
> $alink = $this->pi_getPageLink($GLOBALS['TSFE']->id,'',$get_para);
>
> Regards.
>
Hi Pero,
Two points:
1) $this->piVars holds all post- and get-Variables in an array
2) all post- and get-Variables have to be verified if they are guilty.
If you're working with id's it can be done just by
intval($this->piVars['showUid']) while 'showUid' is a paramter you have
defined before, important is intval() because you exclude all other
possible values (userdefined manipulation of links).
When a string is expected you can filter spaces, quotings, etc. to asure
that no sql-injection can be made.
furthermore your example doesn't work because $get_para is an array if
you don't note a parameter inside t3lib_div::_GET(), but that's a
trivial hint and I think you've found it out already.
Best Regards
David
BTW: http://en.wikipedia.org/wiki/Netiquette
More information about the TYPO3-english
mailing list