[TYPO3-english] How to get URL query string in extension class

Pero Matic takoje at takoje.hr
Wed Oct 21 16:02:04 CEST 2009


"David Bruchmann" <typo3-en at bruchmann-web.de> wrote in message 
news:mailman.252.1256132776.671.typo3-english at lists.typo3.org...
> ----- Ursprüngliche Nachricht -----
> Von:        Pero Matic <takoje at takoje.hr>
> Gesendet:   Mittwoch, 21. Oktober 2009 15:17:40
> An:         typo3-english at lists.typo3.org
> CC:
> Betreff:    Re: [TYPO3-english] How to get URL query string in extension 
> class
>> Thx. This should do it:
>>
>> $get_para = t3lib_div::_GET();
>> $alink = $this->pi_getPageLink($GLOBALS['TSFE']->id,'',$get_para);
>>
>> Regards.
>>
> Hi Pero,
>
> Two points:
> 1) $this->piVars holds all post- and get-Variables in an array
> 2) all post- and get-Variables have to be verified if they are guilty.
> If you're working with id's it can be done just by
> intval($this->piVars['showUid']) while 'showUid' is a paramter you have 
> defined before, important is intval() because you exclude all other 
> possible values (userdefined manipulation of links).
> When a string is expected you can filter spaces, quotings, etc. to asure 
> that no sql-injection can be made.
>
> furthermore your example doesn't work because $get_para is an array if you 
> don't note a parameter inside t3lib_div::_GET(), but that's a trivial hint 
> and I think you've found it out already.

This code works fine. The code is from poll extension ;-) Checking variables 
is another story. I know how to handle it. Thx. Regards. 




More information about the TYPO3-english mailing list