[development] $_REQUEST/$_COOKIE scope in URLs?

J-P Stacey jp.stacey at torchbox.com
Fri Nov 2 14:20:42 UTC 2007


I've come across a couple of places where the $_REQUEST and $_COOKIE scopes 
are serialized and appended onto URLs: specifically in 
pager_get_querystring() and tablesort_get_querystring().

I was wondering: what's the rationale behind doing this? The only use I've 
worked out for putting cookies on the URL is when you're migrating session 
data across domains. They're the last thing I'd expect to start appearing in 
paging URLs: those just need the current-page URL with modified offset and 
count parameters of some sort.

It strikes me as odd behaviour: $_REQUEST is request-specific storage, not 
to be passed onto the next request. And sometimes cookies are a 
dumping-ground for vast amounts of session data (and might even contain 
cookies from non-PHP applications on the same domain). Besides, the browser 
ought to be already keeping track of the cookie scope through HTTP headers.

(It's also given me problems personally, as I sometimes use the $_REQUEST 
scope as a convenient dumping-ground for data: possibly I should be using 
$GLOBALS, but that's a whole other argument.)

Any thoughts?

J-P Stacey
+44 (0)1608 811870

More information about the development mailing list