How can PHP Super Globals be utilized effectively when passing variables to functions for database queries?

When passing variables to functions for database queries, utilizing PHP Super Globals like $_GET, $_POST, or $_REQUEST can help securely retrieve user input. These superglobals provide a way to access form data or query parameters without directly accessing the global variables. By using these superglobals, you can ensure that the input data is properly sanitized and validated before using it in database queries. 

// Example of using PHP Super Globals to pass variables to a function for a database query

function get_user_data($user_id) {
    // Sanitize the input using filter_var to prevent SQL injection
    $user_id = filter_var($user_id, FILTER_SANITIZE_NUMBER_INT);

    // Use the superglobal $_GET to retrieve the user_id value
    $query = "SELECT * FROM users WHERE id = $user_id";
    
    // Execute the query and return the result
    // (Assuming you have a database connection established)
    $result = mysqli_query($conn, $query);
    
    return $result;
}

// Call the function with the user_id passed from $_GET
$user_id = $_GET['user_id'];
$user_data = get_user_data($user_id);

Keywords

PHP Super Globals Variables Functions Database Queries

Related Questions