What are the limitations of calling a function directly from a form in PHP?

When calling a function directly from a form in PHP, it can pose security risks such as allowing users to execute arbitrary code. To solve this issue, it is recommended to validate and sanitize user input before calling the function. Additionally, consider using a switch statement or conditional logic to restrict the functions that can be called based on user input.

<?php
// Validate and sanitize user input
$function = isset($_POST['function']) ? $_POST['function'] : '';

// Restrict the functions that can be called
switch ($function) {
    case 'function1':
        function1();
        break;
    case 'function2':
        function2();
        break;
    default:
        // Handle invalid function call
        echo "Invalid function";
}

function function1() {
    // Function logic here
}

function function2() {
    // Function logic here
}
?>