(PHP 4, PHP 5, PHP 7)
parse_str — Parses the string into variables
$encoded_string
[, array &$result
] )
Parses encoded_string
as if it were the query string
passed via a URL and sets variables in the current scope (or in the array
if result
is provided).
encoded_string
The input string.
result
If the second parameter result
is present,
variables are stored in this variable as array elements instead.
Using this function without the result
parameter is highly
DISCOURAGED and DEPRECATED as of PHP 7.2.
Dynamically setting variables in function's scope suffers from exactly same problems as register_globals.
Read section on security of Using Register Globals explaining why it is dangerous.
No value is returned.
Version | Description |
---|---|
7.2.0 |
Usage of parse_str() without a second parameter
now emits an E_DEPRECATED notice.
|
Example #1 Using parse_str()
<?php
$str = "first=value&arr[]=foo+bar&arr[]=baz";
// Recommended
parse_str($str, $output);
echo $output['first']; // value
echo $output['arr'][0]; // foo bar
echo $output['arr'][1]; // baz
// DISCOURAGED
parse_str($str);
echo $first; // value
echo $arr[0]; // foo bar
echo $arr[1]; // baz
?>
Because variables in PHP can't have dots and spaces in their names,
those are converted to underscores. Same applies to naming of
respective key names in case of using this function with
result
parameter.
Example #2 parse_str() name mangling
<?php
parse_str("My Value=Something");
echo $My_Value; // Something
parse_str("My Value=Something", $output);
echo $output['My_Value']; // Something
?>
Note:
All variables created (or values returned into array if second parameter is set) are already urldecode()d.
Note:
To get the current QUERY_STRING, you may use the variable $_SERVER['QUERY_STRING']. Also, you may want to read the section on variables from external sources.
Note:
The magic_quotes_gpc setting affects the output of this function, as parse_str() uses the same mechanism that PHP uses to populate the $_GET, $_POST, etc. variables.