Home/ Questions/Q 6580287
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-05-25T16:00:30+00:00

What’s the right way to send user input to a class? Foo class: <?php

  • 0

What’s the right way to send user input to a class?

Foo class:

<?php
class Foo
{
    private $_bar;

    private setBar($bar)
    {
        $this->_bar = $bar;
    }
}
?>

Using foo class…

<?php
$foo = new Foo();
$foo->setBar((int) $_POST['input']);
?>

Or should I do the following?

Foo class:

<?php
class Foo
{
    private $_bar;

    private setBar($bar)
    {
        $this->_bar = (int) $bar;
    }
}
?>

Using foo class…

<?php
$foo = new Foo();
$foo->setBar($_POST['input']);
?>

Should I convert data inside of the get method or pass data to classes already converted? What’s the best approach? Why?

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    Better yet would be to validate by an exception. If you add another method like:

    public function calculateSalary() {
  // uses bar, wants int
  return 100 * $this->_bar;
}

    and someone uses the class like this:

    $foo = new Foo();
$foo->setBar('My Name Here');
echo $foo->calculateSalary(); // will give a result since php is forgiving

    To avoid mishaps like these, I write setters similar to this:

    public function setFoo($number) {
  if(!is_numeric($number)) {
    throw new Exception(__METHOD__." wants a number!");
  }
  $this->_foo = $number;
}

    Arguments against #1: user might not include (int) and therefor data with the wrong type is set in the object.

    Arguments against #2: (see example above). PHP is translating a string to 0 if used while calculating. That means you probably will get an error without even knowing about it until you check the results.

    • 0