Monday, March 8, 2010

POST array in PHP decoded wrong??

I just stubled upon an error? in the way PHP decode the keys in the $_POST array. If you define an input field in a form with a name containing a . (period) f.x. 'test.field', then the corresponding key in the $_POST array, when posted to a PHP script, will be 'test_field'. PHP substitute the . with a _ (underscore). According the HTML spec the . is a legal character in the name as long as it starts with [a-zA-Z].
So why do PHP make this substitution? I tried to find the answer online, but without any luck. Please post a comment if you know the answer or where to find it.

I found this comment on Apparently this is done for backwards compatibility with register globals.

No comments: