Translations:Secure coding guidelines/37/zh-tw
From Joomla! Documentation
Saving a request variable into user state
Because setting a user state variable from a variable in the request is such a common operation, there is an API method to make the task easier. This is generally safe to use because it calls JInput->get to obtain the input from the request, but remember that none of the input filtering calls will protect against SQL injection attempts.
$app = JFactory::getApplication();
$app->getUserStateFromRequest( <key>, <name>, <default>, <type> );
where
| <key> | the name of the variable in the user state. |
| <name> | the name of the request variable (same as the first argument of a JInput->get call). |
| <default> | the default value to be assigned to the user state variable if the request variable is absent. The default is null. |
| <type> | 預期的變數型別 |