Query strings and type safety

Query strings are usually strings, but - as some might not be aware of - can also be quite easily an array. So not checking on the type and blindly using it in stringish operations can currently cause undesired results.

$result = 'string' . $this->request->getQuery('key'); // Dangerous without checking if set and a string

So with the current implementation of how query strings (and named params) work, one should always assert the correct type first:

$key = $this->request->getQuery('key');
if (is_array($key)) { // Or: if (!is_scalar($key))
    throw new NotFoundException('Invalid query string'); // Simple 404
}
$result = 'string' . $this->request->getQuery('key'); // Dangerous without checking if a stringish (=scalar) value

Demo/Example

Result:
Array
(
    [key] => Array
        (
            [0] => v1
            [1] => v2
        )

)
Let's test:

A simple string A simple array


Send your feedback or bugreport!