This questions is being asked after having read a few others.
Do not access superglobal $_GET array directly
“Do not Access Superglobal $_SERVER Array Directly” on Netbeans 7.4 for PHP
Why is filter_input() incomplete?
I have loaded up the latest version
Do not Access Superglobal $_REQUEST Array Directly.
Use some filtering functions instead (e.g. filter_input(), conditions
with is_*() functions, etc.).
filter_input (INPUT_GET, 'resource');
404 Not Found
So I start looking into
fliter_input()however it is not yet implemented for
$_REQUEST. This seems like a little bit of a dead end.
I'd say it is not a dead end but on purpose.
filter_input() requires you to clearly specify the input type.
$_REQUEST is not clear about it, it contains input from various sources, allowing one source overwriting another.
Next to that this is also not what the warning precisely wants to tell you. Swapping a superglobal like
$_GET with an equally superglobal function like
filter_input(INPUT_GET, ...) shows the same design flaw. But Netbeans can't warn you as easily about it.
And getting rid of superglobals is already a good idea.
Instead, inject input data to your application at a low-level place, e.g. bootstrapping the request information and do not use any superglobals nor the
filter_input function in the rest of your code.
That will allow you to easily simulate any request method without even having an actual request.