PHP bad practice: the use of extract()

Working with complex data structures in PHP requires the use of associative arrays. Even PHP classes are an extension of this concept. There are always disadvantages when one does not have alternatives (e.g. strictly defined data structures - see “struct” in C), but at least there are lots of built-in functions that work with arrays. Operations such as sorting, searching, merging, iterating with foreach are thus supported out-of-the-box for associative arrays.

One operation is perhaps a little too dynamic in nature, with unexpected side-effects. It is the extract() function.

The problem

According to the documentation, the extract() function imports variables from an array into the current symbol table. In its simplest form, extract(array("a"=>3)) will assign the value 3 to the variable $a.

The problem here is that you need to know what keys the array holds, both when calling the function and maintaining it.

Let us consider this simple function declaration:

function display_user_details($user) {
  extract($user);

  echo 'User name: '.$user_name."
";
  echo 'User age: '.$user_age."
";
}

Calling this function with the argument array("user_name" => "Mike", "user_age" => 20) is a valid operation.

But whenever you call this function, you need to check which key refers to which piece of the user’s data.

So even in its simplest form, the usage of extract() raises issues. Factor in that there are multiple ways of doing the extraction, based on combinations between the $extract_type and $prefix arguments:

• EXTR_OVERWRITE - if there is a collision, overwrite the existing variable
• EXTR_SKIP - if there is a collision, don’t overwrite the existing variable
• EXTR_PREFIX_SAME - if there is a collision, prefix the variable name with $prefix
• EXTR_PREFIX_ALL - prefix all variable names with $prefix
• EXTR_PREFIX_INVALID - only prefix invalid/numeric variable names with $prefix
• EXTR_IF_EXISTS - only overwrite the variable if it already exists in the current symbol table, otherwise do nothing
• EXTR_PREFIX_IF_EXISTS - only create prefixed variable names if the non-prefixed version of the same variable exists in the current symbol table
• EXTR_REFS - extracts variables as references

All this suggests that there are several options to choose from but the code becomes harder to understand. The more entries the array has, the more the extract() call does and harder to trace the data becomes.

The solution

My suggestion is to keep it simple. There are at least three alternatives:

• work directly with the array: $user["user_name"] doesn’t look that bad after all
• explicitly “import” the variables: $user_name = $user["user_name"]
• use function arguments with default values: function display_user_details($user_name, $user_age = 18)

Depending on your specific needs, there might be other alternatives. But any of the above three will make your code easier to maintain and extend.