Cleaning $ POST values

Forum Moderators: coopster

Message Too Old, No Replies

Cleaning $ POST values

ramoneguru

6:01 am on Nov 2, 2006 (gmt 0)

I'm trying to clean up some POST variables in this form and running into some errors when doing this:

function cleanDB($value)
{
// Stripslashes
if (get_magic_quotes_gpc()) {
$value = stripslashes($value);
}
// Quote if not a number or a numeric string
if (!is_numeric($value)) {
$value = "'" . mysql_real_escape_string($value) . "'";
}
return $value;
}foreach($_POST as &$value){
 $value = cleanDB($value);
 }
 print_r($_POST);

I keep getting an error at the foreach statement saying the '&' is unexpected and it was expecting a '$' but the PHP manual for 'foreach' has the same code. Is there something else going on here?
--Nick

omoutop

8:25 am on Nov 2, 2006 (gmt 0)

the & symbol in foreach statement is used for php 5+

for earlier editions:
foreach ($_POST['value'] as $new_value)
{
// execute code
}

ramoneguru

8:40 am on Nov 2, 2006 (gmt 0)

Dang it, it even says in the manual:
"As of PHP 5, you can easily modify array's elements by preceding $value with &. "

Reading has once again owned me. Thanks.
--Nick

coopster

3:39 pm on Nov 2, 2006 (gmt 0)

Yes, the manual pages are continually being updated. Here is another relative discussion on the same topic recently, it explains the working solution for those running PHP4 still too.
Get references in foreach loop [webmasterworld.com]