Cleaning all $ POST array with loop?

Forum Moderators: coopster

Message Too Old, No Replies

Cleaning all $ POST array with loop?

clean $_POST array in loop

xKillswitchx

4:41 am on Dec 24, 2007 (gmt 0)

Hello all,
I am using XAJAX in one of my scripts. The XAJAX script uses a function to send all submitted form values in an array to another function that you write for use in queries or whatever else.

How would I sanitize the entire array of data at once? This is what I have...

function ($aFormData) {
if(get_magic_quotes_gpc()) {
foreach ( $aFormData as $data ) {
$data = stripslashes(mysql_real_escape_string( ( $data ) );
}
} else {
foreach ( $aFormData as $data ) {
$data = mysql_real_escape_string( $data );
}
}
}

There are several fields submitted - secname, description, access, ordering and publishing. Would I, after the above, be able to access them using $data['fieldname']?

Thanks for any help. I am just trying to avoid writing out...

$secname = mysql_real_escape_string($aFormData['secname']);

For each field for both if and else.

eelixduppy

5:27 am on Dec 24, 2007 (gmt 0)

You could make this a little simpler:


function clean($aFormData) { #added method identifier
if(get_magic_quotes_gpc())
$aFormData = [url=http://www.php.net/array-map]array_map[/url]("stripslashes",$aFormData);
$aFormData = array_map("mysql_real_escape_string",$aFormData);
return $aFormData; #unless you are referencing the array, you probably want to return something here
}

But if you wanted to access individual elements of the array, you would not use $data['name'] but rather $aFormData['name'] within the function itself.

[edited by: eelixduppy at 7:04 am (utc) on Dec. 24, 2007]

xKillswitchx

6:19 am on Dec 24, 2007 (gmt 0)

Thank you very much. Someone had suggest array_map to me but I haven't seen it used before today. Will mess around with this and read up more on Php.net.