tags:

views:

127

answers:

4
Q: 

PHP: foreach and array issue

I have this:

foreach($_POST as $key => $value) {
    $data[$key] = filter($value);
}

filter(); strips if any tags, and real escape them.

Now I have an array in the POST form too, so I am getting errors in strip_tags() and mysql_real_escape_string. How should I let only $_POST["Searching"] not get filtered by filter(); ?

+3  A: 

You can make use of array_walk_recursive. 

array_walk_recursive($_POST,'filter');

and make your function filter take the value by reference as:

function filter(&$value) {
  // apply strip_tags and real escape to $value.
  $value = mysql_real_escape(strip_tags($value));
}
codaddict  2010-10-06 15:46:03
Minor syntax - shouldn't `array_walk_recursive(` be `array_walk_recursive(`? Also, just as a question for my own edification - Doesn't this function try and modify the source array in-place, rather than transcribe it to a new array, like `$data` as in the question? I see from php.net that this function only returns true or false.
Lucanos  2010-10-06 15:53:32
Also call-time pass by reference is deprecated and will raise warnings. Should just be `array_walk_recursive($_POST, 'filter');`
meagar  2010-10-06 15:59:22
@Lucanos,@meagar: Thanks.
codaddict  2010-10-06 16:09:10
A: 

Use is_array():

foreach($_POST as $key => $value) {
    if (!is_array($value))
       $data[$key] = filter($value);
}
Parkyprg  2010-10-06 15:46:52
Where in the foreach ?
Johnson  2010-10-06 15:48:14
Yes, in foreach, but change $_POST['Searching'] with $value. I have changed the answer.
Parkyprg  2010-10-06 15:49:55
A:  
<?php
foreach($_POST as $key => $value){
    if(!is_array($_POST[$key])){
        $data[$key] = filter($value);
    }else{
        $data[$key] = $value;
    }
}
?>
FallenRayne  2010-10-06 15:48:05
This solution is incomplete - it does nothing if it hits an array. Whilst it prevents a problem with `filter()` throwing an error when it tries to handle an array, it would also mean that the array would lose data (in that any sub-arrays would be discarded).
Lucanos  2010-10-06 15:51:04
You are correct. I typed my original solution too quickly.
FallenRayne  2010-10-06 16:02:21
+1  A: 

First, you can use array_map() to speed this up, and all you need do is allow the function to identify arrays and call itself recursively.

function filter( $inVar ){
  if( is_array( $inVar ) )
    return array_map( 'filter' , $inVar );
  return mysql_real_escape( strip_tags( $inVar ) );
}

Then call it like so:

$data = array_map( 'filter' , $_POST );
Lucanos  2010-10-06 15:48:39

related questions

IDE suggestions: Eclipse IDE vs. Zend Studio ( confused )
MySQL/Apache Error in PHP MySQL query
Lightweight IDE for Linux
What PHP framework would you choose for a new application and why?
Why is my ternary expression not working?
How can I get at the matches when using preg_replace in PHP?
Mechanisms for tracking DB schema changes
Wordpress theme development offline tools
Using object property as default for method property
How can I get the authenticated user name under Apache using plain HTTP authentication and PHP?
Make XAMPP/Apache serve file outside of htdocs
How do you debug PHP scripts?
PHP Variables passed by value or by reference?
Best way to implement unit testing in PHP
Connect PHP to an AS/400
Best way to access Exchange using PHP?
PHP Session Security
How do I access a remote form in php?
What's the best way to generate a tag cloud from an array? (using h1 through h6 for sizing)
Apache/PHP: error_log per Virtual Host?
How do I track file downloads with apache/PHP
How would you access Object properties from within an object method?
Flat File Databases in PHP
Best way to allow plugins for a PHP application
Latest information on PHP upcoming releases