Custom function help

[holowugz]

Hi, i am trying to write a function to clean all input from the $_POST array, and it is well not working.

[code]
function cleanse($array){
foreach($array as $key => $value){
if (!get_magic_quotes_gpc()) {
   $key = addslashes($value);
} else {
   $key = $value;
} else {
$error['"$key"'] = 1;
$key = htmlspecialchars($value);
}
}
}
[/code]

and i would basically call

[code]
cleanse($_POST);
[/code]

but it is not working, i get an unexpected if error.
i have never written a function so i would really apopreciate some help.

[.josh]

you have 2 else's you can't do that.

p.s.- the $_POST is a superglobal you don't have to pass it to your function it's automatically accessable inside your function.

[holowugz]

Hi thanks for the tip, would this work:

[code]
foreach($_POST as $key => $value){
if (!get_magic_quotes_gpc()) {
   $key = htmlentities(addslashes($value));
} else {
   $key = htmlentities($value);
}
}
[/code]

[.josh]

don't see why not

[holowugz]

Ok the problem i am having is this,
if i have a textfield called username, and in that field i input <script>.
it should come out as [code] &lt;script&gt; [/code] in HTML and <script> on the screen.

But it doesnt, but if i run htmlentities on $username it does but shouldnt that have been processed in the code above/

[holowugz]

*resolved*

[code]
foreach($_POST as $key => $value){
if (!get_magic_quotes_gpc()) {
   $$key = htmlentities(addslashes($value));
} else {
   $$key = htmlentities($value);
}
}
[/code]