Jump to content


Photo

Custom function help


  • Please log in to reply
5 replies to this topic

#1 holowugz

holowugz
  • Members
  • PipPipPip
  • Advanced Member
  • 46 posts

Posted 05 June 2006 - 08:52 PM

Hi, i am trying to write a function to clean all input from the $_POST array, and it is well not working.

function cleanse($array){
foreach($array as $key => $value){
if (!get_magic_quotes_gpc()) {
   $key = addslashes($value);
} else {
   $key = $value;
} else {
$error['"$key"'] = 1;
$key = htmlspecialchars($value);
}
}
}

and i would basically call

cleanse($_POST);

but it is not working, i get an unexpected if error.
i have never written a function so i would really apopreciate some help.

#2 .josh

.josh
  • Staff Alumni
  • .josh
  • 14,871 posts

Posted 05 June 2006 - 09:19 PM

you have 2 else's you can't do that.

p.s.- the $_POST is a superglobal you don't have to pass it to your function it's automatically accessable inside your function.
Did I help you? Feeling generous? Buy me lunch! 
Please, take the time and do some research and find out how much it would have cost you to get your help from a decent paid-for source. A "roll-of-the-dice" freelancer will charge you $5-$15/hr. A decent entry level freelancer will charge you around $15-30/hr. A professional will charge you anywhere from $50-$100/hr. An agency will charge anywhere from $100-$250/hr. Think about all this when soliciting for help here. Think about how much money you are making from the work you are asking for help on. No, we do not expect you to pay for the help given here, but donating a few bucks is a fraction of the cost of what you would have paid, shows your appreciation, helps motivate people to keep offering help without the pricetag, and helps make this a higher quality free-help community :)

#3 holowugz

holowugz
  • Members
  • PipPipPip
  • Advanced Member
  • 46 posts

Posted 05 June 2006 - 09:34 PM

Hi thanks for the tip, would this work:

foreach($_POST as $key => $value){
if (!get_magic_quotes_gpc()) {
   $key = htmlentities(addslashes($value));
} else {
   $key = htmlentities($value);
} 
}


#4 .josh

.josh
  • Staff Alumni
  • .josh
  • 14,871 posts

Posted 05 June 2006 - 09:37 PM

don't see why not
Did I help you? Feeling generous? Buy me lunch! 
Please, take the time and do some research and find out how much it would have cost you to get your help from a decent paid-for source. A "roll-of-the-dice" freelancer will charge you $5-$15/hr. A decent entry level freelancer will charge you around $15-30/hr. A professional will charge you anywhere from $50-$100/hr. An agency will charge anywhere from $100-$250/hr. Think about all this when soliciting for help here. Think about how much money you are making from the work you are asking for help on. No, we do not expect you to pay for the help given here, but donating a few bucks is a fraction of the cost of what you would have paid, shows your appreciation, helps motivate people to keep offering help without the pricetag, and helps make this a higher quality free-help community :)

#5 holowugz

holowugz
  • Members
  • PipPipPip
  • Advanced Member
  • 46 posts

Posted 05 June 2006 - 09:41 PM

Ok the problem i am having is this,
if i have a textfield called username, and in that field i input <script>.
it should come out as
&lt;script&gt;
in HTML and <script> on the screen.

But it doesnt, but if i run htmlentities on $username it does but shouldnt that have been processed in the code above/

#6 holowugz

holowugz
  • Members
  • PipPipPip
  • Advanced Member
  • 46 posts

Posted 05 June 2006 - 10:25 PM

*resolved*

foreach($_POST as $key => $value){
if (!get_magic_quotes_gpc()) {
   $$key = htmlentities(addslashes($value));
} else {
   $$key = htmlentities($value);
} 
}





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users