Jump to content

Archived

This topic is now archived and is closed to further replies.

holowugz

Custom function help

Recommended Posts

Hi, i am trying to write a function to clean all input from the $_POST array, and it is well not working.

[code]
function cleanse($array){
foreach($array as $key => $value){
if (!get_magic_quotes_gpc()) {
   $key = addslashes($value);
} else {
   $key = $value;
} else {
$error['"$key"'] = 1;
$key = htmlspecialchars($value);
}
}
}
[/code]

and i would basically call

[code]
cleanse($_POST);
[/code]

but it is not working, i get an unexpected if error.
i have never written a function so i would really apopreciate some help.

Share this post


Link to post
Share on other sites
you have 2 else's you can't do that.

p.s.- the $_POST is a superglobal you don't have to pass it to your function it's automatically accessable inside your function.

Share this post


Link to post
Share on other sites
Hi thanks for the tip, would this work:

[code]
foreach($_POST as $key => $value){
if (!get_magic_quotes_gpc()) {
   $key = htmlentities(addslashes($value));
} else {
   $key = htmlentities($value);
}
}
[/code]

Share this post


Link to post
Share on other sites
Ok the problem i am having is this,
if i have a textfield called username, and in that field i input <script>.
it should come out as [code] &lt;script&gt; [/code] in HTML and <script> on the screen.

But it doesnt, but if i run htmlentities on $username it does but shouldnt that have been processed in the code above/

Share this post


Link to post
Share on other sites
*resolved*

[code]
foreach($_POST as $key => $value){
if (!get_magic_quotes_gpc()) {
   $$key = htmlentities(addslashes($value));
} else {
   $$key = htmlentities($value);
}
}
[/code]

Share this post


Link to post
Share on other sites

×

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.