Jump to content

foreach() on $_POST help needed

cs.punk

By cs.punk
in PHP Coding Help

 Share

Recommended Posts

cs.punk Advanced Member

cs.punk

Posted
Posted

This foreach thing is kinda werid too, if you make it echo out a $varible, you expect the contents of the varible to appear right?... It echos out the varible name :-?  :o

 

<form id="form1" name="form1" method="post" action="foreach.php">
Form for the $_POST foreach thing <input name="wow" type="text" />
							  <input name="wow2" type="submit"  value="SUMBIME"/>
</form>

<?php
include "mysqlcon.php";

if(get_magic_quotes_gpc()) 
{echo "Warning: Magic Quotes is on!";
}

$con = mysqli_connect ("$dbhost","$dbuser","$dbpass","$dbname")
   or die ("Could not connect to server");

   
if (isset($_POST['wow2']))
{echo "\$post['wow2'] is set!<br/>";
}
else
{echo "\$post['wow2'] is not set!<br/>";
}

foreach($_POST as $var => $value )
{$_POST['$var'] = mysqli_real_escape_string($con, strip_tags(trim($value)));
  echo "$var is = $value  !!<br/>";
}

echo "<br/>"; 

foreach($_POST as $var => $value )
{echo "$var is = $value<br/>";
}
?>

 

Also I noticed that I had magic quotes turn on, ~what made me think it was off?~ I inserted a data from $_POST and NO slashes were on, only when you echo out the $_POST array... Weird or what?

Link to comment
Share on other sites
Liquidz0r Newbie

Liquidz0r

Posted
Posted

first of all, check your echo ... you're using $post instead of $_POST, so I imagine that might solve part of your problem.

 

Secondly, what's the use of saying $_POST['wow2'] is not set ... when it's not set? Then you can't print/echo it either because there's just nothing there.

 

Thirdly, you're writing an array-record inside an echo. I would do it like this:

 

echo $_POST['wow2']." is set!<br/>";

OR

print("{$_POST['wow2']} is set!<br/>");

 

then, your foreach function is pretty weird too ... you're trying to 'modify' your $value of your $_POST results I figure? There's no point storing them inside $_POST['$var'], try doing it this way instead:

 

foreach($_POST as $var=>$value) {
$value = strip_tags(trim($value));
$value = mysqli_real_escape_string($con, $value);
echo $var." is = ".$value." !!<br/>";
}
}

 

Something like that, I'm at work so I didn't check it myself :-)

Link to comment
Share on other sites
cs.punk Advanced Member

cs.punk

Posted
  • Author
Posted

first of all, check your echo ... you're using $post instead of $_POST, so I imagine that might solve part of your problem.

 

// I don't want to use $post I want to modify the actual $_POST

 

Secondly, what's the use of saying $_POST['wow2'] is not set ... when it's not set? Then you can't print/echo it either because there's just nothing there.

 

//Thats just to let me understand this whole foreach() thing

 

Thirdly, you're writing an array-record inside an echo. I would do it like this:

 

echo $_POST['wow2']." is set!<br/>";

OR

print("{$_POST['wow2']} is set!<br/>");

 

then, your foreach function is pretty weird too ... you're trying to 'modify' your $value of your $_POST results I figure? There's no point storing them inside $_POST['$var'], try doing it this way instead:

 

foreach($_POST as $var=>$value) {
$value = strip_tags(trim($value));
$value = mysqli_real_escape_string($con, $value);
echo $var." is = ".$value." !!<br/>";
}
}

 

Something like that, I'm at work so I didn't check it myself :-)

 

 

And there is a point, insted of doing a check on all $_POST results, can't I have a simple 'array fuction' of somesort...

Link to comment
Share on other sites
gizmola Prolific Member

gizmola

Posted
Posted

Just going back to the original post -- again, you seem to be questioning things as if your version of PHP is doing something odd, when in fact based on your code things are working exactly as designed.

 

I already advised you previously not to change the $_POST.  There's no point in attempting to sanitize the entire $_POST with mysql_real_escape_string(), as that function is specifically only designed to be used when you are sure you are going to insert a STRING into mysql.  If your form has other data types, there' s no reason to be escaping them in advance.

 

Regardless, best as I can tell, your complaint is that mysql_real_escape_string() doesn't take a whole array for your convenience.  It simply doesn't.

 

My feedback to you, respectfully, is that your original post

 

-Didn't have any clear questions in it

 

You'll find you get much better answers to questions you might have if you ask clear questions.

 

For example:

 

This foreach thing is kinda werid too, if you make it echo out a $varible, you expect the contents of the varible to appear right?... It echos out the varible name :-?

 

Barely a question here, and worst of all, you didn't provide any example output for us to see.  We aren't mind readers.

 

 

 

 

Link to comment
Share on other sites
This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.