cs.punk Posted April 15, 2009 Share Posted April 15, 2009 This foreach thing is kinda werid too, if you make it echo out a $varible, you expect the contents of the varible to appear right?... It echos out the varible name :-? <form id="form1" name="form1" method="post" action="foreach.php"> Form for the $_POST foreach thing <input name="wow" type="text" /> <input name="wow2" type="submit" value="SUMBIME"/> </form> <?php include "mysqlcon.php"; if(get_magic_quotes_gpc()) {echo "Warning: Magic Quotes is on!"; } $con = mysqli_connect ("$dbhost","$dbuser","$dbpass","$dbname") or die ("Could not connect to server"); if (isset($_POST['wow2'])) {echo "\$post['wow2'] is set!<br/>"; } else {echo "\$post['wow2'] is not set!<br/>"; } foreach($_POST as $var => $value ) {$_POST['$var'] = mysqli_real_escape_string($con, strip_tags(trim($value))); echo "$var is = $value !!<br/>"; } echo "<br/>"; foreach($_POST as $var => $value ) {echo "$var is = $value<br/>"; } ?> Also I noticed that I had magic quotes turn on, ~what made me think it was off?~ I inserted a data from $_POST and NO slashes were on, only when you echo out the $_POST array... Weird or what? Link to comment https://forums.phpfreaks.com/topic/154169-foreach-on-_post-help-needed/ Share on other sites More sharing options...
gizmola Posted April 15, 2009 Share Posted April 15, 2009 Why are you messing the the $_POST? That's a superglobal. You should consider it read only data. What is your question? Link to comment https://forums.phpfreaks.com/topic/154169-foreach-on-_post-help-needed/#findComment-810450 Share on other sites More sharing options...
Liquidz0r Posted April 15, 2009 Share Posted April 15, 2009 first of all, check your echo ... you're using $post instead of $_POST, so I imagine that might solve part of your problem. Secondly, what's the use of saying $_POST['wow2'] is not set ... when it's not set? Then you can't print/echo it either because there's just nothing there. Thirdly, you're writing an array-record inside an echo. I would do it like this: echo $_POST['wow2']." is set!<br/>"; OR print("{$_POST['wow2']} is set!<br/>"); then, your foreach function is pretty weird too ... you're trying to 'modify' your $value of your $_POST results I figure? There's no point storing them inside $_POST['$var'], try doing it this way instead: foreach($_POST as $var=>$value) { $value = strip_tags(trim($value)); $value = mysqli_real_escape_string($con, $value); echo $var." is = ".$value." !!<br/>"; } } Something like that, I'm at work so I didn't check it myself :-) Link to comment https://forums.phpfreaks.com/topic/154169-foreach-on-_post-help-needed/#findComment-810456 Share on other sites More sharing options...
cs.punk Posted April 15, 2009 Author Share Posted April 15, 2009 first of all, check your echo ... you're using $post instead of $_POST, so I imagine that might solve part of your problem. // I don't want to use $post I want to modify the actual $_POST Secondly, what's the use of saying $_POST['wow2'] is not set ... when it's not set? Then you can't print/echo it either because there's just nothing there. //Thats just to let me understand this whole foreach() thing Thirdly, you're writing an array-record inside an echo. I would do it like this: echo $_POST['wow2']." is set!<br/>"; OR print("{$_POST['wow2']} is set!<br/>"); then, your foreach function is pretty weird too ... you're trying to 'modify' your $value of your $_POST results I figure? There's no point storing them inside $_POST['$var'], try doing it this way instead: foreach($_POST as $var=>$value) { $value = strip_tags(trim($value)); $value = mysqli_real_escape_string($con, $value); echo $var." is = ".$value." !!<br/>"; } } Something like that, I'm at work so I didn't check it myself :-) And there is a point, insted of doing a check on all $_POST results, can't I have a simple 'array fuction' of somesort... Link to comment https://forums.phpfreaks.com/topic/154169-foreach-on-_post-help-needed/#findComment-810614 Share on other sites More sharing options...
gizmola Posted April 17, 2009 Share Posted April 17, 2009 Just going back to the original post -- again, you seem to be questioning things as if your version of PHP is doing something odd, when in fact based on your code things are working exactly as designed. I already advised you previously not to change the $_POST. There's no point in attempting to sanitize the entire $_POST with mysql_real_escape_string(), as that function is specifically only designed to be used when you are sure you are going to insert a STRING into mysql. If your form has other data types, there' s no reason to be escaping them in advance. Regardless, best as I can tell, your complaint is that mysql_real_escape_string() doesn't take a whole array for your convenience. It simply doesn't. My feedback to you, respectfully, is that your original post -Didn't have any clear questions in it You'll find you get much better answers to questions you might have if you ask clear questions. For example: This foreach thing is kinda werid too, if you make it echo out a $varible, you expect the contents of the varible to appear right?... It echos out the varible name :-? Barely a question here, and worst of all, you didn't provide any example output for us to see. We aren't mind readers. Link to comment https://forums.phpfreaks.com/topic/154169-foreach-on-_post-help-needed/#findComment-812721 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.