Awkwardly posted variables to my script. Any automatic way to run through them?

[david91]

Hey, I have a problem that I cannot solve. I am using the PayPal IPN system and PayPal posts the item details to my ipn.php script. The problem is the item details get posted back to me like this:

//example there are 2 items and I want to declare them
$item_name_1 = $_POST['item_name_1'];
$item_amount_1 = $_POST['item_amount_1'];
$item_quantity_1 = $_POST['item_quantity_1'];

$item_name_2 = $_POST['item_name_2'];
$item_amount_2 = $_POST['item_amount_2'];
$item_quantity_2 = $_POST['item_quantity_2'];

 

I want to be able to declare the variables like in the below example, a sort of automatic way:

$i = 0;
while($row = mysql_fetch_array($sql_get)){
$name = $item_name[$i];
$amount= $item_amount[$i];
$quantity = $item_quantity[$i];
$i++;

//some database queries with the defined variables
//
//
}

 

Is there some sort of way to run through all the posted item_name_x, item_amount_x, item_quantity_x because there can be anything from 1 to 100000 item_names, item_amounts and item_quantities posted to the script in that annoying format? Thanks.

[DavidAM]

How about something like this:

 

$i = 1;
while (isset($_POST['item_name_' . $i])) {
  $item_name[$i]     = $_POST['item_name_' . $i];
  $item_amount[$i]   = $_POST['item_amount_' . $i];
  $item_quantity[$i] = $_POST['item_quantity_' . $i];
  $i++;
}

You may want to add some other checks in there; for example:

• it assumes (and we all know what that means) that if there is an item_name there is a quantity and an amount to go along with it;
  
• you need to sanitize those inputs, just because you expect PayPal to be sending the data doesn't mean that someone else can't be accessing the page with malicious intent;
  

[david91]

Thanks for the quick reply. I'm going to try that now. It looks like it will work. Thanks.

[teamatomic]

extract($_POST)

 

 

HTH

Teamatomic