bluegray Posted June 25, 2010 Share Posted June 25, 2010 Hello! So I make myself an array by writing: $input = $_POST['create'] ; and on a var_dump() the array looks something like: array(6) { ["account"]=> string(7) "woo hoo" ["pass"]=> string( "security" ["pass2"]=> string( "security" ["name_first"]=> string(3) "Dan" ["name_last"]=> string(5) "Tayle" ["Email"]=> string(14) "snotme@him.com" } Okay so to the point. I need to assign these values to variables by the names of the keys. What I've tried so far has failed, and here it is: function inputis ($data) { if(!isset($data)) { $input = array(); } else { $input = isset($data)?$data:null ; $tmp = array(); foreach ($input as $k => $v) { $tmp[] = "$". $k . ' = ' . "'" . $v . "'" ; } $results = $tmp ; return $results ; } } The var_dump() there looks like what I need, it doesn't seem to actually assign the variables. What's the best thing to do from here? Quote Link to comment Share on other sites More sharing options...
kenrbnsn Posted June 25, 2010 Share Posted June 25, 2010 You need variable variables <?php $input = $_POST['create']; foreach ($input as $k => $v) { $$k = $v; } ?> Ken Quote Link to comment Share on other sites More sharing options...
bluegray Posted June 27, 2010 Author Share Posted June 27, 2010 You need variable variables <?php $input = $_POST['create']; foreach ($input as $k => $v) { $$k = $v; } ?> Ken Hey Ken, So I tried this in the main file and it worked. But when I tried to implement the foreach () loop in a function the variables weren't being recognized. I kept getting an undefined variable error. Do you know how I would alter the code you provided so it works from a user defined function? Quote Link to comment Share on other sites More sharing options...
Alex Posted June 27, 2010 Share Posted June 27, 2010 You need variable variables <?php $input = $_POST['create']; foreach ($input as $k => $v) { $$k = $v; } ?> Ken Or you could use extract to get the same effect. If you're using this on the $_POST array, or any other input array for that matter, it's essentially recreating register_globals, which is a huge security risk. Quote Link to comment Share on other sites More sharing options...
bluegray Posted June 27, 2010 Author Share Posted June 27, 2010 Or you could use extract to get the same effect. If you're using this on the $_POST array, or any other input array for that matter, it's essentially recreating register_globals, which is a huge security risk. Simply saying extract () gets the same effect doesn't provide much in terms of context to try it out with. When you say "this" in "If you're using this..." what is "this?" Then, what are register_globals, and why are they a security risk? If that's all in reference to the earlier mentioned extract (), are you saying I shouldn't use it? Why mention it if it's so risky? Quote Link to comment Share on other sites More sharing options...
Alex Posted June 27, 2010 Share Posted June 27, 2010 You shouldn't use it on input variables because then anyone can inject unwanted variables into your script. Say you used it on the $_GET array. Someone accessed your website like file.php?auth=1, and in your code you happen to have a security check to see if($auth){ ... }. This is what register_globals (http://us3.php.net/manual/en/ini.core.php#ini.register-globals) does. extract does have its uses sometimes, but in this case it's not something that you should use. Here's an article that explains the problems that register_globals creates, http://us3.php.net/manual/en/security.globals.php Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.