wright67uk Posted May 8, 2011 Share Posted May 8, 2011 <?php if(isset($_POST['submit'])) { $drop = mysql_real_escape_string($_POST['drop_1']); $tier_two = mysql_real_escape_string($_POST['Subtype']); $Name = mysql_real_escape_string($_POST["Name"]); $Phone = mysql_real_escape_string($_POST["Phone"]); $Email = mysql_real_escape_string($_POST["Email"]); $Postcode = mysql_real_escape_string($_POST["Postcode"]); $Website = mysql_real_escape_string($_POST["Website"]); if($Name == '') { ....... ?> Could I remove this code and use the below code and still have the same effect? <?php if(isset($_POST['submit'])) { foreach ($_POST as $key => $value) { $_POST[$key] = mysql_real_escape_string($value); } ?> Link to comment https://forums.phpfreaks.com/topic/235871-apply-mysql_real_escape_string-to-all-post-variables/ Share on other sites More sharing options...
PFMaBiSmAd Posted May 8, 2011 Share Posted May 8, 2011 No need to loop - $_POST = array_map('mysql_real_escape_string',$_POST); If any of your form fields are arrays, you will either need to write your own recursive function to use as the first parameter in the array_map() statement or you will need to write a simple function that uses mysql_real_escape_string on each piece of data it is passed to use with array_walk_recursive Link to comment https://forums.phpfreaks.com/topic/235871-apply-mysql_real_escape_string-to-all-post-variables/#findComment-1212498 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.