wright67uk Posted May 8, 2011 Share Posted May 8, 2011 <?php if(isset($_POST['submit'])) { $drop = mysql_real_escape_string($_POST['drop_1']); $tier_two = mysql_real_escape_string($_POST['Subtype']); $Name = mysql_real_escape_string($_POST["Name"]); $Phone = mysql_real_escape_string($_POST["Phone"]); $Email = mysql_real_escape_string($_POST["Email"]); $Postcode = mysql_real_escape_string($_POST["Postcode"]); $Website = mysql_real_escape_string($_POST["Website"]); if($Name == '') { ....... ?> Could I remove this code and use the below code and still have the same effect? <?php if(isset($_POST['submit'])) { foreach ($_POST as $key => $value) { $_POST[$key] = mysql_real_escape_string($value); } ?> Quote Link to comment https://forums.phpfreaks.com/topic/235871-apply-mysql_real_escape_string-to-all-post-variables/ Share on other sites More sharing options...
PFMaBiSmAd Posted May 8, 2011 Share Posted May 8, 2011 No need to loop - $_POST = array_map('mysql_real_escape_string',$_POST); If any of your form fields are arrays, you will either need to write your own recursive function to use as the first parameter in the array_map() statement or you will need to write a simple function that uses mysql_real_escape_string on each piece of data it is passed to use with array_walk_recursive Quote Link to comment https://forums.phpfreaks.com/topic/235871-apply-mysql_real_escape_string-to-all-post-variables/#findComment-1212498 Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.