tjverge Posted June 30, 2011 Share Posted June 30, 2011 Hello, Is there a way to make a message appear on the screen if there is an error in a foreach loop? I'm using the below code, and as long as valid information is entered into the form it works perfect, but if the wrong information is entered I want it to show on the screen "Wrong info entered" right now it just shows "Warning: Invalid argument supplied for foreach() in /home5/ccccomma/public_html/new/register.php on line 30" when entered wrong $api = mysql_real_escape_string($_POST['fullapi']); $api = stripslashes($api); $userid = mysql_real_escape_string($_POST['userid']); $userid = stripslashes($userid); $url = 'http://api.eve-dev.com/account/Characters.xml.aspx?apiKey='.$api.'&userID='.$userid; $xml = simpleXML_load_file($url,"SimpleXMLElement",LIBXML_NOCDATA); foreach ($xml->result->rowset->row as $name) { $charid = $name['characterID']; $charname = $name['name']; $corpname = $name['corporationName']; mysql_query("INSERT INTO memberpilots (id, member, cname, userid, api, cid, corpname) VALUES ('', '$username', '$charname', '$userid', '$api', '$charid', '$corpname')"); } Thank you Quote Link to comment Share on other sites More sharing options...
Pikachu2000 Posted June 30, 2011 Share Posted June 30, 2011 Since foreach() requires an array, make sure $xml is_array before allowing the foreach() loop to run. And BTW, you use mysql_real_escape_string() in a attempt to sanitize your incoming string data, then you immediately negate the escaping with stripslashes(), so the net result is you have exactly what you started with, an unsanitized string. stripslashes should not be used without first checking for magic_quotes_gpc, and then it should be used before escaping the data. if( get_magic_quotes_gpc() ) { $data = stripslashes($data); } $data = mysql_real_escape_string($data); Quote Link to comment Share on other sites More sharing options...
tjverge Posted June 30, 2011 Author Share Posted June 30, 2011 Thank you, To check the array can I do something like this? if(is_array($xml)) { do something } ELSE { show error message } Quote Link to comment Share on other sites More sharing options...
fugix Posted June 30, 2011 Share Posted June 30, 2011 to make sure that $xml is an array, yes you can do that Quote Link to comment Share on other sites More sharing options...
Pikachu2000 Posted June 30, 2011 Share Posted June 30, 2011 Yeah, that should be just fine. I also just noticed you're running the query in a loop, which should be avoided unless absolutely necessary (and it usually isn't). The better way to do it would be to build the query string in the loop, then execute the query once at the end. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.