checking a form

[desithugg]

im having trouble checking this form
[code]<form action="check.php" method="post">
Secret Question*:
<select name="starter">
<option value="pikachu" selected="selected">pikachu</option>
<option value="bulbasaur" selected="selected">bulbasaur</option>
<option value="squirtle" selected="selected">squirtle</option>
<option value="charmander" selected="selected">charmander</option>
<option value="zapdos" selected="selected">zapddos</option></option></select>
<INPUT type=submit value=Sign-up>
</form>[/code]

there are 4 real options the last 1 zapdos is invalid

[code]<?php
$starter = $HTTP_POST_VARS["starter"];
?>
<?php
$choosable = array();
$choosable[] = 'pikachu';
$choosable[] = 'charmander';
$choosable[] = 'bulbasaur';
$choosable[] = 'squirtle';
foreach($choosable as $choice) {
    $starter2 = $starter;
    if($starter2 != $choice){
        echo "You may not choose a starter that is not on the list!";
        exit();
    }
}
?>[/code]

thats the code thats supposed to check if its invalid but it gives the invalid error no matter which 1 i choose

[alpine]

Try this one, note that it's case sensitive:
[code]
<?php

if(!empty($_POST["starter"]))
{
$starter = strip_tags($_POST["starter"]);
$choosable = array("pikachu","charmander","bulbasaur","squirtle");

if (!in_array($starter, $choosable))
{
echo "You may not choose a starter that is not on the list!";
exit();
}
else
{
  // ok
}

}
else
{
  // $starter contains no data
}

?>
[/code]

Note: Since PHP 4.1.0 you should use $_POST instead of $HTTP_POST_VARS when retrieving posted variables (also on GET, COOKIE etc, consult the [a href=\"http://no.php.net/manual/en/reserved.variables.php\" target=\"_blank\"]manual[/a]