Graham Anderson wrote:
Is there a way to loop thru all of these GET requests by:
putting the GET variables into an array
processing the variable strings with trim/striptags/etc in a loop
exploding the variables back out into separate variables
I just do this:
function process_user_input($value) {
return mysql_real_escape_string(strip_tags(trim($value)));
// Or whatever processing you need
}
$_SAFE_GET = array_map('process_user_input', $_GET);
$_SAFE_POST = array_map('process_user_input', $_POST);
That way you never need to take them out of an array in the first place.
Then you can do things like:
mysql_query("INSERT INTO table (col) VALUES ('{$_SAFE_POST['val']}')");
Jasper
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
