On Jan 20, 2008 10:15 PM, nihilism machine <nihilismmachine@xxxxxxxxx> wrote: > im trying to keep this php4 OOP. im just trying to clean the post/gets > and then make them all into variables with their names being the keys > to the get/post, and their values as the variables values. > > ie: $_POST['someFormInputName'] = "somevalue" ... turns into > $someFormInputName = "somevalue". > > I am not concerned about cleaning the input as i have a function > already for that. > > > > On Jan 20, 2008, at 10:06 PM, Nathan Nobbe wrote: > > > On Jan 20, 2008 9:47 PM, nihilism machine > > <nihilismmachine@xxxxxxxxx> wrote: > > how does this look? should this by me calling ... myforms = new > > forms(); work by turning all key/value pairs for both get and post > > into variable names of the same name as the get/post key, and the > > variable values as the values from the post/get? > > > > class forms { > > > > // Some stuff > > var $MyPosts; > > var $MyGets; > > var $CleanedInput; > > > > // Connect to the database > > function forms() { > > foreach($_POST as $curPostKey => $curPostVal) { > > CleanInput($curPostKey); > > $$curPostKey = $curPostVal; > > } > > foreach($_GET as $curGetKey => $curGetVal) { > > CleanInput($curGetKey); > > $$curGetKey = $curGetVal; > > } > > } > > > > // Attempt to login a user > > function CleanInput($userInput) { > > return $this->CleanedInput; > > } > > } > > > > im a little bit lost on the comments about connecting to the > > database and logging > > in a user. if you are writing a class to filter data in the $_POST > > and /or $_GET, then > > thats all it should be responsible for. > > the decision youll have to make is this; will this class simply act > > as a filter for these > > arrays, which means it will modify the data in those arrays, or will > > it leave the contents > > of those arrays unaltered and store the filtered values in instance > > variables? the design > > of the class will depend upon this decision. > > i think if you want to keep it simple, you should shoot for the > > former option. then your > > class would look something like this > > > > class InputFilter { > > public static function filterInput($optionalFilter='') { > > if(count($_GET) > 0) { > > self::filterArray($_GET, $optionalFilter); > > } > > if(count($_POST) > 0) { > > self::filterArray($_POST, $optionalFilter); > > } > > } > > > > private static function filterArray($array, $optionalFilter='') { > > foreach($array as $key => $value) { > > $$key = self::filterValue($value); > > if(!empty($optionalFilter) && > > is_callable($optionalFilter)) { > > $$key = $optionalFilter($$key); > > } > > } > > } > > > > private static function filterValue($value) { > > return trim(stripslashes($value)); /// <-- NOTE: this is > > only an example > > } > > } > > > > > > then from client space you would just say > > InputFilter::filterInput(); > > > > then, subsequently you can use $_POST and $_GET directly with the > > assumption > > that the input has been escaped. > > and, using the class above, you can also supply a custom filtering > > function as well, > > on a per-need basis; eg. > > > > function filterMsql($value) { > > return mysql_real_escape_string($value); > > } > > InputFilter::filterInput('filterMysql'); > > > > NOTE: i just typed this into my mail client, so it might not be > > perfect. > > > > -nathan > > Look up extract(). This is a horrible idea you're trying to do though. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php