/    Sign up×
Community /Pin to ProfileBookmark

sanitize an array — not PHP5

Copy linkTweet thisAlerts:
Dec 22.2005

Hey,

I have an aray of values pulled from a form.

I know I can do this in another way but was wondering if there was a way to change the values of the array as I iterate it?

[code=php]foreach($values as &$value)[/code]

gives me a parse error, probbaly because I believe that only came about in PHP5?

Is there another way to do this?

what I want is something like:

[code=php]
foreach($values as $value){
$value = addslashes($value);
}
[/code]

thanks for help

~~CM!

to post a comment
PHP

8 Comments(s)

Copy linkTweet thisAlerts:
@NogDogDec 22.2005 — [code=php]
foreach($values as $key => $value)
{
$values[$key] = stripslashes($value);
}
[/code]
Copy linkTweet thisAlerts:
@CrazyMerlinauthorDec 23.2005 — thx NogDog!
Copy linkTweet thisAlerts:
@SpectreReturnsDec 23.2005 — or
[code=php]
while(list($key, $val) = &each($array)) {
}
[/code]
Copy linkTweet thisAlerts:
@ShrineDesignsDec 23.2005 — example (phpB?[code=php]// magic quotes
if(!get_magic_quotes_gpc())
{
if(is_array($_GET))
{
while(list($k, $v) = @each($_GET))
{
if(is_array($_GET[$k]))
{
while(list($k2, $v2) = @each($_GET[$k]))
{
$_GET[$k][$k2] = addslashes($v2);
}
@reset($_GET[$k]);
}
else
{
$_GET[$k] = addslashes($v);
}
}
@reset($_GET);
}
if(is_array($_POST))
{
while(list($k, $v) = @each($_POST))
{
if(is_array($_POST[$k]))
{
while(list($k2, $v2) = @each($_POST[$k]))
{
$_POST[$k][$k2] = addslashes($v2);
}
@reset($_POST[$k]);
}
else
{
$_POST[$k] = addslashes($v);
}
}
@reset($_POST);
}
if(is_array($_COOKIE))
{
while(list($k, $v) = @each($_COOKIE))
{
if(is_array($_COOKIE[$k]))
{
while(list($k2, $v2) = @each($_COOKIE[$k]))
{
$_COOKIE[$k][$k2] = addslashes($v2);
}
@reset($_COOKIE[$k]);
}
else
{
$_COOKIE[$k] = addslashes($v);
}
}
@reset($_COOKIE);
}
}[/code]
Copy linkTweet thisAlerts:
@CrazyMerlinauthorDec 23.2005 — [code=php]
foreach($values as $key => $value)
{
$values[$key] = stripslashes($value);
}
[/code][/QUOTE]

I actually wanted to addslashes, just in case they have anything that will cause an issue in the update query string, and so would need escaping.

Anyway, it doesn't work.

I know you have to add a call-by-reference symbol '&' in an array to change the value if you wish to propagate the array. But this only works in php5 and I was wondering if they was a way to do it simply in other versions.

I will simply have to sanitize the input before putting it into my array.

@ShrineDesigns....thanks, but the whole point was to make the code as clean as possible, and what you put is far from clean code! You are using both the GET & POST arrays, and you are assuming their browser is allowing cookie handling.

Thanks for the input though.

~~CM!
Copy linkTweet thisAlerts:
@CrazyMerlinauthorDec 23.2005 — Thanks Spectre, the while list worked!
Copy linkTweet thisAlerts:
@NogDogDec 23.2005 — If using MySQL:
[code=php]
function sanitize(&$value, $key)
{
if(get_magic_quotes_gpc()) # prepare data for mysql_real_escape_string()
{
$value = stripslashes($value);
}
if(!is_numeric($value)) # if it's evaluated as numeric, it's already clean
{
$value = mysql_real_escape_string($value);
}
}

# NOTE: must be connected to mysql for mysql_real_escape_string to work:
mysql_connect('localhost','user','password') or die("DB connx");
# do the sanitizing:
array_walk($_POST, 'sanitize');
[/code]
Otherwise (not using MySQL):
[code=php]
function sanitize(&$value, $key)
{
if(!get_magic_quotes_gpc() and !is_numeric($value))
{
$value = addslashes($value);
}
}

# do the sanitizing:
array_walk($_POST, 'sanitize');
[/code]
Copy linkTweet thisAlerts:
@CrazyMerlinauthorDec 23.2005 — thx NogDog, much more what I need in the end.
×

Success!

Help @CrazyMerlin spread the word by sharing this article on Twitter...

Tweet This
Sign in
Forgot password?
Sign in with TwitchSign in with GithubCreate Account
about: ({
version: 0.1.9 BETA 5.8,
whats_new: community page,
up_next: more Davinci•003 tasks,
coming_soon: events calendar,
social: @webDeveloperHQ
});

legal: ({
terms: of use,
privacy: policy
});
changelog: (
version: 0.1.9,
notes: added community page

version: 0.1.8,
notes: added Davinci•003

version: 0.1.7,
notes: upvote answers to bounties

version: 0.1.6,
notes: article editor refresh
)...
recent_tips: (
tipper: @AriseFacilitySolutions09,
tipped: article
amount: 1000 SATS,

tipper: @Yussuf4331,
tipped: article
amount: 1000 SATS,

tipper: @darkwebsites540,
tipped: article
amount: 10 SATS,
)...