Posted By

Tamedo on 08/14/08


Tagged


Versions (?)

Who likes this?

2 people have marked this snippet as a favorite

brent-man
jamesming


addslashes automatically to $_POST variables


 / Published in: PHP
 

  1. //create array to temporarily grab variables
  2. $input_arr = array();
  3. //grabs the $_POST variables and adds slashes
  4. foreach ($_POST as $key => $input_arr) {
  5. $_POST[$key] = addslashes($input_arr);
  6. }
  7.  
  8. // all $_POST variables have slashes added to them
  9. $f_name = $_POST["f_name"];
  10. $l_name = $_POST["l_name"];
  11. $phone_num = $_POST["phone_num"];
  12. $address1 = $_POST["address1"];
  13. $address2 = $_POST["address2"];
  14. $city = $_POST["city"];
  15. $State = $_POST["State"];
  16. $zip = $_POST["zip"];
  17.  
  18. //sql insert code goes here.

Report this snippet  

Comments

RSS Icon Subscribe to comments
Posted By: SeanJA on August 15, 2008

Umm... you don't need to create the temporary array, that is what

foreach ($vars as $var)

does... it creates a temp varriable to hold each one of $vars

If you are going to be putting it into a database, would it not be better to use mysqlrealescape_string(), also noting that add_slashes() is being dropped from the language?

You need to login to post a comment.