We Recommend

Wicked Cool PHP: Real-World Scripts That Solve Difficult Problems
Wicked Cool PHP contains a wide variety of scripts to process credit cards, check the validity of email addresses, template HTML, and serve dynamic images and text.

Posted By

Tamedo on 08/14/08

Tagged

Versions (?)

Who likes this?

2 people have marked this snippet as a favorite

brent-man
jamesming

addslashes automatically to $_POST variables

Published in: PHP

Plain TextExpand

//create array to temporarily grab variables
$input_arr = array();
//grabs the $_POST variables and adds slashes
foreach ($_POST as $key => $input_arr) {
$_POST[$key] = addslashes($input_arr);
} 
 
// all $_POST variables have slashes added to them
$f_name = $_POST["f_name"];
$l_name = $_POST["l_name"];
$phone_num = $_POST["phone_num"];
$address1 = $_POST["address1"];
$address2 = $_POST["address2"];
$city = $_POST["city"];
$State = $_POST["State"];
$zip = $_POST["zip"];
 
//sql insert code goes here.

Report this snippet

Comments

Subscribe to comments

Posted By: SeanJA on August 15, 2008

Umm... you don't need to create the temporary array, that is what

foreach ($vars as $var)

does... it creates a temp varriable to hold each one of $vars

If you are going to be putting it into a database, would it not be better to use mysql_real_escape_string(), also noting that add_slashes() is being dropped from the language?

Comment:

You need to login to post a comment.